Hi all here are my logs for a periodic malware check. Since I'm not the only one in my house using the pc I thought it would be good to do a check
Thanks,
Marc
Full Version: A periodic malware check
post them, not attach them
Malwarebytes' Anti-Malware 1.39
Database version: 2498
Windows 5.1.2600 Service Pack 3
7/25/2009 8:26:05 AM
mbam-log-2009-07-25 (08-26-04).txt
Scan type: Quick Scan
Objects scanned: 86556
Time elapsed: 23 minute(s), 41 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
---------------------------------------------------------------------------------
OTL Extras logfile created on: 7/25/2009 5:29:50 AM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
255.01 Mb Total Physical Memory | 35.01 Mb Available Physical Memory | 13.73% Memory free
617.47 Mb Paging File | 158.28 Mb Available in Paging File | 25.63% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 20.54 Gb Free Space | 55.14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MARC-HTFUOJHQ3J
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- Reg Error: Key error. File not found
.ini [@ = inifile] -- C:\WINDOWS\notepad.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\notepad.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\IMVITE\instant.exe" = C:\Program Files\IMVITE\instant.exe:*:Disabled:instant -- File not found
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- File not found
"C:\Program Files\Real\RealOne Player\realplay.exe" = C:\Program Files\Real\RealOne Player\realplay.exe:*:Disabled:RealPlayer -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- File not found
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\PCPhone\PCPhone.exe" = C:\Program Files\PCPhone\PCPhone.exe:*:Enabled:PCPhone Application -- File not found
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\WINDOWS\SYSTEM32\rtcshare.exe" = C:\WINDOWS\SYSTEM32\rtcshare.exe:*:Enabled:RTC App Sharing -- (Microsoft Corporation)
"C:\Program Files\Packet8 Softalk\Softalk\softalk.exe" = C:\Program Files\Packet8 Softalk\Softalk\softalk.exe:*:Enabled:Packet8 Softalk -- File not found
"C:\Program Files\ICallHere\ICallHere.exe" = C:\Program Files\ICallHere\ICallHere.exe:*:Enabled:ICallHere -- File not found
"C:\Program Files\QuickDialer\QuickDialer.exe" = C:\Program Files\QuickDialer\QuickDialer.exe:*:Enabled:Application -- File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Ubifone\Ubifone.exe" = C:\Program Files\Ubifone\Ubifone.exe:*:Disabled:Ubifone -- File not found
"C:\Program Files\EA GAMES\MOHAA\MOHAA.exe" = C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Disabled:Medal of Honor Allied Assault -- File not found
"C:\Program Files\Paltalk Messenger\paltalk.exe" = C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:PaltalkScene -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Conference\Conference.dll" = C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference -- (©2002-2007 Audio/Video Conference Software)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software
"{0773A806-0853-4B4D-8771-55BEF03E242B}" = Dell OpenManage Client Instrumentation
"{11C762F9-95EA-486A-A8E7-683A50C231C1}" = SmartFTP
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.4.0
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{41915CC3-BD28-43C3-9C94-1A7548DEF582}" = StuffIt Standard Edition 7.5
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.71
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{7027DA23-44F9-4226-81D5-6BEDE83B95DD}" = WebMeeting PowerPoint PlugIn
"{706D5382-7381-4680-9DD0-161832578252}" = DellTouch
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{80FD852F-5AAC-4129-B931-06AAFFA43138}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B860975-CF54-44F6-828B-3A5CA14EE825}" = Eudora
"{8EB39AA7-4019-4550-AF6C-BE51BB27B446}" = TC Web Conferencing
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A580547F-4FB6-433E-A595-21CAA858C556}" = Microsoft Office Live Small Business Image Uploader
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D3AA158A-9421-4883-8767-E771B0964A1D}" = ImageMixer VCD for FinePix
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{E3CE420E-5A14-45DC-86A0-375874F43794}" = Hummingbird HostExplorer V7.1
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"ATI Display Driver" = ATI Display Driver
"Atomic Clock Sync" = Atomic Clock Sync
"DivX Codec" = DivX Codec
"DivX Player" = DivX Player
"EPSON Printer and Utilities" = EPSON Printer Software
"ERUNT_is1" = ERUNT 1.1j
"filehippo.com" = filehippo.com Update Checker
"FileZilla" = FileZilla (remove only)
"Good Keywords v3_is1" = Good Keywords v3 042209
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Ink Monitor" = Ink Monitor
"IrfanView" = IrfanView (remove only)
"JRE 1.3.1_02" = Java 2 Runtime Environment Standard Edition v1.3.1_02
"Kerberos_is1" = Kerberos for Windows (KfW) 2.1.2
"Logitech Resource Center" = Logitech Resource Center
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarkView Web Client for Oracle Applications NCA" = MarkView Web Client for Oracle Applications NCA
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.12)" = Mozilla Firefox (3.0.12)
"Mozilla Thunderbird (2.0.0.18)" = Mozilla Thunderbird (2.0.0.18)
"MSN Music Assistant" = MSN Music Assistant
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MWASPINT" = MicroStaff WINASPI NT
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Oracle JInitiator 1.1.8.11" = Oracle JInitiator 1.1.8.11
"RealPlayer 6.0" = RealPlayer
"SecureCRT 3.0" = Van Dyke Technologies SecureCRT 3.4
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SpywareBlaster_is1" = SpywareBlaster 4.2
"SpywareGuard_is1" = SpywareGuard v2.2
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"UIU__MODEM_PCI_VEN_14F1&DEV_1033&SUBSYS_020D13E0" = Conexant HCF V90 56K Data Fax PCI Modem
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Audio/Video Conference" = Audio/Video Conference 4.2+
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.0.0.320
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ System Events ]
Error - 7/6/2009 2:57:14 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 7/6/2009 2:57:14 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
Error - 7/7/2009 2:30:58 PM | Computer Name = MARC-HTFUOJHQ3J | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 7/7/2009 2:36:09 PM | Computer Name = MARC-HTFUOJHQ3J | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 7/12/2009 12:44:15 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 7/12/2009 12:44:15 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
Error - 7/13/2009 1:24:53 PM | Computer Name = MARC-HTFUOJHQ3J | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 7/13/2009 1:55:24 PM | Computer Name = MARC-HTFUOJHQ3J | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 7/14/2009 11:21:44 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 7/14/2009 11:21:45 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
< End of report >
-------------------------------------------------------------------------------------------------------------------------
OTL logfile created on: 7/25/2009 5:29:42 AM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
255.01 Mb Total Physical Memory | 35.01 Mb Available Physical Memory | 13.73% Memory free
617.47 Mb Paging File | 158.28 Mb Available in Paging File | 25.63% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 20.54 Gb Free Space | 55.14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MARC-HTFUOJHQ3J
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\WINDOWS\Nhksrv.exe ()
PRC - C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe (Dell Computer Corporation)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\DMI\WIN32\bin\DellDmi.exe (Dell Computer Corporation)
PRC - C:\Program Files\Dell\OpenManage\Client\EventAgt.exe (Dell Computer Corporation)
PRC - C:\Program Files\Dell\OpenManage\Client\DLT.exe (Dell Computer Corporation)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Dell\OpenManage\Client\Iap.exe (Dell Computer Corporation)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\dmi\win32\bin\Win32sl.exe (Intel)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
PRC - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\filehippo.com\UpdateChecker.exe (FileHippo.com)
PRC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()
PRC - C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe (Avira GmbH)
PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (0012251245013674mcinstcleanup [Auto | Stopped]) -- File not found
SRV - (ActionAgent [Auto | Running]) -- C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe (Dell Computer Corporation)
SRV - (AntiVirScheduler [Auto | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService [Auto | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DellDmi [Auto | Running]) -- C:\DMI\WIN32\bin\DellDmi.exe (Dell Computer Corporation)
SRV - (DEventAgent [Auto | Running]) -- C:\Program Files\Dell\OpenManage\Client\EventAgt.exe (Dell Computer Corporation)
SRV - (DLT [Auto | Running]) -- C:\Program Files\Dell\OpenManage\Client\DLT.exe (Dell Computer Corporation)
SRV - (EPSONStatusAgent2 [Auto | Running]) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (Iap [Auto | Running]) -- C:\Program Files\Dell\OpenManage\Client\Iap.exe (Dell Computer Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (McAfee SiteAdvisor Service [Auto | Running]) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (Nhksrv [Auto | Running]) -- C:\WINDOWS\Nhksrv.exe ()
SRV - (UMWdf [Auto | Running]) -- C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (Win32Sl [Auto | Running]) -- C:\dmi\win32\bin\Win32sl.exe (Intel)
========== Driver Services (SafeList) ==========
DRV - (ac97intc [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\ac97intc.sys (Intel Corporation)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ati2mpaa [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ati2mpaa.sys (ATI Technologies Inc.)
DRV - (ati2mtaa [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtaa.sys (ATI Technologies Inc.)
DRV - (avgio [System | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (avgntflt [On_Demand | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avipbb [System | Running]) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys (Avira GmbH)
DRV - (bvrp_pci [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\bvrp_pci.sys ()
DRV - (Cdr4_xp [System | Running]) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (Cdralw2k [System | Running]) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (cdudf_xp [System | Running]) -- C:\WINDOWS\System32\drivers\cdudf_xp.sys (Roxio)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (dvd_2K [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\Dvd_2k.sys (Roxio)
DRV - (EL90XBC [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\el90xbc5.sys (3Com Corporation)
DRV - (Eplpdx02 [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\EPLPDX02.SYS (MK Systems CO., LTD.)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HCF_MSFT [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys (Conexant)
DRV - (hpt3xx [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\hpt3xx.sys (HighPoint Technologies, Inc.)
DRV - (itchfltr [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\itchfltr.sys (Logitech, Inc.)
DRV - (l8042pr2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\L8042Pr2.sys (Logitech, Inc.)
DRV - (LKbdFlt2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\LKbdFlt2.sys (Logitech, Inc.)
DRV - (LMouFlt2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\LMouFlt2.sys (Logitech, Inc.)
DRV - (MASPINT [Auto | Running]) -- C:\WINDOWS\System32\drivers\MASPINT.SYS (MicroStaff Co.,Ltd.)
DRV - (mmc_2K [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\Mmc_2k.sys (Roxio)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (Msikbd2k [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\msikbd2k.sys (Netropa Corporation)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nv4 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4.sys (NVIDIA Corporation)
DRV - (omci [System | Running]) -- C:\WINDOWS\System32\Drivers\omci.sys (Dell Computer Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (pwd_2k [System | Running]) -- C:\WINDOWS\System32\drivers\pwd_2K.sys (Roxio)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (ssmdrv [System | Running]) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (Avira GmbH)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (UdfReadr_xp [System | Running]) -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys (Roxio)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (Winachcf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\winachcf.sys (Conexant)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://go.microsoft.com/fwlink/?LinkId=69157 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5A 49 5C 09 62 0A CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2009/06/24 12:29:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/24 07:10:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/23 17:02:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.18\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/03/08 18:54:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.18\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/06/14 16:01:18 | 00,000,000 | ---D | M]
[2008/06/29 15:32:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2008/06/29 15:32:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/24 20:33:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\default.y72\extensions
[2009/07/24 20:32:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\default.y72\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2005/12/16 17:28:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\default.y72\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009/07/24 20:33:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/23 17:02:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/12/02 07:48:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/07/19 10:28:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/07/24 20:32:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\browserhighlighter@ebay.com
[2009/07/23 17:02:23 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/23 17:02:23 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2006/01/31 10:21:36 | 00,040,960 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formback.dll
[2006/01/31 10:21:40 | 00,053,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formcal.dll
[2006/01/31 10:21:44 | 00,086,016 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formclok.dll
[2006/01/31 10:21:48 | 00,065,536 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formfade.dll
[2006/01/31 10:21:54 | 00,077,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formfile.dll
[2006/01/31 10:22:22 | 00,143,360 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formflds.dll
[2006/01/31 10:22:28 | 00,053,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formgif.dll
[2006/01/31 10:22:50 | 00,167,936 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formgrid.dll
[2006/01/31 10:22:54 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formhpic.dll
[2006/01/31 10:22:58 | 00,057,344 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formicon.dll
[2006/01/31 10:23:02 | 00,053,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\Forminfo.dll
[2006/01/31 10:23:42 | 00,147,456 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formjpeg.dll
[2006/01/31 10:23:48 | 00,049,152 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formlink.dll
[2006/01/31 10:23:50 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formmarq.dll
[2006/01/31 10:24:10 | 00,143,360 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formmask.dll
[2006/01/31 10:24:16 | 00,061,440 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formport.dll
[2006/01/31 10:24:32 | 00,106,496 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formpri.dll
[2006/01/31 10:24:36 | 00,049,152 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formprog.dll
[2006/01/31 10:24:42 | 00,077,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formqt3.dll
[2006/01/31 10:24:48 | 00,049,152 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formroll.dll
[2006/01/31 10:24:54 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formsbar.dll
[2006/01/31 10:24:58 | 00,053,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formslid.dll
[2006/01/31 10:25:10 | 00,065,536 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formtbar.dll
[2006/01/31 10:25:14 | 00,036,864 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formtile.dll
[2006/01/31 10:25:18 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formtime.dll
[2006/01/31 10:25:22 | 00,040,960 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formtran.dll
[2006/01/31 10:25:28 | 00,077,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\Formtree.dll
[2006/01/31 10:25:32 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formwash.dll
[2008/01/03 19:19:06 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/06/27 17:03:12 | 01,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/07/23 17:02:29 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2005/06/21 16:16:04 | 00,139,305 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2008/12/31 03:04:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2008/12/31 03:04:06 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2008/12/31 03:04:07 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2008/12/31 03:04:07 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2008/12/31 03:04:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2008/12/31 03:04:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2008/12/31 03:04:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2005/06/21 16:16:51 | 00,024,621 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2005/06/21 16:15:51 | 00,081,967 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2006/01/31 10:25:54 | 00,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\np_orfc.dll
[2005/10/05 14:03:08 | 00,122,880 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\orfc.dll
[2006/01/31 10:28:28 | 00,200,704 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\orfcexec.dll
[2006/01/31 10:20:14 | 00,245,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\orfcgui.dll
[2006/01/31 10:21:14 | 00,249,856 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\Orfcmain.dll
[2009/04/25 20:38:24 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/25 20:38:24 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/25 20:38:24 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/25 20:38:24 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/25 20:38:24 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/25 20:38:24 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/25 20:38:25 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (611053 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com
O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie]
O1 - Hosts: 16309 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe (BillP Studios)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc. )
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\ccleaner.exe File not found
O4 - HKCU..\Run: [filehippo.com] C:\Program Files\filehippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\System32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O8 - Extra context menu item: &AIM Search - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe File not found
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: 73 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0000000A-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmsp9dmo.cab (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} http://housecall60.trendmicro.com/housecall/xscan60.cab (HouseCall Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2C8EEB84-6D60-11D4-BD64-0050048A82BF} http://tech-a.mhi.aol.com/netagent/objects/custappx2.CAB (eshare communications NetAgent Customer ActiveX Control version 2)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/...7442.4892476852 (Reg Error: Key error.)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} https://music.msn.com/client/msnmusax3503.cab (MsnMusicAx Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ic32pp {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll ()
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/08/31 10:02:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
NetSvcs: Ip6FwHlp - Service key not found. File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
SafeBootMin: AVG Anti-Spyware Driver - Driver
SafeBootMin: AVG Anti-Spyware Guard - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AVG Anti-Spyware Driver - Driver
SafeBootNet: AVG Anti-Spyware Guard - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {2eac6a2d-57a8-44d4-96f7-e32bab40ca5f} - Windows Update
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\System32\Setup\FxsOcm.dll,XP_UninstallProvider
ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {C34F4917-ED43-439f-9023-97B0024A2B3B} - Q810847
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error.
