Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE crashing, pc running slow


  • This topic is locked This topic is locked
18 replies to this topic

#1 role2682

role2682

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 02 August 2009 - 04:08 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:35:14 PM, on 8/2/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GroupManager] "C:\Program Files (x86)\BitDefender Antivirus Plus v10.247\groupmanager.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [NVIDIA nTune] C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe resetprofile
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10223 bytes

Edited by role2682, 02 August 2009 - 04:37 PM.


BC AdBot (Login to Remove)

 


#2 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:03:20 PM

Posted 11 August 2009 - 02:10 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
Shannon

#3 role2682

role2682
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 13 August 2009 - 07:56 PM

I tried both links and they both say "this tool does not support your operating system" Is there another program I can use. I'm running Vista 64 ultimate.

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 15 August 2009 - 03:38 PM

Hello.

Run OTL. Then, give me an update of the condition of your machine.

Download and run OTL
  • Download OTL by OldTimer and save it to your desktop.
  • Double click on the Posted Image icon on your desktop. If you are using Vista, please right-click and select run as administrator
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • It will now begin to scan, please be paitent while it scans.
  • Two reports will open once it's done.
  • Please copy and paste them in your next reply:
  • OTL.txt <-- Will be opened
  • Extras.txt <-- Will be minimized

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#5 role2682

role2682
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 15 August 2009 - 06:53 PM

OTL logfile created on: 8/15/2009 7:49:26 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\HomeServer\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 58.44% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 139.73 Gb Total Space | 88.04 Gb Free Space | 63.01% Space Free | Partition Type: NTFS
Drive D: | 279.47 Gb Total Space | 9.70 Gb Free Space | 3.47% Space Free | Partition Type: NTFS
Drive E: | 279.45 Gb Total Space | 3.82 Gb Free Space | 1.37% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 1.80 Gb Free Space | 0.77% Space Free | Partition Type: NTFS
Drive G: | 279.45 Gb Total Space | 78.99 Gb Free Space | 28.27% Space Free | Partition Type: NTFS
Drive H: | 698.63 Gb Total Space | 1.16 Gb Free Space | 0.17% Space Free | Partition Type: NTFS