ActiveX: {D7B44F3E-77D3-44C5-8E03-4222D9A18B7B} - Q321232
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: {f5de1b93-9d38-416b-b09e-aa85a8e84309} - Q818529
ActiveX: {F9C174E3-3E87-40bc-AA94-B8974F2B9222} - Q813489
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{C65B1DAA-AA25-4A0D-83A8-37CFF6808797}C0022D - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
========== Files/Folders - Created Within 30 Days ==========
[2009/07/25 05:25:14 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/07/24 20:32:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/07/24 20:28:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Good Keywords v3
[2009/07/24 20:07:39 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Good Keywords v3.lnk
[2009/07/24 20:07:35 | 00,000,000 | ---D | C] -- C:\Program Files\Softnik Technologies
[2009/07/24 11:00:13 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/07/24 10:59:13 | 00,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\Administrator\Desktop\Rooter.exe
[2009/07/24 08:35:12 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/24 08:35:08 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/24 08:35:04 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/24 08:35:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/24 08:34:30 | 03,775,176 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/07/24 08:03:59 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/07/24 08:01:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\7-24-2009
[2009/07/24 08:00:19 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/07/24 08:00:19 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/07/24 08:00:16 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/07/24 07:58:42 | 00,794,112 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\The_Comedian.exe
[2009/07/23 19:15:27 | 00,002,344 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2009/07/23 16:42:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2009/07/23 16:37:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Temp
[2009/07/23 16:37:29 | 00,001,010 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500UA.job
[2009/07/23 16:37:23 | 00,000,958 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500Core.job
[2009/07/23 16:35:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2009/07/16 21:32:30 | 00,098,304 | ---- | C] (TechSmith Corporation) -- C:\WINDOWS\System32\tsccvid.dll
[2009/07/12 21:39:46 | 00,469,504 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/07/12 16:02:39 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Shalom1.doc
[2009/07/09 10:16:17 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PTSPO(1).xls
[2009/06/29 15:03:48 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/06/29 15:02:57 | 00,000,000 | ---D | C] -- C:\Program Files\eFax Messenger 4.4
[2009/06/27 19:55:21 | 00,155,731 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\APTACRC.png
[2008/06/21 14:27:29 | 00,000,210 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2007/03/15 03:25:16 | 00,000,105 | ---- | C] () -- C:\WINDOWS\System32\TTAdmin.ini
[2006/08/05 14:00:34 | 00,000,141 | ---- | C] () -- C:\WINDOWS\System32\sms2call.ini
[2006/01/01 10:22:17 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2005/05/03 12:44:44 | 00,025,157 | ---- | C] () -- C:\WINDOWS\RMAgentOutput.dll
[2005/05/03 12:43:44 | 00,126,976 | ---- | C] () -- C:\WINDOWS\dllTSCLIBMT.dll
[2005/03/03 17:16:42 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2005/03/01 15:30:20 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2004/12/23 06:04:05 | 00,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[2004/12/23 06:04:05 | 00,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[2004/12/11 02:49:05 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/11/23 19:09:41 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\ITNetUtils.dll
[2004/11/23 19:09:40 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\diffiedll.dll
[2004/11/23 19:09:34 | 00,005,576 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2004/10/01 18:33:46 | 00,000,679 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2004/05/13 03:54:44 | 00,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/04/23 11:41:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\impborl.dll
[2004/02/06 15:11:36 | 00,000,044 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2004/01/29 19:20:28 | 00,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2004/01/29 15:23:43 | 00,096,768 | ---- | C] () -- C:\WINDOWS\System32\LGUICOM.DLL
[2003/12/21 10:20:46 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2003/12/21 10:20:45 | 00,000,296 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2003/10/25 08:36:32 | 00,000,092 | ---- | C] () -- C:\WINDOWS\EBrander.INI
[2003/10/25 08:14:26 | 00,000,090 | ---- | C] () -- C:\WINDOWS\EBrander[1].INI
[2003/09/09 03:53:48 | 00,000,027 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/08/21 07:05:01 | 00,068,100 | ---- | C] () -- C:\WINDOWS\System32\Cheetah2.DLL
[2003/08/14 04:34:57 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/08/13 03:16:29 | 00,051,712 | ---- | C] () -- C:\WINDOWS\wc98pp.dll
[2003/08/05 03:28:24 | 00,000,295 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2003/08/05 03:28:24 | 00,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2003/08/05 03:28:24 | 00,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2003/06/19 17:20:12 | 00,000,138 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2003/05/13 07:52:18 | 00,000,478 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/04/28 02:53:28 | 00,000,208 | ---- | C] () -- C:\WINDOWS\ActiveAct.INI
[2003/04/27 15:50:32 | 00,000,092 | ---- | C] () -- C:\WINDOWS\ka.ini
[2003/04/16 14:53:28 | 00,000,847 | ---- | C] () -- C:\WINDOWS\disney.ini
[2003/03/27 06:28:44 | 00,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2003/01/31 18:17:28 | 00,000,078 | ---- | C] () -- C:\WINDOWS\TONKA.INI
[2003/01/31 13:50:46 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2003/01/04 14:40:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\BBCAuto.INI
[2002/11/17 13:55:06 | 00,001,017 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2002/10/12 07:09:16 | 00,050,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2002/10/11 13:15:38 | 00,002,969 | ---- | C] () -- C:\WINDOWS\VTruck4.ini
[2002/10/11 12:35:56 | 00,002,149 | ---- | C] () -- C:\WINDOWS\VTruck3.ini
[2002/10/11 11:56:57 | 00,002,068 | ---- | C] () -- C:\WINDOWS\VTruck2.ini
[2002/10/11 11:00:19 | 00,002,015 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2002/09/16 12:48:50 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2002/09/13 22:45:21 | 00,000,023 | ---- | C] () -- C:\WINDOWS\EPC60.ini
[2002/09/13 17:40:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2002/07/09 14:56:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2002/07/09 14:56:17 | 00,051,712 | ---- | C] () -- C:\WINDOWS\System32\JinPanel.dll
[2002/07/04 16:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2002/06/07 23:17:18 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/06/07 23:11:18 | 00,000,312 | ---- | C] () -- C:\WINDOWS\MMKEYBD.INI
[2002/06/07 23:11:18 | 00,000,269 | ---- | C] () -- C:\WINDOWS\MSIOSD.INI
[2002/06/07 23:11:16 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2002/06/07 23:11:08 | 00,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2002/06/07 23:08:34 | 00,000,898 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/06/07 22:52:08 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002/03/20 09:40:43 | 00,000,230 | ---- | C] () -- C:\WINDOWS\krb5.ini
[2001/12/14 14:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/08/31 10:01:58 | 00,001,017 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2001/08/31 09:53:54 | 00,000,346 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2001/08/02 12:56:12 | 00,028,672 | ---- | C] () -- C:\WINDOWS\MMKeybd.dll
[1999/08/12 01:00:00 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/08/12 01:00:00 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1999/07/23 14:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 11:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1997/06/06 04:08:30 | 00,023,040 | ---- | C] () -- C:\WINDOWS\System32\CSSMS_IN.DLL
========== Files - Modified Within 30 Days ==========
[2009/07/25 05:25:30 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/07/25 05:16:25 | 00,000,478 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/07/25 04:42:01 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500UA.job
[2009/07/24 20:07:39 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Good Keywords v3.lnk
[2009/07/24 16:42:05 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500Core.job
[2009/07/24 11:10:08 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/07/24 11:08:46 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/07/24 11:08:17 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/07/24 11:07:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/24 11:07:26 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/07/24 11:07:24 | 26,746,8800 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/24 10:59:15 | 00,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Administrator\Desktop\Rooter.exe
[2009/07/24 08:35:12 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/24 08:34:35 | 03,775,176 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/07/24 08:04:00 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/07/24 08:00:19 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/07/24 08:00:19 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/07/24 07:58:51 | 00,794,112 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\The_Comedian.exe
[2009/07/23 19:15:27 | 00,002,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2009/07/23 12:33:52 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/07/18 16:44:38 | 00,022,584 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
[2009/07/16 03:10:15 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/07/13 19:06:26 | 02,577,952 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 008.jpg
[2009/07/13 19:06:19 | 02,601,504 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 007.jpg
[2009/07/13 19:06:11 | 02,574,164 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 006.jpg
[2009/07/13 19:06:05 | 02,549,347 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 005.jpg
[2009/07/13 19:05:57 | 02,534,460 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 004.jpg
[2009/07/13 19:05:50 | 02,596,658 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 003.jpg
[2009/07/13 19:05:35 | 02,553,286 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 001.jpg
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/12 21:39:46 | 00,469,504 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/07/12 16:02:40 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Shalom1.doc
[2009/07/09 10:16:30 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PTSPO(1).xls
[2009/07/07 11:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/06/27 19:55:31 | 00,155,731 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\APTACRC.png
========== LOP Check ==========
[2009/06/09 14:17:24 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Application Data
[2005/01/13 14:52:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Aim
[2002/09/29 15:17:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Aladdin Systems
[2006/12/03 16:05:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Chaos Software
[2008/01/26 09:37:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FUJIFILM
[2004/02/20 11:10:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQ
[2003/04/22 16:38:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Interact Commerce
[2009/06/29 15:02:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\j2 Global
[2004/05/27 02:39:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Lycos
[2004/02/14 18:13:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MailWasher
[2009/05/17 21:43:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Move Networks
[2004/02/04 20:47:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MSN6
[2008/08/26 15:24:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Paltalk
[2005/08/08 13:36:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PCPhone
[2005/10/09 12:46:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Roxio
[2003/11/12 15:32:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SmartFTP
[2004/11/19 06:11:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Thunderbird
[2005/01/13 14:43:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WeatherBug
[2009/07/24 20:32:40 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2006/02/11 04:40:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2006/12/03 15:34:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chaos Software
[2008/02/27 03:12:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2008/02/27 02:50:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2007/08/15 03:05:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2002/07/08 12:55:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hummingbird
[2003/04/27 15:50:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Knowledge Adventure
[2002/09/13 22:27:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2005/10/09 12:44:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2002/06/07 23:10:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/06/18 07:05:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2005/01/12 13:19:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2002/07/08 15:04:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Van Dyke Technologies
[2005/11/13 07:20:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/07/23 12:33:52 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001/08/18 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI
[2009/07/24 16:42:05 | 00,000,958 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500Core.job
[2009/07/25 04:42:01 | 00,001,010 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500UA.job
[2009/07/24 11:07:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2006/02/26 08:21:41 | 00,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
[2009/07/24 11:08:46 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Custom Scans ==========
< %systemroot%\System32\antiwpa.dll >
< %systemroot%\SYSTEM32\wpa.dll >
< %systemroot%\setup\scripts\biestart.exe >
< %systemroot%\system32\drivers\royal.sys >
< %systemroot%\system32\oobe\AntiWPA_Crypt.dll >
< %TEMP%\antiwpa_crypt.dll >
< %TEMP%\antiwpa.dll /s >
< %PROGRAMFILES%\antiwpa.dll /s >
< %systemroot%\system32\crypt.dll >
< %TEMP%\crypt.dll >
< %SYSTEMDRIVE%\*. >
[2009/07/25 05:25:28 | 00,000,000 | ---D | M] -- C:
[2009/04/06 19:02:10 | 00,000,000 | ---D | M] -- C:\041bd71962f979c68ea75034d1
[2009/03/30 19:01:49 | 00,000,000 | ---D | M] -- C:\043a72f87f933608de60efd676
[2009/03/13 19:01:27 | 00,000,000 | ---D | M] -- C:\0876fe7cae23e79cc0
[2009/03/06 20:01:54 | 00,000,000 | ---D | M] -- C:\0c20ba8fcd68fed508377dba2d
[2009/03/23 19:03:40 | 00,000,000 | ---D | M] -- C:\0c2d7204e5b1f1f78191783c58
[2009/03/07 20:01:36 | 00,000,000 | ---D | M] -- C:\10e66b00735cb6e01e
[2009/03/04 20:01:02 | 00,000,000 | ---D | M] -- C:\12da9b904b415fdbc8e5ff
[2008/01/27 07:22:53 | 00,000,000 | ---D | M] -- C:\15Ideas
[2009/04/16 03:23:38 | 00,000,000 | ---D | M] -- C:\17f4171752c0520a998d516c07a6285f
[2009/04/11 19:02:47 | 00,000,000 | ---D | M] -- C:\1a3bc519fa51859c1c9efc
[2009/04/13 19:01:30 | 00,000,000 | ---D | M] -- C:\25dd9edbc2ac518c059485075f01
[2009/04/04 04:17:08 | 00,000,000 | ---D | M] -- C:\27631d91022693547d91d0f4ef56635b
[2009/03/11 03:07:38 | 00,000,000 | ---D | M] -- C:\2be4fe7027faf6973ee97898
[2009/04/12 19:03:00 | 00,000,000 | ---D | M] -- C:\333ccf56594df8f5f2e844ac
[2009/04/17 19:01:21 | 00,000,000 | ---D | M] -- C:\3a9cf7148ef2ee855a3de8
[2009/04/02 19:01:42 | 00,000,000 | ---D | M] -- C:\3b6bd6d5c866381d0010105f
[2009/04/10 19:03:27 | 00,000,000 | ---D | M] -- C:\3c47c2378eaf082ed9f73417aa
[2009/03/31 19:01:34 | 00,000,000 | ---D | M] -- C:\4fe8ee7e2ae555aca6ae034d287c9892
[2009/04/08 19:02:36 | 00,000,000 | ---D | M] -- C:\53f18c54fd4ffe604bdd01aa
[2009/03/14 19:01:04 | 00,000,000 | ---D | M] -- C:\57ded77cd0adb64171c5be8e3a62e03f
[2009/03/05 20:01:01 | 00,000,000 | ---D | M] -- C:\5b181d4cc9b43bdb5c9bab07
[2009/04/14 19:01:29 | 00,000,000 | ---D | M] -- C:\626ce5cc20206a5ba62e97
[2006/09/08 03:53:19 | 00,000,000 | ---D | M] -- C:\63299ca1da8e6bafe2cc6e79
[2009/03/15 19:03:07 | 00,000,000 | ---D | M] -- C:\63e181cbeed22cc68c2885bd
[2009/04/18 03:02:40 | 00,000,000 | ---D | M] -- C:\67e69235280ccad3731b2f7cd8d5d126
[2009/03/19 19:01:09 | 00,000,000 | ---D | M] -- C:\6bdd14e33a1a6bde87249c6e
[2009/03/21 19:14:37 | 00,000,000 | ---D | M] -- C:\767b60b94206680ad20958868e9dce
[2009/03/26 19:01:03 | 00,000,000 | ---D | M] -- C:\788166f9f02308bc05
[2009/04/01 19:02:30 | 00,000,000 | ---D | M] -- C:\7909dd250a793e05035a
[2009/03/03 20:01:13 | 00,000,000 | ---D | M] -- C:\79975648d8cd58c56f5b
[2009/03/29 19:03:38 | 00,000,000 | ---D | M] -- C:\7a9b67b8c7a75cfa2a67fe
[2009/03/20 19:01:03 | 00,000,000 | ---D | M] -- C:\85b3274e632dd1f7c4ffe7cb66eb
[2009/04/07 19:01:22 | 00,000,000 | ---D | M] -- C:\8a1dd267bd65368235cd81
[2009/03/02 20:01:28 | 00,000,000 | ---D | M] -- C:\90b272b411e4bb7ee7
[2009/03/24 19:03:17 | 00,000,000 | ---D | M] -- C:\91ae08f2dd5d5dc74ec4
[2009/03/12 09:39:24 | 00,000,000 | ---D | M] -- C:\92ac2686779de5dd613ab6
[2009/03/17 19:01:08 | 00,000,000 | ---D | M] -- C:\95a83f668240de1de6805c8659d4
[2009/03/01 20:01:47 | 00,000,000 | ---D | M] -- C:\95eac33077894f2850c680105301
[2009/02/27 20:01:03 | 00,000,000 | ---D | M] -- C:\96e1f3634e2efe5a65edb955e8dae1
[2009/03/08 20:02:08 | 00,000,000 | ---D | M] -- C:\974c6abe01bd1bb0a3055c64d586c8b5
[2009/04/03 03:01:54 | 00,000,000 | ---D | M] -- C:\a65d2063ccf13ce5a18c542938f8fb
[2009/06/20 06:46:51 | 00,000,000 | ---D | M] -- C:\a9598c71426f942acb9c
[2009/03/10 19:02:07 | 00,000,000 | ---D | M] -- C:\b98589b969cf0d1b8030
[2009/03/22 19:02:04 | 00,000,000 | ---D | M] -- C:\bd1ea0631d50a6650948b34cee63
[2009/03/16 19:02:23 | 00,000,000 | ---D | M] -- C:\c2c7bb5f3483adca303287
[2009/06/07 20:38:05 | 00,000,000 | ---D | M] -- C:\chatterbox
[2009/06/29 15:51:13 | 00,000,000 | -HSD | M] -- C:\Config.Msi
[2008/12/22 17:38:55 | 00,000,000 | ---D | M] -- C:\DELL
[2002/06/07 23:13:12 | 00,000,000 | ---D | M] -- C:\DMI
[2006/02/11 04:39:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings
[2002/06/07 22:50:36 | 00,000,000 | ---D | M] -- C:\DRIVERS
[2009/03/18 19:01:55 | 00,000,000 | ---D | M] -- C:\e8752b38ea7ed3d54e
[2009/04/05 19:01:45 | 00,000,000 | ---D | M] -- C:\ed1f1524f5bceba2a1629745270b
[2003/09/13 13:23:32 | 00,000,000 | ---D | M] -- C:\EDB_License
[2005/06/24 16:43:50 | 00,000,000 | ---D | M] -- C:\editorder.php_files
[2009/04/03 05:21:53 | 00,000,000 | ---D | M] -- C:\efe88ef67164febf9d92fa6ae9bfba44
[2002/09/13 22:47:08 | 00,000,000 | ---D | M] -- C:\EPSONREG
[2009/03/09 19:02:28 | 00,000,000 | ---D | M] -- C:\f0af6762d70bf448ab
[2009/03/25 19:02:20 | 00,000,000 | ---D | M] -- C:\f3e7093ae49a98349e701fe8
[2009/03/27 03:01:30 | 00,000,000 | ---D | M] -- C:\f4ec735ed499f55941b0713593
[2009/04/09 19:01:42 | 00,000,000 | ---D | M] -- C:\f66364627239edf4b09a3c899588af
[2009/03/28 19:01:51 | 00,000,000 | ---D | M] -- C:\f9655791c8c76f3537b8
[2009/02/28 20:01:27 | 00,000,000 | ---D | M] -- C:\ff68e222d4b699ebf0b565eaf9828e0f
[2008/11/16 06:18:27 | 00,000,000 | -HSD | M] -- C:\found.000
[2008/08/23 08:57:12 | 00,000,000 | ---D | M] -- C:\fsaua.data
[2003/01/31 18:21:38 | 00,000,000 | ---D | M] -- C:\HASBRO
[2003/09/22 18:37:48 | 00,000,000 | ---D | M] -- C:\hegames
[2003/07/08 17:56:17 | 00,000,000 | ---D | M] -- C:\I386
[2003/12/21 10:20:46 | 00,000,000 | ---D | M] -- C:\MWASPINT
[2003/11/10 10:50:12 | 00,000,000 | ---D | M] -- C:\My Download Files
[2006/12/29 13:02:34 | 00,000,000 | ---D | M] -- C:\New Folder
[2009/07/24 20:07:35 | 00,000,000 | ---D | M] -- C:\Program Files
[2002/09/13 19:54:53 | 00,000,000 | -HSD | M] -- C:\RECYCLER
[2009/07/24 11:00:14 | 00,000,000 | ---D | M] -- C:\Rooter$
[2005/06/02 14:46:54 | 00,000,000 | ---D | M] -- C:\St Johns Invoice_files
[2004/09/06 14:51:30 | 00,000,000 | -HSD | M] -- C:\System Volume Information
[2007/11/22 15:03:39 | 00,000,000 | ---D | M] -- C:\TEMP
[2007/03/15 03:23:14 | 00,000,000 | ---D | M] -- C:\TorahTeacher
[2009/07/20 22:44:41 | 00,000,000 | ---D | M] -- C:\unzipped
[2009/07/17 04:05:18 | 00,000,000 | ---D | M] -- C:\WINDOWS
[2003/08/14 05:09:03 | 00,000,000 | -H-D | M] -- C:\WUTemp
< %SYSTEMDRIVE%\*.* >
[2005/06/11 05:31:57 | 00,017,066 | ---- | M] () -- C:\0259BS.jpg
[2005/06/11 14:00:33 | 00,008,650 | ---- | M] () -- C:\10192.jpg
[2005/06/11 13:54:20 | 00,013,577 | ---- | M] () -- C:\10331b.jpg
[2005/06/11 13:46:45 | 00,010,549 | ---- | M] () -- C:\10910.jpg
[2003/05/15 14:58:06 | 00,015,178 | ---- | M] () -- C:\150_premium_2003-5-10.txt
[2005/06/13 02:27:36 | 00,011,331 | ---- | M] () -- C:\4490_web.jpg
[2005/06/08 02:47:19 | 00,030,864 | ---- | M] () -- C:\880f65e1-c323-4ca0-aa65-f13d16c85274.jpg
[2005/06/13 14:25:43 | 00,011,587 | ---- | M] () -- C:\A401_web.jpg
[2008/02/27 03:12:08 | 00,000,000 | ---- | M] () -- C:\AdobeDebug.txt
[2005/01/13 16:22:44 | 00,004,296 | ---- | M] () -- C:\atlog.txt
[2001/08/31 10:02:00 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2005/06/08 02:33:40 | 00,008,300 | ---- | M] () -- C:\bankers_db_header.gif
[2003/10/25 08:13:15 | 00,400,379 | ---- | M] (Developed by Client-Server Programs Ltd. -- www.web-space-station.com) -- C:\bestheadlines.exe
[2004/09/06 14:43:03 | 00,000,211 | RHS- | M] () -- C:\BOOT.INI
[2001/08/31 09:45:10 | 00,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2006/02/11 20:54:39 | 00,008,048 | ---- | M] () -- C:\caavsetup.log
[2007/02/12 15:06:46 | 00,035,113 | ---- | M] () -- C:\caavsetupLog.txt
[2008/01/20 22:52:10 | 00,016,761 | ---- | M] () -- C:\caisslog.txt
[2005/06/07 03:06:46 | 00,031,827 | ---- | M] () -- C:\Cap.jpg
[2005/06/18 08:13:04 | 00,002,527 | ---- | M] () -- C:\cingularlogo.gif
[2009/07/22 21:29:37 | 00,000,688 | ---- | M] () -- C:\clientlog.txt
[2001/08/31 10:02:00 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004/11/19 07:34:44 | 00,027,698 | ---- | M] () -- C:\Contacts_Sidebar_0.4.xpi
[2004/11/15 10:56:32 | 00,723,926 | ---- | M] () -- C:\crash.txt
[2001/07/25 17:25:32 | 00,002,238 | ---- | M] () -- C:\CSuprt.ico
[2002/06/07 22:53:28 | 00,003,156 | RH-- | M] () -- C:\DELL.SDR
[2005/06/11 13:58:17 | 00,014,553 | ---- | M] () -- C:\denim.jpg
[2001/08/01 10:50:52 | 00,000,766 | R--- | M] () -- C:\desktop.ico
[2005/06/24 16:43:50 | 00,044,687 | ---- | M] () -- C:\editorder.php.htm
[2009/07/24 11:07:24 | 26,746,8800 | -HS- | M] () -- C:\hiberfil.sys
[2001/08/31 10:02:00 | 00,000,000 | -H-- | M] () -- C:\IO.SYS
[2005/01/31 11:04:50 | 00,000,981 | -H-- | M] () -- C:\IPH.PH
[2005/06/13 14:26:41 | 00,009,860 | ---- | M] () -- C:\J1380_web.jpg
[2005/06/13 14:26:28 | 00,013,408 | ---- | M] () -- C:\J1400_web.jpg
[2005/06/13 14:26:47 | 00,011,575 | ---- | M] () -- C:\J180_web.jpg
[2005/06/13 14:25:38 | 00,011,766 | ---- | M] () -- C:\J2140_web.jpg
[2005/06/13 14:25:53 | 00,010,931 | ---- | M] () -- C:\J2200_web.jpg
[2005/06/13 14:25:18 | 00,009,764 | ---- | M] () -- C:\J2220_web.jpg
[2005/06/13 14:25:57 | 00,011,124 | ---- | M] () -- C:\J2240_web.jpg
[2005/06/12 12:49:56 | 00,012,300 | ---- | M] () -- C:\J260_web.jpg
[2005/06/13 14:26:57 | 00,011,270 | ---- | M] () -- C:\J3100_web.jpg
[2005/06/13 14:26:24 | 00,010,371 | ---- | M] () -- C:\j3120_web.jpg
[2005/06/13 14:25:33 | 00,013,036 | ---- | M] () -- C:\J4060_web.jpg
[2005/06/13 14:26:35 | 00,010,134 | ---- | M] () -- C:\J4500_web.jpg
[2005/06/13 14:26:52 | 00,010,463 | ---- | M] () -- C:\J4600_web.jpg
[2005/06/13 14:25:07 | 00,010,140 | ---- | M] () -- C:\J5080_web.jpg
[2005/06/13 14:25:24 | 00,011,894 | ---- | M] () -- C:\J540_web.jpg
[2005/06/13 14:26:19 | 00,008,462 | ---- | M] () -- C:\J580_web.jpg
[2005/06/13 14:25:48 | 00,008,225 | ---- | M] () -- C:\J760_web.jpg
[2005/06/13 14:27:01 | 00,008,869 | ---- | M] () -- C:\J9200_web.jpg
[2005/05/21 06:09:41 | 00,002,630 | ---- | M] () -- C:\logo-union_ezr.gif
[2005/07/01 21:47:13 | 00,005,047 | ---- | M] () -- C:\logo_shopfort1.gif
[2005/05/09 19:38:30 | 00,002,459 | ---- | M] () -- C:\Made in USA image
[2005/06/07 02:13:16 | 00,011,193 | ---- | M] () -- C:\Modern Line.gif
[2001/08/31 10:02:00 | 00,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2005/06/19 06:50:38 | 00,003,539 | ---- | M] () -- C:\new_coglogo.gif
[2006/02/12 22:01:49 | 00,393,915 | ---- | M] () -- C:\nonav.log
[2004/09/06 14:25:03 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/12/28 05:15:44 | 00,250,048 | RHS- | M] () -- C:\NTLDR
[2003/05/05 14:59:10 | 00,000,541 | -H-- | M] () -- C:\os412887.bin
[2009/07/24 11:07:15 | 40,265,3184 | -HS- | M] () -- C:\pagefile.sys
[2005/06/13 02:29:44 | 00,013,167 | ---- | M] () -- C:\prodnav_r1_c1_f2.jpg
[2005/06/13 02:30:57 | 00,013,151 | ---- | M] () -- C:\prodnav_r1_c3_f2.jpg
[2005/06/07 03:02:39 | 00,005,212 | ---- | M] () -- C:\rightside_14.jpg
[2005/07/01 21:38:43 | 00,003,024 | ---- | M] () -- C:\shopdsl_logo_small.gif
[2005/06/02 14:46:54 | 00,041,350 | ---- | M] () -- C:\St Johns Invoice.htm
[2005/06/17 14:25:00 | 00,005,076 | ---- | M] () -- C:\tag.gif
[2005/07/01 21:32:08 | 00,006,470 | ---- | M] () -- C:\telecommagic.gif
[2007/03/15 03:27:40 | 00,000,031 | ---- | M] () -- C:\TTAcnt.ini
[2005/06/10 19:54:53 | 00,002,224 | ---- | M] () -- C:\union.gif
[2005/06/13 14:26:01 | 00,010,038 | ---- | M] () -- C:\USAFreedom_web.jpg
[2006/08/19 20:28:21 | 00,000,162 | ---- | M] () -- C:\YServer.txt
< %PROGRAMFILES%\*. >
[2009/07/24 20:07:35 | 00,000,000 | ---D | M] -- C:\Program Files
[2002/07/09 14:57:19 | 00,000,000 | ---D | M] -- C:\Program Files\170 Systems
[2008/12/27 18:29:04 | 00,000,000 | ---D | M] -- C:\Program Files\ABC Amber EPS Converter
[2004/02/14 18:26:23 | 00,000,000 | ---D | M] -- C:\Program Files\ACT
[2003/04/26 14:15:13 | 00,000,000 | ---D | M] -- C:\Program Files\Activision Value
[2009/06/14 16:03:31 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2005/01/13 14:44:49 | 00,000,000 | ---D | M] -- C:\Program Files\AIM Toolbar
[2004/02/14 20:01:47 | 00,000,000 | ---D | M] -- C:\Program Files\AIM95
[2002/07/09 17:35:33 | 00,000,000 | ---D | M] -- C:\Program Files\Aladdin Systems
[2008/12/27 19:05:01 | 00,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2005/09/20 18:35:17 | 00,000,000 | ---D | M] -- C:\Program Files\aod
[2009/04/03 20:41:31 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2003/01/31 19:52:50 | 00,000,000 | ---D | M] -- C:\Program Files\Atomic Clock Sync
[2009/01/29 04:44:59 | 00,000,000 | ---D | M] -- C:\Program Files\Avira
[2005/01/13 14:41:16 | 00,000,000 | ---D | M] -- C:\Program Files\AWS
[2004/08/28 12:10:02 | 00,000,000 | ---D | M] -- C:\Program Files\BHODemon 2
[2008/02/20 06:05:55 | 00,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2004/11/22 12:52:20 | 00,000,000 | ---D | M] -- C:\Program Files\Calypso3
[2005/01/13 05:25:29 | 00,000,000 | ---D | M] -- C:\Program Files\Cartoon Network
[2007/06/09 18:08:49 | 00,000,000 | ---D | M] -- C:\Program Files\Chaos Software
[2008/01/21 21:16:47 | 00,000,000 | ---D | M] -- C:\Program Files\Citrix
[2004/02/14 18:35:02 | 00,000,000 | ---D | M] -- C:\Program Files\CoffeeCup Software
[2004/07/19 02:42:12 | 00,000,000 | ---D | M] -- C:\Program Files\CognigenAlert
[2009/06/14 17:07:53 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2002/06/07 22:50:48 | 00,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2008/12/31 22:02:36 | 00,000,000 | ---D | M] -- C:\Program Files\Conference
[2008/12/22 16:44:23 | 00,000,000 | ---D | M] -- C:\Program Files\Dell
[2004/03/17 17:38:40 | 00,000,000 | ---D | M] -- C:\Program Files\directx
[2004/05/28 12:31:18 | 00,000,000 | ---D | M] -- C:\Program Files\DivX
[2009/06/29 15:51:13 | 00,000,000 | ---D | M] -- C:\Program Files\eFax Messenger 4.4
[2006/09/24 16:26:50 | 00,000,000 | ---D | M] -- C:\Program Files\eFax Messenger Plus 3.3
[2007/09/06 17:08:48 | 00,000,000 | ---D | M] -- C:\Program Files\eMusic Download Manager
[2002/09/13 22:47:06 | 00,000,000 | ---D | M] -- C:\Program Files\EPSON
[2009/07/24 08:00:26 | 00,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2007/05/02 04:31:50 | 00,000,000 | ---D | M] -- C:\Program Files\e-Sword
[2006/02/27 19:53:03 | 00,000,000 | ---D | M] -- C:\Program Files\ewido anti-malware
[2009/06/14 16:47:29 | 00,000,000 | ---D | M] -- C:\Program Files\filehippo.com
[2002/07/09 14:11:56 | 00,000,000 | ---D | M] -- C:\Program Files\FileZilla
[2003/12/21 10:14:43 | 00,000,000 | ---D | M] -- C:\Program Files\FinePixViewer
[2006/12/03 06:43:38 | 00,000,000 | ---D | M] -- C:\Program Files\Grisoft
[2005/07/18 13:06:07 | 00,000,000 | ---D | M] -- C:\Program Files\Hasbro Interactive
[2008/12/22 16:38:18 | 00,000,000 | ---D | M] -- C:\Program Files\Hijackthis
[2002/07/08 10:52:22 | 00,000,000 | ---D | M] -- C:\Program Files\HostExplorer
[2008/02/01 17:15:55 | 00,000,000 | ---D | M] -- C:\Program Files\HTC
[2002/07/08 12:55:32 | 00,000,000 | ---D | M] -- C:\Program Files\Hummingbird
[2006/08/05 13:51:40 | 00,000,000 | ---D | M] -- C:\Program Files\ICallHere
[2004/05/12 15:48:51 | 00,000,000 | ---D | M] -- C:\Program Files\ICQLite
[2005/01/02 14:39:02 | 00,000,000 | ---D | M] -- C:\Program Files\InfoTrax Systems
[2008/07/04 20:30:34 | 00,000,000 | ---D | M] -- C:\Program Files\Inkscape
[2007/09/06 17:08:52 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/06/21 03:06:45 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/02/22 18:30:01 | 00,000,000 | ---D | M] -- C:\Program Files\iPod
[2005/03/03 17:37:09 | 00,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2008/02/22 18:31:21 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/06/16 16:35:36 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2002/07/08 15:28:48 | 00,000,000 | ---D | M] -- C:\Program Files\JavaSoft
[2002/07/19 13:55:52 | 00,000,000 | ---D | M] -- C:\Program Files\Kerberos
[2006/12/03 07:05:33 | 00,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2004/01/29 15:27:50 | 00,000,000 | ---D | M] -- C:\Program Files\Logitech
[2009/07/24 08:35:14 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/14 17:05:14 | 00,000,000 | ---D | M] -- C:\Program Files\McAfee
[2008/12/28 06:13:43 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger
[2007/12/19 17:34:19 | 00,000,000 | ---D | M] -- C:\Program Files\MessianicGroups
[2003/05/13 08:31:51 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/02/25 06:06:07 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware
[2002/06/07 22:50:52 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2003/05/13 08:30:45 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2008/08/08 04:20:21 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Live
[2009/04/21 05:31:36 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2002/06/07 23:11:08 | 00,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2008/12/28 05:40:51 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/07/24 20:32:22 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/07/11 11:05:17 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2004/11/23 18:55:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla.org
[2002/06/07 22:50:46 | 00,000,000 | ---D | M] -- C:\Program Files\MSN
[2002/06/07 22:50:44 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2005/11/12 12:57:30 | 00,000,000 | ---D | M] -- C:\Program Files\MsnMusic
[2004/01/29 15:24:33 | 00,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2005/10/09 12:48:20 | 00,000,000 | ---D | M] -- C:\Program Files\Napster
[2008/12/28 05:25:11 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2002/06/07 23:11:18 | 00,000,000 | ---D | M] -- C:\Program Files\Netropa
[2003/11/10 11:19:39 | 00,000,000 | ---D | M] -- C:\Program Files\Netscape
[2009/06/14 19:53:23 | 00,000,000 | ---D | M] -- C:\Program Files\NOS
[2003/11/10 11:49:42 | 00,000,000 | ---D | M] -- C:\Program Files\nTeras
[2002/06/07 22:50:48 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services
[2002/07/09 14:56:33 | 00,000,000 | ---D | M] -- C:\Program Files\Oracle
[2008/12/28 05:24:58 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2006/08/04 20:31:50 | 00,000,000 | ---D | M] -- C:\Program Files\Packet8 Softalk
[2008/08/26 15:24:56 | 00,000,000 | ---D | M] -- C:\Program Files\Paltalk Messenger
[2006/01/02 19:36:15 | 00,000,000 | ---D | M] -- C:\Program Files\PCPhone
[2003/12/21 10:17:41 | 00,000,000 | ---D | M] -- C:\Program Files\PIXELA
[2004/05/13 04:32:01 | 00,000,000 | ---D | M] -- C:\Program Files\PowerTools 10
[2004/02/14 20:25:13 | 00,000,000 | ---D | M] -- C:\Program Files\PowerTools 11
[2002/07/09 14:36:12 | 00,000,000 | ---D | M] -- C:\Program Files\Qualcomm
[2008/02/15 04:27:48 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2005/06/21 16:15:13 | 00,000,000 | ---D | M] -- C:\Program Files\Real
[2008/12/27 17:52:10 | 00,000,000 | ---D | M] -- C:\Program Files\Registrar Lite
[2003/12/21 10:12:36 | 00,000,000 | ---D | M] -- C:\Program Files\REGSHAVE
[2002/06/07 23:15:17 | 00,000,000 | ---D | M] -- C:\Program Files\Roxio
[2002/07/08 15:04:23 | 00,000,000 | ---D | M] -- C:\Program Files\SecureCRT 3.0
[2004/12/29 09:46:15 | 00,000,000 | ---D | M] -- C:\Program Files\Shelltoys
[2008/06/23 03:51:49 | 00,000,000 | ---D | M] -- C:\Program Files\SmartDraw 2008
[2006/07/17 11:03:51 | 00,000,000 | ---D | M] -- C:\Program Files\SmartFTP
[2009/07/24 20:07:35 | 00,000,000 | ---D | M] -- C:\Program Files\Softnik Technologies
[2006/12/03 09:14:59 | 00,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2009/06/18 07:04:51 | 00,000,000 | ---D | M] -- C:\Program Files\SpywareBlaster
[2009/06/20 07:21:05 | 00,000,000 | ---D | M] -- C:\Program Files\SpywareGuard
[2008/12/28 06:41:56 | 00,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2006/02/12 21:54:13 | 00,000,000 | ---D | M] -- C:\Program Files\Symantec
[2009/01/12 23:01:41 | 00,000,000 | ---D | M] -- C:\Program Files\TC Web Conferencing
[2007/01/14 20:47:15 | 00,000,000 | ---D | M] -- C:\Program Files\The Weather Channel FW
[2004/11/22 15:30:27 | 00,000,000 | ---D | M] -- C:\Program Files\THQ
[2006/01/01 08:15:41 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2005/01/12 12:47:43 | 00,000,000 | ---D | M] -- C:\Program Files\Trymedia
[2002/06/07 23:11:04 | 00,000,000 | ---D | M] -- C:\Program Files\UIU
[2003/05/10 09:46:28 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2007/01/11 09:13:38 | 00,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2005/01/09 16:49:25 | 00,000,000 | ---D | M] -- C:\Program Files\Visionscape Interactive
[2005/12/30 15:39:09 | 00,000,000 | ---D | M] -- C:\Program Files\Weblookup
[2003/08/14 03:48:33 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Journal Viewer
[2008/12/28 05:25:00 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/12/28 05:24:58 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2004/08/26 12:49:35 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2008/02/23 05:41:32 | 00,000,000 | ---D | M] -- C:\Program Files\WinZip
[2002/06/07 22:50:52 | 00,000,000 | ---D | M] -- C:\Program Files\XEROX
[2005/12/16 17:13:07 | 00,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2005/02/09 18:04:06 | 00,000,000 | -H-D | M] -- C:\Program Files\Zero G Registry
< set /c >
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLASSPATH=.;"C:\Program Files\JavaSoft\JRE\1.3.1_02\lib\ext\QTJava.zip";C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MARC-HTFUOJHQ3J
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\MARC-HTFUOJHQ3J
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\DMI\WIN32\BIN;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\SecureCRT 3.0;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0204
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=MARC-HTFUOJHQ3J
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
WIN32DMIPATH=C:\DMI\WIN32
windir=C:\WINDOWS
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05D195EC
< End of report >
---------------------------------------------------------------------------------------------------------------------------
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Service Pack 3
[32_bits] - x86 Family 15 Model 2 Stepping 4, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Enabled
.
Internet Explorer 8.0.6001.18702
Mozilla Firefox 3.0.12 (en-US)
.
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:37 Go - Free:20 Go )
D:\ [Removable]
E:\ [CD_Rom]
.
Scan : 10:59.44
Path : C:\Documents and Settings\Administrator\Desktop\Rooter.exe
User : Administrator ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (476)
______ \??\C:\WINDOWS\system32\csrss.exe (532)
______ \??\C:\WINDOWS\SYSTEM32\winlogon.exe (556)
______ C:\WINDOWS\system32\services.exe (600)
______ C:\WINDOWS\system32\lsass.exe (612)
______ C:\WINDOWS\system32\svchost.exe (776)
______ C:\WINDOWS\system32\svchost.exe (824)
______ C:\WINDOWS\System32\svchost.exe (916)
______ C:\WINDOWS\System32\svchost.exe (1012)
______ C:\WINDOWS\System32\svchost.exe (1092)
______ C:\WINDOWS\system32\spoolsv.exe (1232)
______ C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (1268)
______ C:\WINDOWS\System32\svchost.exe (1324)
______ C:\WINDOWS\Explorer.EXE (1576)
______ C:\WINDOWS\Nhksrv.exe (1736)
______ C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe (1752)
______ C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (1764)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (1780)
______ C:\Program Files\Bonjour\mDNSResponder.exe (1796)
______ C:\DMI\WIN32\bin\DellDmi.exe (1840)
______ C:\Program Files\Dell\OpenManage\Client\EventAgt.exe (1880)
______ C:\Program Files\Dell\OpenManage\Client\DLT.exe (1908)
______ C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (1960)
______ C:\Program Files\Dell\OpenManage\Client\Iap.exe (2004)
______ C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (264)
______ C:\WINDOWS\system32\wdfmgr.exe (516)
______ C:\Program Files\Viewpoint\Common\ViewpointService.exe (868)
______ C:\dmi\win32\bin\Win32sl.exe (992)
______ C:\WINDOWS\System32\alg.exe (2180)
______ C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (2388)
______ C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (3036)
______ C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE (3092)
______ C:\Program Files\Common Files\Real\Update_OB\realsched.exe (3116)
______ C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (3136)
______ C:\Program Files\iTunes\iTunesHelper.exe (3236)
______ C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (3260)
______ C:\WINDOWS\system32\ctfmon.exe (3368)
______ C:\Program Files\filehippo.com\UpdateChecker.exe (3404)
______ C:\Program Files\SpywareGuard\sgmain.exe (3812)
______ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE (3896)
______ C:\Program Files\SpywareGuard\sgbhp.exe (884)
______ C:\Program Files\iPod\bin\iPodService.exe (876)
______ C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe (4004)
______ C:\Program Files\Mozilla Firefox\firefox.exe (4056)
______ C:\Documents and Settings\Administrator\Desktop\Rooter.exe (1432)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:39999504384)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\DESKTOP.INI
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500Core.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500UA.job
C:\WINDOWS\Tasks\SA.DAT
C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
C:\WINDOWS\Tasks\WGASetup.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 11:00.13
.
C:\Rooter$\Rooter_1.txt - (24/07/2009 | 11:00.14)
Database version: 2498
Windows 5.1.2600 Service Pack 3
7/25/2009 8:26:05 AM
mbam-log-2009-07-25 (08-26-04).txt
Scan type: Quick Scan
Objects scanned: 86556
Time elapsed: 23 minute(s), 41 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
---------------------------------------------------------------------------------
OTL Extras logfile created on: 7/25/2009 5:29:50 AM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
255.01 Mb Total Physical Memory | 35.01 Mb Available Physical Memory | 13.73% Memory free
617.47 Mb Paging File | 158.28 Mb Available in Paging File | 25.63% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 20.54 Gb Free Space | 55.14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MARC-HTFUOJHQ3J
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- Reg Error: Key error. File not found
.ini [@ = inifile] -- C:\WINDOWS\notepad.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\notepad.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\IMVITE\instant.exe" = C:\Program Files\IMVITE\instant.exe:*:Disabled:instant -- File not found
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- File not found
"C:\Program Files\Real\RealOne Player\realplay.exe" = C:\Program Files\Real\RealOne Player\realplay.exe:*:Disabled:RealPlayer -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0 -- File not found
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\PCPhone\PCPhone.exe" = C:\Program Files\PCPhone\PCPhone.exe:*:Enabled:PCPhone Application -- File not found
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\WINDOWS\SYSTEM32\rtcshare.exe" = C:\WINDOWS\SYSTEM32\rtcshare.exe:*:Enabled:RTC App Sharing -- (Microsoft Corporation)
"C:\Program Files\Packet8 Softalk\Softalk\softalk.exe" = C:\Program Files\Packet8 Softalk\Softalk\softalk.exe:*:Enabled:Packet8 Softalk -- File not found
"C:\Program Files\ICallHere\ICallHere.exe" = C:\Program Files\ICallHere\ICallHere.exe:*:Enabled:ICallHere -- File not found
"C:\Program Files\QuickDialer\QuickDialer.exe" = C:\Program Files\QuickDialer\QuickDialer.exe:*:Enabled:Application -- File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Ubifone\Ubifone.exe" = C:\Program Files\Ubifone\Ubifone.exe:*:Disabled:Ubifone -- File not found
"C:\Program Files\EA GAMES\MOHAA\MOHAA.exe" = C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Disabled:Medal of Honor Allied Assault -- File not found
"C:\Program Files\Paltalk Messenger\paltalk.exe" = C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:PaltalkScene -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\Conference\Conference.dll" = C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference -- (©2002-2007 Audio/Video Conference Software)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software
"{0773A806-0853-4B4D-8771-55BEF03E242B}" = Dell OpenManage Client Instrumentation
"{11C762F9-95EA-486A-A8E7-683A50C231C1}" = SmartFTP
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.4.0
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{41915CC3-BD28-43C3-9C94-1A7548DEF582}" = StuffIt Standard Edition 7.5
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.71
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{7027DA23-44F9-4226-81D5-6BEDE83B95DD}" = WebMeeting PowerPoint PlugIn
"{706D5382-7381-4680-9DD0-161832578252}" = DellTouch
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{80FD852F-5AAC-4129-B931-06AAFFA43138}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B860975-CF54-44F6-828B-3A5CA14EE825}" = Eudora
"{8EB39AA7-4019-4550-AF6C-BE51BB27B446}" = TC Web Conferencing
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A580547F-4FB6-433E-A595-21CAA858C556}" = Microsoft Office Live Small Business Image Uploader
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D3AA158A-9421-4883-8767-E771B0964A1D}" = ImageMixer VCD for FinePix
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{E3CE420E-5A14-45DC-86A0-375874F43794}" = Hummingbird HostExplorer V7.1
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"ATI Display Driver" = ATI Display Driver
"Atomic Clock Sync" = Atomic Clock Sync
"DivX Codec" = DivX Codec
"DivX Player" = DivX Player
"EPSON Printer and Utilities" = EPSON Printer Software
"ERUNT_is1" = ERUNT 1.1j
"filehippo.com" = filehippo.com Update Checker
"FileZilla" = FileZilla (remove only)
"Good Keywords v3_is1" = Good Keywords v3 042209
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Ink Monitor" = Ink Monitor
"IrfanView" = IrfanView (remove only)
"JRE 1.3.1_02" = Java 2 Runtime Environment Standard Edition v1.3.1_02
"Kerberos_is1" = Kerberos for Windows (KfW) 2.1.2
"Logitech Resource Center" = Logitech Resource Center
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarkView Web Client for Oracle Applications NCA" = MarkView Web Client for Oracle Applications NCA
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.12)" = Mozilla Firefox (3.0.12)
"Mozilla Thunderbird (2.0.0.18)" = Mozilla Thunderbird (2.0.0.18)
"MSN Music Assistant" = MSN Music Assistant
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MWASPINT" = MicroStaff WINASPI NT
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Oracle JInitiator 1.1.8.11" = Oracle JInitiator 1.1.8.11
"RealPlayer 6.0" = RealPlayer
"SecureCRT 3.0" = Van Dyke Technologies SecureCRT 3.4
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SpywareBlaster_is1" = SpywareBlaster 4.2
"SpywareGuard_is1" = SpywareGuard v2.2
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"UIU__MODEM_PCI_VEN_14F1&DEV_1033&SUBSYS_020D13E0" = Conexant HCF V90 56K Data Fax PCI Modem
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Audio/Video Conference" = Audio/Video Conference 4.2+
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.0.0.320
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ System Events ]
Error - 7/6/2009 2:57:14 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 7/6/2009 2:57:14 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
Error - 7/7/2009 2:30:58 PM | Computer Name = MARC-HTFUOJHQ3J | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 7/7/2009 2:36:09 PM | Computer Name = MARC-HTFUOJHQ3J | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 7/12/2009 12:44:15 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 7/12/2009 12:44:15 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
Error - 7/13/2009 1:24:53 PM | Computer Name = MARC-HTFUOJHQ3J | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 7/13/2009 1:55:24 PM | Computer Name = MARC-HTFUOJHQ3J | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.
Error - 7/14/2009 11:21:44 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 7/14/2009 11:21:45 PM | Computer Name = MARC-HTFUOJHQ3J | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
< End of report >
-------------------------------------------------------------------------------------------------------------------------
OTL logfile created on: 7/25/2009 5:29:42 AM - Run 1
OTL by OldTimer - Version 3.0.10.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
255.01 Mb Total Physical Memory | 35.01 Mb Available Physical Memory | 13.73% Memory free
617.47 Mb Paging File | 158.28 Mb Available in Paging File | 25.63% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 20.54 Gb Free Space | 55.14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MARC-HTFUOJHQ3J
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\WINDOWS\Nhksrv.exe ()
PRC - C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe (Dell Computer Corporation)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\DMI\WIN32\bin\DellDmi.exe (Dell Computer Corporation)
PRC - C:\Program Files\Dell\OpenManage\Client\EventAgt.exe (Dell Computer Corporation)
PRC - C:\Program Files\Dell\OpenManage\Client\DLT.exe (Dell Computer Corporation)
PRC - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Dell\OpenManage\Client\Iap.exe (Dell Computer Corporation)
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\dmi\win32\bin\Win32sl.exe (Intel)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
PRC - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\filehippo.com\UpdateChecker.exe (FileHippo.com)
PRC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()
PRC - C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe (Avira GmbH)
PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (0012251245013674mcinstcleanup [Auto | Stopped]) -- File not found
SRV - (ActionAgent [Auto | Running]) -- C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe (Dell Computer Corporation)
SRV - (AntiVirScheduler [Auto | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService [Auto | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DellDmi [Auto | Running]) -- C:\DMI\WIN32\bin\DellDmi.exe (Dell Computer Corporation)
SRV - (DEventAgent [Auto | Running]) -- C:\Program Files\Dell\OpenManage\Client\EventAgt.exe (Dell Computer Corporation)
SRV - (DLT [Auto | Running]) -- C:\Program Files\Dell\OpenManage\Client\DLT.exe (Dell Computer Corporation)
SRV - (EPSONStatusAgent2 [Auto | Running]) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (Iap [Auto | Running]) -- C:\Program Files\Dell\OpenManage\Client\Iap.exe (Dell Computer Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (McAfee SiteAdvisor Service [Auto | Running]) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (Nhksrv [Auto | Running]) -- C:\WINDOWS\Nhksrv.exe ()
SRV - (UMWdf [Auto | Running]) -- C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (Win32Sl [Auto | Running]) -- C:\dmi\win32\bin\Win32sl.exe (Intel)
========== Driver Services (SafeList) ==========
DRV - (ac97intc [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\ac97intc.sys (Intel Corporation)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (ati2mpaa [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ati2mpaa.sys (ATI Technologies Inc.)
DRV - (ati2mtaa [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtaa.sys (ATI Technologies Inc.)
DRV - (avgio [System | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (avgntflt [On_Demand | Running]) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avipbb [System | Running]) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys (Avira GmbH)
DRV - (bvrp_pci [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\bvrp_pci.sys ()
DRV - (Cdr4_xp [System | Running]) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (Cdralw2k [System | Running]) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (cdudf_xp [System | Running]) -- C:\WINDOWS\System32\drivers\cdudf_xp.sys (Roxio)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (dvd_2K [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\Dvd_2k.sys (Roxio)
DRV - (EL90XBC [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\el90xbc5.sys (3Com Corporation)
DRV - (Eplpdx02 [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\EPLPDX02.SYS (MK Systems CO., LTD.)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HCF_MSFT [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys (Conexant)
DRV - (hpt3xx [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\hpt3xx.sys (HighPoint Technologies, Inc.)
DRV - (itchfltr [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\itchfltr.sys (Logitech, Inc.)
DRV - (l8042pr2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\L8042Pr2.sys (Logitech, Inc.)
DRV - (LKbdFlt2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\LKbdFlt2.sys (Logitech, Inc.)
DRV - (LMouFlt2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\LMouFlt2.sys (Logitech, Inc.)
DRV - (MASPINT [Auto | Running]) -- C:\WINDOWS\System32\drivers\MASPINT.SYS (MicroStaff Co.,Ltd.)
DRV - (mmc_2K [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\Mmc_2k.sys (Roxio)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (Msikbd2k [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\msikbd2k.sys (Netropa Corporation)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nv4 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4.sys (NVIDIA Corporation)
DRV - (omci [System | Running]) -- C:\WINDOWS\System32\Drivers\omci.sys (Dell Computer Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (pwd_2k [System | Running]) -- C:\WINDOWS\System32\drivers\pwd_2K.sys (Roxio)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (ssmdrv [System | Running]) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (Avira GmbH)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (UdfReadr_xp [System | Running]) -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys (Roxio)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (Winachcf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\winachcf.sys (Conexant)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://go.microsoft.com/fwlink/?LinkId=69157 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5A 49 5C 09 62 0A CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2009/06/24 12:29:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/24 07:10:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/23 17:02:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.18\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/03/08 18:54:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.18\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/06/14 16:01:18 | 00,000,000 | ---D | M]
[2008/06/29 15:32:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2008/06/29 15:32:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/24 20:33:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\default.y72\extensions
[2009/07/24 20:32:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\default.y72\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2005/12/16 17:28:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\default.y72\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009/07/24 20:33:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/07/23 17:02:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/12/02 07:48:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/07/19 10:28:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/07/24 20:32:33 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\browserhighlighter@ebay.com
[2009/07/23 17:02:23 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/07/23 17:02:23 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2006/01/31 10:21:36 | 00,040,960 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formback.dll
[2006/01/31 10:21:40 | 00,053,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formcal.dll
[2006/01/31 10:21:44 | 00,086,016 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formclok.dll
[2006/01/31 10:21:48 | 00,065,536 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formfade.dll
[2006/01/31 10:21:54 | 00,077,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formfile.dll
[2006/01/31 10:22:22 | 00,143,360 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formflds.dll
[2006/01/31 10:22:28 | 00,053,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formgif.dll
[2006/01/31 10:22:50 | 00,167,936 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formgrid.dll
[2006/01/31 10:22:54 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formhpic.dll
[2006/01/31 10:22:58 | 00,057,344 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formicon.dll
[2006/01/31 10:23:02 | 00,053,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\Forminfo.dll
[2006/01/31 10:23:42 | 00,147,456 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formjpeg.dll
[2006/01/31 10:23:48 | 00,049,152 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formlink.dll
[2006/01/31 10:23:50 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formmarq.dll
[2006/01/31 10:24:10 | 00,143,360 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formmask.dll
[2006/01/31 10:24:16 | 00,061,440 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formport.dll
[2006/01/31 10:24:32 | 00,106,496 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formpri.dll
[2006/01/31 10:24:36 | 00,049,152 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formprog.dll
[2006/01/31 10:24:42 | 00,077,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formqt3.dll
[2006/01/31 10:24:48 | 00,049,152 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formroll.dll
[2006/01/31 10:24:54 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formsbar.dll
[2006/01/31 10:24:58 | 00,053,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formslid.dll
[2006/01/31 10:25:10 | 00,065,536 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formtbar.dll
[2006/01/31 10:25:14 | 00,036,864 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formtile.dll
[2006/01/31 10:25:18 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formtime.dll
[2006/01/31 10:25:22 | 00,040,960 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formtran.dll
[2006/01/31 10:25:28 | 00,077,824 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\Formtree.dll
[2006/01/31 10:25:32 | 00,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\formwash.dll
[2008/01/03 19:19:06 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/06/27 17:03:12 | 01,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/07/23 17:02:29 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2005/06/21 16:16:04 | 00,139,305 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2008/12/31 03:04:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2008/12/31 03:04:06 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2008/12/31 03:04:07 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2008/12/31 03:04:07 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2008/12/31 03:04:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2008/12/31 03:04:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2008/12/31 03:04:08 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2005/06/21 16:16:51 | 00,024,621 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2005/06/21 16:15:51 | 00,081,967 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2006/01/31 10:25:54 | 00,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\np_orfc.dll
[2005/10/05 14:03:08 | 00,122,880 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\orfc.dll
[2006/01/31 10:28:28 | 00,200,704 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\orfcexec.dll
[2006/01/31 10:20:14 | 00,245,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\orfcgui.dll
[2006/01/31 10:21:14 | 00,249,856 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\Orfcmain.dll
[2009/04/25 20:38:24 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/25 20:38:24 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/25 20:38:24 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/25 20:38:24 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/25 20:38:24 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/25 20:38:24 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/25 20:38:25 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (611053 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com
O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie]
O1 - Hosts: 16309 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe (BillP Studios)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc. )
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\ccleaner.exe File not found
O4 - HKCU..\Run: [filehippo.com] C:\Program Files\filehippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\System32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O8 - Extra context menu item: &AIM Search - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe File not found
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: 73 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0000000A-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmsp9dmo.cab (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} http://housecall60.trendmicro.com/housecall/xscan60.cab (HouseCall Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2C8EEB84-6D60-11D4-BD64-0050048A82BF} http://tech-a.mhi.aol.com/netagent/objects/custappx2.CAB (eshare communications NetAgent Customer ActiveX Control version 2)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/...7442.4892476852 (Reg Error: Key error.)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://support.f-secure.com/ols/fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} https://music.msn.com/client/msnmusax3503.cab (MsnMusicAx Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ic32pp {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll ()
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/08/31 10:02:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
NetSvcs: Ip6FwHlp - Service key not found. File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
SafeBootMin: AVG Anti-Spyware Driver - Driver
SafeBootMin: AVG Anti-Spyware Guard - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AVG Anti-Spyware Driver - Driver
SafeBootNet: AVG Anti-Spyware Guard - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {2eac6a2d-57a8-44d4-96f7-e32bab40ca5f} - Windows Update
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\System32\Setup\FxsOcm.dll,XP_UninstallProvider
ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {C34F4917-ED43-439f-9023-97B0024A2B3B} - Q810847
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error.
ActiveX: {D7B44F3E-77D3-44C5-8E03-4222D9A18B7B} - Q321232
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: {f5de1b93-9d38-416b-b09e-aa85a8e84309} - Q818529
ActiveX: {F9C174E3-3E87-40bc-AA94-B8974F2B9222} - Q813489
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{C65B1DAA-AA25-4A0D-83A8-37CFF6808797}C0022D - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
========== Files/Folders - Created Within 30 Days ==========
[2009/07/25 05:25:14 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/07/24 20:32:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/07/24 20:28:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Good Keywords v3
[2009/07/24 20:07:39 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Good Keywords v3.lnk
[2009/07/24 20:07:35 | 00,000,000 | ---D | C] -- C:\Program Files\Softnik Technologies
[2009/07/24 11:00:13 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/07/24 10:59:13 | 00,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\Administrator\Desktop\Rooter.exe
[2009/07/24 08:35:12 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/24 08:35:08 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/24 08:35:04 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/24 08:35:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/24 08:34:30 | 03,775,176 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/07/24 08:03:59 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/07/24 08:01:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\7-24-2009
[2009/07/24 08:00:19 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/07/24 08:00:19 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/07/24 08:00:16 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/07/24 07:58:42 | 00,794,112 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\The_Comedian.exe
[2009/07/23 19:15:27 | 00,002,344 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2009/07/23 16:42:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2009/07/23 16:37:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Temp
[2009/07/23 16:37:29 | 00,001,010 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500UA.job
[2009/07/23 16:37:23 | 00,000,958 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500Core.job
[2009/07/23 16:35:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2009/07/16 21:32:30 | 00,098,304 | ---- | C] (TechSmith Corporation) -- C:\WINDOWS\System32\tsccvid.dll
[2009/07/12 21:39:46 | 00,469,504 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/07/12 16:02:39 | 00,024,576 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Shalom1.doc
[2009/07/09 10:16:17 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PTSPO(1).xls
[2009/06/29 15:03:48 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/06/29 15:02:57 | 00,000,000 | ---D | C] -- C:\Program Files\eFax Messenger 4.4
[2009/06/27 19:55:21 | 00,155,731 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\APTACRC.png
[2008/06/21 14:27:29 | 00,000,210 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2007/03/15 03:25:16 | 00,000,105 | ---- | C] () -- C:\WINDOWS\System32\TTAdmin.ini
[2006/08/05 14:00:34 | 00,000,141 | ---- | C] () -- C:\WINDOWS\System32\sms2call.ini
[2006/01/01 10:22:17 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2005/05/03 12:44:44 | 00,025,157 | ---- | C] () -- C:\WINDOWS\RMAgentOutput.dll
[2005/05/03 12:43:44 | 00,126,976 | ---- | C] () -- C:\WINDOWS\dllTSCLIBMT.dll
[2005/03/03 17:16:42 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2005/03/01 15:30:20 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2004/12/23 06:04:05 | 00,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[2004/12/23 06:04:05 | 00,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[2004/12/11 02:49:05 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/11/23 19:09:41 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\ITNetUtils.dll
[2004/11/23 19:09:40 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\diffiedll.dll
[2004/11/23 19:09:34 | 00,005,576 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2004/10/01 18:33:46 | 00,000,679 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2004/05/13 03:54:44 | 00,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/04/23 11:41:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\impborl.dll
[2004/02/06 15:11:36 | 00,000,044 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2004/01/29 19:20:28 | 00,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2004/01/29 15:23:43 | 00,096,768 | ---- | C] () -- C:\WINDOWS\System32\LGUICOM.DLL
[2003/12/21 10:20:46 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2003/12/21 10:20:45 | 00,000,296 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2003/10/25 08:36:32 | 00,000,092 | ---- | C] () -- C:\WINDOWS\EBrander.INI
[2003/10/25 08:14:26 | 00,000,090 | ---- | C] () -- C:\WINDOWS\EBrander[1].INI
[2003/09/09 03:53:48 | 00,000,027 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/08/21 07:05:01 | 00,068,100 | ---- | C] () -- C:\WINDOWS\System32\Cheetah2.DLL
[2003/08/14 04:34:57 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/08/13 03:16:29 | 00,051,712 | ---- | C] () -- C:\WINDOWS\wc98pp.dll
[2003/08/05 03:28:24 | 00,000,295 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2003/08/05 03:28:24 | 00,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2003/08/05 03:28:24 | 00,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2003/06/19 17:20:12 | 00,000,138 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2003/05/13 07:52:18 | 00,000,478 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/04/28 02:53:28 | 00,000,208 | ---- | C] () -- C:\WINDOWS\ActiveAct.INI
[2003/04/27 15:50:32 | 00,000,092 | ---- | C] () -- C:\WINDOWS\ka.ini
[2003/04/16 14:53:28 | 00,000,847 | ---- | C] () -- C:\WINDOWS\disney.ini
[2003/03/27 06:28:44 | 00,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2003/01/31 18:17:28 | 00,000,078 | ---- | C] () -- C:\WINDOWS\TONKA.INI
[2003/01/31 13:50:46 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2003/01/04 14:40:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\BBCAuto.INI
[2002/11/17 13:55:06 | 00,001,017 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2002/10/12 07:09:16 | 00,050,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2002/10/11 13:15:38 | 00,002,969 | ---- | C] () -- C:\WINDOWS\VTruck4.ini
[2002/10/11 12:35:56 | 00,002,149 | ---- | C] () -- C:\WINDOWS\VTruck3.ini
[2002/10/11 11:56:57 | 00,002,068 | ---- | C] () -- C:\WINDOWS\VTruck2.ini
[2002/10/11 11:00:19 | 00,002,015 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2002/09/16 12:48:50 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2002/09/13 22:45:21 | 00,000,023 | ---- | C] () -- C:\WINDOWS\EPC60.ini
[2002/09/13 17:40:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2002/07/09 14:56:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2002/07/09 14:56:17 | 00,051,712 | ---- | C] () -- C:\WINDOWS\System32\JinPanel.dll
[2002/07/04 16:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2002/06/07 23:17:18 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/06/07 23:11:18 | 00,000,312 | ---- | C] () -- C:\WINDOWS\MMKEYBD.INI
[2002/06/07 23:11:18 | 00,000,269 | ---- | C] () -- C:\WINDOWS\MSIOSD.INI
[2002/06/07 23:11:16 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2002/06/07 23:11:08 | 00,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2002/06/07 23:08:34 | 00,000,898 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/06/07 22:52:08 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002/03/20 09:40:43 | 00,000,230 | ---- | C] () -- C:\WINDOWS\krb5.ini
[2001/12/14 14:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/08/31 10:01:58 | 00,001,017 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2001/08/31 09:53:54 | 00,000,346 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2001/08/02 12:56:12 | 00,028,672 | ---- | C] () -- C:\WINDOWS\MMKeybd.dll
[1999/08/12 01:00:00 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/08/12 01:00:00 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1999/07/23 14:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 11:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1997/06/06 04:08:30 | 00,023,040 | ---- | C] () -- C:\WINDOWS\System32\CSSMS_IN.DLL
========== Files - Modified Within 30 Days ==========
[2009/07/25 05:25:30 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/07/25 05:16:25 | 00,000,478 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/07/25 04:42:01 | 00,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500UA.job
[2009/07/24 20:07:39 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Good Keywords v3.lnk
[2009/07/24 16:42:05 | 00,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500Core.job
[2009/07/24 11:10:08 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/07/24 11:08:46 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/07/24 11:08:17 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/07/24 11:07:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/24 11:07:26 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/07/24 11:07:24 | 26,746,8800 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/24 10:59:15 | 00,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\Administrator\Desktop\Rooter.exe
[2009/07/24 08:35:12 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/07/24 08:34:35 | 03,775,176 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2009/07/24 08:04:00 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2009/07/24 08:00:19 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/07/24 08:00:19 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/07/24 07:58:51 | 00,794,112 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\The_Comedian.exe
[2009/07/23 19:15:27 | 00,002,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2009/07/23 12:33:52 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/07/18 16:44:38 | 00,022,584 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
[2009/07/16 03:10:15 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/07/13 19:06:26 | 02,577,952 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 008.jpg
[2009/07/13 19:06:19 | 02,601,504 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 007.jpg
[2009/07/13 19:06:11 | 02,574,164 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 006.jpg
[2009/07/13 19:06:05 | 02,549,347 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 005.jpg
[2009/07/13 19:05:57 | 02,534,460 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 004.jpg
[2009/07/13 19:05:50 | 02,596,658 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 003.jpg
[2009/07/13 19:05:35 | 02,553,286 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Picture 001.jpg
[2009/07/13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/07/13 13:36:12 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/07/12 21:39:46 | 00,469,504 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2009/07/12 16:02:40 | 00,024,576 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Shalom1.doc
[2009/07/09 10:16:30 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PTSPO(1).xls
[2009/07/07 11:10:56 | 24,539,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/06/27 19:55:31 | 00,155,731 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\APTACRC.png
========== LOP Check ==========
[2009/06/09 14:17:24 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Administrator\Application Data
[2005/01/13 14:52:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Aim
[2002/09/29 15:17:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Aladdin Systems
[2006/12/03 16:05:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Chaos Software
[2008/01/26 09:37:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FUJIFILM
[2004/02/20 11:10:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQ
[2003/04/22 16:38:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Interact Commerce
[2009/06/29 15:02:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\j2 Global
[2004/05/27 02:39:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Lycos
[2004/02/14 18:13:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MailWasher
[2009/05/17 21:43:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Move Networks
[2004/02/04 20:47:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MSN6
[2008/08/26 15:24:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Paltalk
[2005/08/08 13:36:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PCPhone
[2005/10/09 12:46:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Roxio
[2003/11/12 15:32:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SmartFTP
[2004/11/19 06:11:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Thunderbird
[2005/01/13 14:43:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WeatherBug
[2009/07/24 20:32:40 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2006/02/11 04:40:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2006/12/03 15:34:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chaos Software
[2008/02/27 03:12:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2008/02/27 02:50:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2007/08/15 03:05:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2002/07/08 12:55:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hummingbird
[2003/04/27 15:50:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Knowledge Adventure
[2002/09/13 22:27:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2005/10/09 12:44:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2002/06/07 23:10:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/06/18 07:05:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2005/01/12 13:19:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2002/07/08 15:04:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Van Dyke Technologies
[2005/11/13 07:20:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/07/23 12:33:52 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001/08/18 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI
[2009/07/24 16:42:05 | 00,000,958 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500Core.job
[2009/07/25 04:42:01 | 00,001,010 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500UA.job
[2009/07/24 11:07:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2006/02/26 08:21:41 | 00,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
[2009/07/24 11:08:46 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Custom Scans ==========
< %systemroot%\System32\antiwpa.dll >
< %systemroot%\SYSTEM32\wpa.dll >
< %systemroot%\setup\scripts\biestart.exe >
< %systemroot%\system32\drivers\royal.sys >
< %systemroot%\system32\oobe\AntiWPA_Crypt.dll >
< %TEMP%\antiwpa_crypt.dll >
< %TEMP%\antiwpa.dll /s >
< %PROGRAMFILES%\antiwpa.dll /s >
< %systemroot%\system32\crypt.dll >
< %TEMP%\crypt.dll >
< %SYSTEMDRIVE%\*. >
[2009/07/25 05:25:28 | 00,000,000 | ---D | M] -- C:
[2009/04/06 19:02:10 | 00,000,000 | ---D | M] -- C:\041bd71962f979c68ea75034d1
[2009/03/30 19:01:49 | 00,000,000 | ---D | M] -- C:\043a72f87f933608de60efd676
[2009/03/13 19:01:27 | 00,000,000 | ---D | M] -- C:\0876fe7cae23e79cc0
[2009/03/06 20:01:54 | 00,000,000 | ---D | M] -- C:\0c20ba8fcd68fed508377dba2d
[2009/03/23 19:03:40 | 00,000,000 | ---D | M] -- C:\0c2d7204e5b1f1f78191783c58
[2009/03/07 20:01:36 | 00,000,000 | ---D | M] -- C:\10e66b00735cb6e01e
[2009/03/04 20:01:02 | 00,000,000 | ---D | M] -- C:\12da9b904b415fdbc8e5ff
[2008/01/27 07:22:53 | 00,000,000 | ---D | M] -- C:\15Ideas
[2009/04/16 03:23:38 | 00,000,000 | ---D | M] -- C:\17f4171752c0520a998d516c07a6285f
[2009/04/11 19:02:47 | 00,000,000 | ---D | M] -- C:\1a3bc519fa51859c1c9efc
[2009/04/13 19:01:30 | 00,000,000 | ---D | M] -- C:\25dd9edbc2ac518c059485075f01
[2009/04/04 04:17:08 | 00,000,000 | ---D | M] -- C:\27631d91022693547d91d0f4ef56635b
[2009/03/11 03:07:38 | 00,000,000 | ---D | M] -- C:\2be4fe7027faf6973ee97898
[2009/04/12 19:03:00 | 00,000,000 | ---D | M] -- C:\333ccf56594df8f5f2e844ac
[2009/04/17 19:01:21 | 00,000,000 | ---D | M] -- C:\3a9cf7148ef2ee855a3de8
[2009/04/02 19:01:42 | 00,000,000 | ---D | M] -- C:\3b6bd6d5c866381d0010105f
[2009/04/10 19:03:27 | 00,000,000 | ---D | M] -- C:\3c47c2378eaf082ed9f73417aa
[2009/03/31 19:01:34 | 00,000,000 | ---D | M] -- C:\4fe8ee7e2ae555aca6ae034d287c9892
[2009/04/08 19:02:36 | 00,000,000 | ---D | M] -- C:\53f18c54fd4ffe604bdd01aa
[2009/03/14 19:01:04 | 00,000,000 | ---D | M] -- C:\57ded77cd0adb64171c5be8e3a62e03f
[2009/03/05 20:01:01 | 00,000,000 | ---D | M] -- C:\5b181d4cc9b43bdb5c9bab07
[2009/04/14 19:01:29 | 00,000,000 | ---D | M] -- C:\626ce5cc20206a5ba62e97
[2006/09/08 03:53:19 | 00,000,000 | ---D | M] -- C:\63299ca1da8e6bafe2cc6e79
[2009/03/15 19:03:07 | 00,000,000 | ---D | M] -- C:\63e181cbeed22cc68c2885bd
[2009/04/18 03:02:40 | 00,000,000 | ---D | M] -- C:\67e69235280ccad3731b2f7cd8d5d126
[2009/03/19 19:01:09 | 00,000,000 | ---D | M] -- C:\6bdd14e33a1a6bde87249c6e
[2009/03/21 19:14:37 | 00,000,000 | ---D | M] -- C:\767b60b94206680ad20958868e9dce
[2009/03/26 19:01:03 | 00,000,000 | ---D | M] -- C:\788166f9f02308bc05
[2009/04/01 19:02:30 | 00,000,000 | ---D | M] -- C:\7909dd250a793e05035a
[2009/03/03 20:01:13 | 00,000,000 | ---D | M] -- C:\79975648d8cd58c56f5b
[2009/03/29 19:03:38 | 00,000,000 | ---D | M] -- C:\7a9b67b8c7a75cfa2a67fe
[2009/03/20 19:01:03 | 00,000,000 | ---D | M] -- C:\85b3274e632dd1f7c4ffe7cb66eb
[2009/04/07 19:01:22 | 00,000,000 | ---D | M] -- C:\8a1dd267bd65368235cd81
[2009/03/02 20:01:28 | 00,000,000 | ---D | M] -- C:\90b272b411e4bb7ee7
[2009/03/24 19:03:17 | 00,000,000 | ---D | M] -- C:\91ae08f2dd5d5dc74ec4
[2009/03/12 09:39:24 | 00,000,000 | ---D | M] -- C:\92ac2686779de5dd613ab6
[2009/03/17 19:01:08 | 00,000,000 | ---D | M] -- C:\95a83f668240de1de6805c8659d4
[2009/03/01 20:01:47 | 00,000,000 | ---D | M] -- C:\95eac33077894f2850c680105301
[2009/02/27 20:01:03 | 00,000,000 | ---D | M] -- C:\96e1f3634e2efe5a65edb955e8dae1
[2009/03/08 20:02:08 | 00,000,000 | ---D | M] -- C:\974c6abe01bd1bb0a3055c64d586c8b5
[2009/04/03 03:01:54 | 00,000,000 | ---D | M] -- C:\a65d2063ccf13ce5a18c542938f8fb
[2009/06/20 06:46:51 | 00,000,000 | ---D | M] -- C:\a9598c71426f942acb9c
[2009/03/10 19:02:07 | 00,000,000 | ---D | M] -- C:\b98589b969cf0d1b8030
[2009/03/22 19:02:04 | 00,000,000 | ---D | M] -- C:\bd1ea0631d50a6650948b34cee63
[2009/03/16 19:02:23 | 00,000,000 | ---D | M] -- C:\c2c7bb5f3483adca303287
[2009/06/07 20:38:05 | 00,000,000 | ---D | M] -- C:\chatterbox
[2009/06/29 15:51:13 | 00,000,000 | -HSD | M] -- C:\Config.Msi
[2008/12/22 17:38:55 | 00,000,000 | ---D | M] -- C:\DELL
[2002/06/07 23:13:12 | 00,000,000 | ---D | M] -- C:\DMI
[2006/02/11 04:39:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings
[2002/06/07 22:50:36 | 00,000,000 | ---D | M] -- C:\DRIVERS
[2009/03/18 19:01:55 | 00,000,000 | ---D | M] -- C:\e8752b38ea7ed3d54e
[2009/04/05 19:01:45 | 00,000,000 | ---D | M] -- C:\ed1f1524f5bceba2a1629745270b
[2003/09/13 13:23:32 | 00,000,000 | ---D | M] -- C:\EDB_License
[2005/06/24 16:43:50 | 00,000,000 | ---D | M] -- C:\editorder.php_files
[2009/04/03 05:21:53 | 00,000,000 | ---D | M] -- C:\efe88ef67164febf9d92fa6ae9bfba44
[2002/09/13 22:47:08 | 00,000,000 | ---D | M] -- C:\EPSONREG
[2009/03/09 19:02:28 | 00,000,000 | ---D | M] -- C:\f0af6762d70bf448ab
[2009/03/25 19:02:20 | 00,000,000 | ---D | M] -- C:\f3e7093ae49a98349e701fe8
[2009/03/27 03:01:30 | 00,000,000 | ---D | M] -- C:\f4ec735ed499f55941b0713593
[2009/04/09 19:01:42 | 00,000,000 | ---D | M] -- C:\f66364627239edf4b09a3c899588af
[2009/03/28 19:01:51 | 00,000,000 | ---D | M] -- C:\f9655791c8c76f3537b8
[2009/02/28 20:01:27 | 00,000,000 | ---D | M] -- C:\ff68e222d4b699ebf0b565eaf9828e0f
[2008/11/16 06:18:27 | 00,000,000 | -HSD | M] -- C:\found.000
[2008/08/23 08:57:12 | 00,000,000 | ---D | M] -- C:\fsaua.data
[2003/01/31 18:21:38 | 00,000,000 | ---D | M] -- C:\HASBRO
[2003/09/22 18:37:48 | 00,000,000 | ---D | M] -- C:\hegames
[2003/07/08 17:56:17 | 00,000,000 | ---D | M] -- C:\I386
[2003/12/21 10:20:46 | 00,000,000 | ---D | M] -- C:\MWASPINT
[2003/11/10 10:50:12 | 00,000,000 | ---D | M] -- C:\My Download Files
[2006/12/29 13:02:34 | 00,000,000 | ---D | M] -- C:\New Folder
[2009/07/24 20:07:35 | 00,000,000 | ---D | M] -- C:\Program Files
[2002/09/13 19:54:53 | 00,000,000 | -HSD | M] -- C:\RECYCLER
[2009/07/24 11:00:14 | 00,000,000 | ---D | M] -- C:\Rooter$
[2005/06/02 14:46:54 | 00,000,000 | ---D | M] -- C:\St Johns Invoice_files
[2004/09/06 14:51:30 | 00,000,000 | -HSD | M] -- C:\System Volume Information
[2007/11/22 15:03:39 | 00,000,000 | ---D | M] -- C:\TEMP
[2007/03/15 03:23:14 | 00,000,000 | ---D | M] -- C:\TorahTeacher
[2009/07/20 22:44:41 | 00,000,000 | ---D | M] -- C:\unzipped
[2009/07/17 04:05:18 | 00,000,000 | ---D | M] -- C:\WINDOWS
[2003/08/14 05:09:03 | 00,000,000 | -H-D | M] -- C:\WUTemp
< %SYSTEMDRIVE%\*.* >
[2005/06/11 05:31:57 | 00,017,066 | ---- | M] () -- C:\0259BS.jpg
[2005/06/11 14:00:33 | 00,008,650 | ---- | M] () -- C:\10192.jpg
[2005/06/11 13:54:20 | 00,013,577 | ---- | M] () -- C:\10331b.jpg
[2005/06/11 13:46:45 | 00,010,549 | ---- | M] () -- C:\10910.jpg
[2003/05/15 14:58:06 | 00,015,178 | ---- | M] () -- C:\150_premium_2003-5-10.txt
[2005/06/13 02:27:36 | 00,011,331 | ---- | M] () -- C:\4490_web.jpg
[2005/06/08 02:47:19 | 00,030,864 | ---- | M] () -- C:\880f65e1-c323-4ca0-aa65-f13d16c85274.jpg
[2005/06/13 14:25:43 | 00,011,587 | ---- | M] () -- C:\A401_web.jpg
[2008/02/27 03:12:08 | 00,000,000 | ---- | M] () -- C:\AdobeDebug.txt
[2005/01/13 16:22:44 | 00,004,296 | ---- | M] () -- C:\atlog.txt
[2001/08/31 10:02:00 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2005/06/08 02:33:40 | 00,008,300 | ---- | M] () -- C:\bankers_db_header.gif
[2003/10/25 08:13:15 | 00,400,379 | ---- | M] (Developed by Client-Server Programs Ltd. -- www.web-space-station.com) -- C:\bestheadlines.exe
[2004/09/06 14:43:03 | 00,000,211 | RHS- | M] () -- C:\BOOT.INI
[2001/08/31 09:45:10 | 00,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2006/02/11 20:54:39 | 00,008,048 | ---- | M] () -- C:\caavsetup.log
[2007/02/12 15:06:46 | 00,035,113 | ---- | M] () -- C:\caavsetupLog.txt
[2008/01/20 22:52:10 | 00,016,761 | ---- | M] () -- C:\caisslog.txt
[2005/06/07 03:06:46 | 00,031,827 | ---- | M] () -- C:\Cap.jpg
[2005/06/18 08:13:04 | 00,002,527 | ---- | M] () -- C:\cingularlogo.gif
[2009/07/22 21:29:37 | 00,000,688 | ---- | M] () -- C:\clientlog.txt
[2001/08/31 10:02:00 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004/11/19 07:34:44 | 00,027,698 | ---- | M] () -- C:\Contacts_Sidebar_0.4.xpi
[2004/11/15 10:56:32 | 00,723,926 | ---- | M] () -- C:\crash.txt
[2001/07/25 17:25:32 | 00,002,238 | ---- | M] () -- C:\CSuprt.ico
[2002/06/07 22:53:28 | 00,003,156 | RH-- | M] () -- C:\DELL.SDR
[2005/06/11 13:58:17 | 00,014,553 | ---- | M] () -- C:\denim.jpg
[2001/08/01 10:50:52 | 00,000,766 | R--- | M] () -- C:\desktop.ico
[2005/06/24 16:43:50 | 00,044,687 | ---- | M] () -- C:\editorder.php.htm
[2009/07/24 11:07:24 | 26,746,8800 | -HS- | M] () -- C:\hiberfil.sys
[2001/08/31 10:02:00 | 00,000,000 | -H-- | M] () -- C:\IO.SYS
[2005/01/31 11:04:50 | 00,000,981 | -H-- | M] () -- C:\IPH.PH
[2005/06/13 14:26:41 | 00,009,860 | ---- | M] () -- C:\J1380_web.jpg
[2005/06/13 14:26:28 | 00,013,408 | ---- | M] () -- C:\J1400_web.jpg
[2005/06/13 14:26:47 | 00,011,575 | ---- | M] () -- C:\J180_web.jpg
[2005/06/13 14:25:38 | 00,011,766 | ---- | M] () -- C:\J2140_web.jpg
[2005/06/13 14:25:53 | 00,010,931 | ---- | M] () -- C:\J2200_web.jpg
[2005/06/13 14:25:18 | 00,009,764 | ---- | M] () -- C:\J2220_web.jpg
[2005/06/13 14:25:57 | 00,011,124 | ---- | M] () -- C:\J2240_web.jpg
[2005/06/12 12:49:56 | 00,012,300 | ---- | M] () -- C:\J260_web.jpg
[2005/06/13 14:26:57 | 00,011,270 | ---- | M] () -- C:\J3100_web.jpg
[2005/06/13 14:26:24 | 00,010,371 | ---- | M] () -- C:\j3120_web.jpg
[2005/06/13 14:25:33 | 00,013,036 | ---- | M] () -- C:\J4060_web.jpg
[2005/06/13 14:26:35 | 00,010,134 | ---- | M] () -- C:\J4500_web.jpg
[2005/06/13 14:26:52 | 00,010,463 | ---- | M] () -- C:\J4600_web.jpg
[2005/06/13 14:25:07 | 00,010,140 | ---- | M] () -- C:\J5080_web.jpg
[2005/06/13 14:25:24 | 00,011,894 | ---- | M] () -- C:\J540_web.jpg
[2005/06/13 14:26:19 | 00,008,462 | ---- | M] () -- C:\J580_web.jpg
[2005/06/13 14:25:48 | 00,008,225 | ---- | M] () -- C:\J760_web.jpg
[2005/06/13 14:27:01 | 00,008,869 | ---- | M] () -- C:\J9200_web.jpg
[2005/05/21 06:09:41 | 00,002,630 | ---- | M] () -- C:\logo-union_ezr.gif
[2005/07/01 21:47:13 | 00,005,047 | ---- | M] () -- C:\logo_shopfort1.gif
[2005/05/09 19:38:30 | 00,002,459 | ---- | M] () -- C:\Made in USA image
[2005/06/07 02:13:16 | 00,011,193 | ---- | M] () -- C:\Modern Line.gif
[2001/08/31 10:02:00 | 00,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2005/06/19 06:50:38 | 00,003,539 | ---- | M] () -- C:\new_coglogo.gif
[2006/02/12 22:01:49 | 00,393,915 | ---- | M] () -- C:\nonav.log
[2004/09/06 14:25:03 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/12/28 05:15:44 | 00,250,048 | RHS- | M] () -- C:\NTLDR
[2003/05/05 14:59:10 | 00,000,541 | -H-- | M] () -- C:\os412887.bin
[2009/07/24 11:07:15 | 40,265,3184 | -HS- | M] () -- C:\pagefile.sys
[2005/06/13 02:29:44 | 00,013,167 | ---- | M] () -- C:\prodnav_r1_c1_f2.jpg
[2005/06/13 02:30:57 | 00,013,151 | ---- | M] () -- C:\prodnav_r1_c3_f2.jpg
[2005/06/07 03:02:39 | 00,005,212 | ---- | M] () -- C:\rightside_14.jpg
[2005/07/01 21:38:43 | 00,003,024 | ---- | M] () -- C:\shopdsl_logo_small.gif
[2005/06/02 14:46:54 | 00,041,350 | ---- | M] () -- C:\St Johns Invoice.htm
[2005/06/17 14:25:00 | 00,005,076 | ---- | M] () -- C:\tag.gif
[2005/07/01 21:32:08 | 00,006,470 | ---- | M] () -- C:\telecommagic.gif
[2007/03/15 03:27:40 | 00,000,031 | ---- | M] () -- C:\TTAcnt.ini
[2005/06/10 19:54:53 | 00,002,224 | ---- | M] () -- C:\union.gif
[2005/06/13 14:26:01 | 00,010,038 | ---- | M] () -- C:\USAFreedom_web.jpg
[2006/08/19 20:28:21 | 00,000,162 | ---- | M] () -- C:\YServer.txt
< %PROGRAMFILES%\*. >
[2009/07/24 20:07:35 | 00,000,000 | ---D | M] -- C:\Program Files
[2002/07/09 14:57:19 | 00,000,000 | ---D | M] -- C:\Program Files\170 Systems
[2008/12/27 18:29:04 | 00,000,000 | ---D | M] -- C:\Program Files\ABC Amber EPS Converter
[2004/02/14 18:26:23 | 00,000,000 | ---D | M] -- C:\Program Files\ACT
[2003/04/26 14:15:13 | 00,000,000 | ---D | M] -- C:\Program Files\Activision Value
[2009/06/14 16:03:31 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2005/01/13 14:44:49 | 00,000,000 | ---D | M] -- C:\Program Files\AIM Toolbar
[2004/02/14 20:01:47 | 00,000,000 | ---D | M] -- C:\Program Files\AIM95
[2002/07/09 17:35:33 | 00,000,000 | ---D | M] -- C:\Program Files\Aladdin Systems
[2008/12/27 19:05:01 | 00,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2005/09/20 18:35:17 | 00,000,000 | ---D | M] -- C:\Program Files\aod
[2009/04/03 20:41:31 | 00,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2003/01/31 19:52:50 | 00,000,000 | ---D | M] -- C:\Program Files\Atomic Clock Sync
[2009/01/29 04:44:59 | 00,000,000 | ---D | M] -- C:\Program Files\Avira
[2005/01/13 14:41:16 | 00,000,000 | ---D | M] -- C:\Program Files\AWS
[2004/08/28 12:10:02 | 00,000,000 | ---D | M] -- C:\Program Files\BHODemon 2
[2008/02/20 06:05:55 | 00,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2004/11/22 12:52:20 | 00,000,000 | ---D | M] -- C:\Program Files\Calypso3
[2005/01/13 05:25:29 | 00,000,000 | ---D | M] -- C:\Program Files\Cartoon Network
[2007/06/09 18:08:49 | 00,000,000 | ---D | M] -- C:\Program Files\Chaos Software
[2008/01/21 21:16:47 | 00,000,000 | ---D | M] -- C:\Program Files\Citrix
[2004/02/14 18:35:02 | 00,000,000 | ---D | M] -- C:\Program Files\CoffeeCup Software
[2004/07/19 02:42:12 | 00,000,000 | ---D | M] -- C:\Program Files\CognigenAlert
[2009/06/14 17:07:53 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2002/06/07 22:50:48 | 00,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2008/12/31 22:02:36 | 00,000,000 | ---D | M] -- C:\Program Files\Conference
[2008/12/22 16:44:23 | 00,000,000 | ---D | M] -- C:\Program Files\Dell
[2004/03/17 17:38:40 | 00,000,000 | ---D | M] -- C:\Program Files\directx
[2004/05/28 12:31:18 | 00,000,000 | ---D | M] -- C:\Program Files\DivX
[2009/06/29 15:51:13 | 00,000,000 | ---D | M] -- C:\Program Files\eFax Messenger 4.4
[2006/09/24 16:26:50 | 00,000,000 | ---D | M] -- C:\Program Files\eFax Messenger Plus 3.3
[2007/09/06 17:08:48 | 00,000,000 | ---D | M] -- C:\Program Files\eMusic Download Manager
[2002/09/13 22:47:06 | 00,000,000 | ---D | M] -- C:\Program Files\EPSON
[2009/07/24 08:00:26 | 00,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2007/05/02 04:31:50 | 00,000,000 | ---D | M] -- C:\Program Files\e-Sword
[2006/02/27 19:53:03 | 00,000,000 | ---D | M] -- C:\Program Files\ewido anti-malware
[2009/06/14 16:47:29 | 00,000,000 | ---D | M] -- C:\Program Files\filehippo.com
[2002/07/09 14:11:56 | 00,000,000 | ---D | M] -- C:\Program Files\FileZilla
[2003/12/21 10:14:43 | 00,000,000 | ---D | M] -- C:\Program Files\FinePixViewer
[2006/12/03 06:43:38 | 00,000,000 | ---D | M] -- C:\Program Files\Grisoft
[2005/07/18 13:06:07 | 00,000,000 | ---D | M] -- C:\Program Files\Hasbro Interactive
[2008/12/22 16:38:18 | 00,000,000 | ---D | M] -- C:\Program Files\Hijackthis
[2002/07/08 10:52:22 | 00,000,000 | ---D | M] -- C:\Program Files\HostExplorer
[2008/02/01 17:15:55 | 00,000,000 | ---D | M] -- C:\Program Files\HTC
[2002/07/08 12:55:32 | 00,000,000 | ---D | M] -- C:\Program Files\Hummingbird
[2006/08/05 13:51:40 | 00,000,000 | ---D | M] -- C:\Program Files\ICallHere
[2004/05/12 15:48:51 | 00,000,000 | ---D | M] -- C:\Program Files\ICQLite
[2005/01/02 14:39:02 | 00,000,000 | ---D | M] -- C:\Program Files\InfoTrax Systems
[2008/07/04 20:30:34 | 00,000,000 | ---D | M] -- C:\Program Files\Inkscape
[2007/09/06 17:08:52 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/06/21 03:06:45 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/02/22 18:30:01 | 00,000,000 | ---D | M] -- C:\Program Files\iPod
[2005/03/03 17:37:09 | 00,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2008/02/22 18:31:21 | 00,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/06/16 16:35:36 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2002/07/08 15:28:48 | 00,000,000 | ---D | M] -- C:\Program Files\JavaSoft
[2002/07/19 13:55:52 | 00,000,000 | ---D | M] -- C:\Program Files\Kerberos
[2006/12/03 07:05:33 | 00,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2004/01/29 15:27:50 | 00,000,000 | ---D | M] -- C:\Program Files\Logitech
[2009/07/24 08:35:14 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/14 17:05:14 | 00,000,000 | ---D | M] -- C:\Program Files\McAfee
[2008/12/28 06:13:43 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger
[2007/12/19 17:34:19 | 00,000,000 | ---D | M] -- C:\Program Files\MessianicGroups
[2003/05/13 08:31:51 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/02/25 06:06:07 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware
[2002/06/07 22:50:52 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2003/05/13 08:30:45 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2008/08/08 04:20:21 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Live
[2009/04/21 05:31:36 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2002/06/07 23:11:08 | 00,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2008/12/28 05:40:51 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/07/24 20:32:22 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/07/11 11:05:17 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2004/11/23 18:55:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla.org
[2002/06/07 22:50:46 | 00,000,000 | ---D | M] -- C:\Program Files\MSN
[2002/06/07 22:50:44 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2005/11/12 12:57:30 | 00,000,000 | ---D | M] -- C:\Program Files\MsnMusic
[2004/01/29 15:24:33 | 00,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2005/10/09 12:48:20 | 00,000,000 | ---D | M] -- C:\Program Files\Napster
[2008/12/28 05:25:11 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2002/06/07 23:11:18 | 00,000,000 | ---D | M] -- C:\Program Files\Netropa
[2003/11/10 11:19:39 | 00,000,000 | ---D | M] -- C:\Program Files\Netscape
[2009/06/14 19:53:23 | 00,000,000 | ---D | M] -- C:\Program Files\NOS
[2003/11/10 11:49:42 | 00,000,000 | ---D | M] -- C:\Program Files\nTeras
[2002/06/07 22:50:48 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services
[2002/07/09 14:56:33 | 00,000,000 | ---D | M] -- C:\Program Files\Oracle
[2008/12/28 05:24:58 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2006/08/04 20:31:50 | 00,000,000 | ---D | M] -- C:\Program Files\Packet8 Softalk
[2008/08/26 15:24:56 | 00,000,000 | ---D | M] -- C:\Program Files\Paltalk Messenger
[2006/01/02 19:36:15 | 00,000,000 | ---D | M] -- C:\Program Files\PCPhone
[2003/12/21 10:17:41 | 00,000,000 | ---D | M] -- C:\Program Files\PIXELA
[2004/05/13 04:32:01 | 00,000,000 | ---D | M] -- C:\Program Files\PowerTools 10
[2004/02/14 20:25:13 | 00,000,000 | ---D | M] -- C:\Program Files\PowerTools 11
[2002/07/09 14:36:12 | 00,000,000 | ---D | M] -- C:\Program Files\Qualcomm
[2008/02/15 04:27:48 | 00,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2005/06/21 16:15:13 | 00,000,000 | ---D | M] -- C:\Program Files\Real
[2008/12/27 17:52:10 | 00,000,000 | ---D | M] -- C:\Program Files\Registrar Lite
[2003/12/21 10:12:36 | 00,000,000 | ---D | M] -- C:\Program Files\REGSHAVE
[2002/06/07 23:15:17 | 00,000,000 | ---D | M] -- C:\Program Files\Roxio
[2002/07/08 15:04:23 | 00,000,000 | ---D | M] -- C:\Program Files\SecureCRT 3.0
[2004/12/29 09:46:15 | 00,000,000 | ---D | M] -- C:\Program Files\Shelltoys
[2008/06/23 03:51:49 | 00,000,000 | ---D | M] -- C:\Program Files\SmartDraw 2008
[2006/07/17 11:03:51 | 00,000,000 | ---D | M] -- C:\Program Files\SmartFTP
[2009/07/24 20:07:35 | 00,000,000 | ---D | M] -- C:\Program Files\Softnik Technologies
[2006/12/03 09:14:59 | 00,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2009/06/18 07:04:51 | 00,000,000 | ---D | M] -- C:\Program Files\SpywareBlaster
[2009/06/20 07:21:05 | 00,000,000 | ---D | M] -- C:\Program Files\SpywareGuard
[2008/12/28 06:41:56 | 00,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2006/02/12 21:54:13 | 00,000,000 | ---D | M] -- C:\Program Files\Symantec
[2009/01/12 23:01:41 | 00,000,000 | ---D | M] -- C:\Program Files\TC Web Conferencing
[2007/01/14 20:47:15 | 00,000,000 | ---D | M] -- C:\Program Files\The Weather Channel FW
[2004/11/22 15:30:27 | 00,000,000 | ---D | M] -- C:\Program Files\THQ
[2006/01/01 08:15:41 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2005/01/12 12:47:43 | 00,000,000 | ---D | M] -- C:\Program Files\Trymedia
[2002/06/07 23:11:04 | 00,000,000 | ---D | M] -- C:\Program Files\UIU
[2003/05/10 09:46:28 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2007/01/11 09:13:38 | 00,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2005/01/09 16:49:25 | 00,000,000 | ---D | M] -- C:\Program Files\Visionscape Interactive
[2005/12/30 15:39:09 | 00,000,000 | ---D | M] -- C:\Program Files\Weblookup
[2003/08/14 03:48:33 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Journal Viewer
[2008/12/28 05:25:00 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/12/28 05:24:58 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2004/08/26 12:49:35 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2008/02/23 05:41:32 | 00,000,000 | ---D | M] -- C:\Program Files\WinZip
[2002/06/07 22:50:52 | 00,000,000 | ---D | M] -- C:\Program Files\XEROX
[2005/12/16 17:13:07 | 00,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2005/02/09 18:04:06 | 00,000,000 | -H-D | M] -- C:\Program Files\Zero G Registry
< set /c >
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLASSPATH=.;"C:\Program Files\JavaSoft\JRE\1.3.1_02\lib\ext\QTJava.zip";C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MARC-HTFUOJHQ3J
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\MARC-HTFUOJHQ3J
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\DMI\WIN32\BIN;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\SecureCRT 3.0;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0204
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=MARC-HTFUOJHQ3J
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
WIN32DMIPATH=C:\DMI\WIN32
windir=C:\WINDOWS
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05D195EC
< End of report >
---------------------------------------------------------------------------------------------------------------------------
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Service Pack 3
[32_bits] - x86 Family 15 Model 2 Stepping 4, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Enabled
.
Internet Explorer 8.0.6001.18702
Mozilla Firefox 3.0.12 (en-US)
.
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:37 Go - Free:20 Go )
D:\ [Removable]
E:\ [CD_Rom]
.
Scan : 10:59.44
Path : C:\Documents and Settings\Administrator\Desktop\Rooter.exe
User : Administrator ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (476)
______ \??\C:\WINDOWS\system32\csrss.exe (532)
______ \??\C:\WINDOWS\SYSTEM32\winlogon.exe (556)
______ C:\WINDOWS\system32\services.exe (600)
______ C:\WINDOWS\system32\lsass.exe (612)
______ C:\WINDOWS\system32\svchost.exe (776)
______ C:\WINDOWS\system32\svchost.exe (824)
______ C:\WINDOWS\System32\svchost.exe (916)
______ C:\WINDOWS\System32\svchost.exe (1012)
______ C:\WINDOWS\System32\svchost.exe (1092)
______ C:\WINDOWS\system32\spoolsv.exe (1232)
______ C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (1268)
______ C:\WINDOWS\System32\svchost.exe (1324)
______ C:\WINDOWS\Explorer.EXE (1576)
______ C:\WINDOWS\Nhksrv.exe (1736)
______ C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe (1752)
______ C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (1764)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (1780)
______ C:\Program Files\Bonjour\mDNSResponder.exe (1796)
______ C:\DMI\WIN32\bin\DellDmi.exe (1840)
______ C:\Program Files\Dell\OpenManage\Client\EventAgt.exe (1880)
______ C:\Program Files\Dell\OpenManage\Client\DLT.exe (1908)
______ C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (1960)
______ C:\Program Files\Dell\OpenManage\Client\Iap.exe (2004)
______ C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (264)
______ C:\WINDOWS\system32\wdfmgr.exe (516)
______ C:\Program Files\Viewpoint\Common\ViewpointService.exe (868)
______ C:\dmi\win32\bin\Win32sl.exe (992)
______ C:\WINDOWS\System32\alg.exe (2180)
______ C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (2388)
______ C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (3036)
______ C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE (3092)
______ C:\Program Files\Common Files\Real\Update_OB\realsched.exe (3116)
______ C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (3136)
______ C:\Program Files\iTunes\iTunesHelper.exe (3236)
______ C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (3260)
______ C:\WINDOWS\system32\ctfmon.exe (3368)
______ C:\Program Files\filehippo.com\UpdateChecker.exe (3404)
______ C:\Program Files\SpywareGuard\sgmain.exe (3812)
______ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE (3896)
______ C:\Program Files\SpywareGuard\sgbhp.exe (884)
______ C:\Program Files\iPod\bin\iPodService.exe (876)
______ C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe (4004)
______ C:\Program Files\Mozilla Firefox\firefox.exe (4056)
______ C:\Documents and Settings\Administrator\Desktop\Rooter.exe (1432)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:39999504384)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\DESKTOP.INI
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500Core.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-265512186-1879188646-1710236443-500UA.job
C:\WINDOWS\Tasks\SA.DAT
C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
C:\WINDOWS\Tasks\WGASetup.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 11:00.13
.
C:\Rooter$\Rooter_1.txt - (24/07/2009 | 11:00.14)
hi
Run OTL
Download TFC to your desktop
Please download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
Go to Kaspersky website and perform an online antivirus scan.
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the followingCODE:OTL
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()
SRV - (0012251245013674mcinstcleanup [Auto | Stopped]) -- File not found
[2008/11/16 06:18:27 | 00,000,000 | -HSD | M] -- C:\found.000
:Services
:Reg
:Files
:Commands
[purity]
[emptytemp]
[Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
Download TFC to your desktop
- Open the file and close any other windows.
- It will close all programs itself when run, make sure to let it run uninterrupted.
- Click the Start button to begin the process. The program should not take long to finish its job
- Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
Please download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
Go to Kaspersky website and perform an online antivirus scan.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases - Click on My Computer under Scan.
- Once the scan is complete, it will display the results. Click on View Scan Report.
- You will see a list of infected items there. Click on Save Report As....
- Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
Hi Kapersky seems to be 'getting stuck' in updating the database mode.
Marc
Marc
post the mbam log and do this instead
Please click here to download AVP Tool by Kaspersky.
Please click here to download AVP Tool by Kaspersky.
- Save it to your desktop.
- Reboot your computer into SafeMode.
You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
Use your up arrow key to highlight SafeMode then hit enter. - Double click the setup file to run it.
- Click Next to continue.
- It will by default install it to your desktop folder.Click Next.
- Hit ok at the prompt for scanning in Safe Mode.
- It will then open a box There will be a tab that says Automatic scan.
- Under Automatic scan make sure these are checked.
- System Memory
- Startup Objects
- Disk Boot Sectors.
- My Computer.
- Also any other drives (Removable that you may have)
- Then click on Scan at the to right hand Corner.
- It will automatically Neutralize any objects found.
- If some objects are left unneutralized then click the button that says Neutralize all
- If it says it cannot be Neutralized then chooose The delete option when prompted.
- After that is done click on the reports button at the bottom and save it to file name it Kas.
- Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.
Note: This tool will self uninstall when you close it so please save the log before closing it.
QUOTE (Rorschach112 @ Jul 27 2009, 11:43 AM) 
post the mbam log and do this instead
Please click here to download AVP Tool by Kaspersky.
Please click here to download AVP Tool by Kaspersky.
- Save it to your desktop.
- Reboot your computer into SafeMode.
You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
Use your up arrow key to highlight SafeMode then hit enter. - Double click the setup file to run it.
- Click Next to continue.
- It will by default install it to your desktop folder.Click Next.
- Hit ok at the prompt for scanning in Safe Mode.
- It will then open a box There will be a tab that says Automatic scan.
- Under Automatic scan make sure these are checked.
- System Memory
- Startup Objects
- Disk Boot Sectors.
- My Computer.
- Also any other drives (Removable that you may have)
- Then click on Scan at the to right hand Corner.
- It will automatically Neutralize any objects found.
- If some objects are left unneutralized then click the button that says Neutralize all
- If it says it cannot be Neutralized then chooose The delete option when prompted.
- After that is done click on the reports button at the bottom and save it to file name it Kas.
- Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.
Note: This tool will self uninstall when you close it so please save the log before closing it.
Sorry if this is a stupid question... my up and down arrows won't let me move to highlight after clicking F8 when the page appears.
Marc
you can do it in normal mode
QUOTE (Rorschach112 @ Aug 2 2009, 09:58 AM)
you can do it in normal mode
I have Avira free edition should I get rid if it before I install?
Marc
no
can run a full scan with that and post its log too
can run a full scan with that and post its log too
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.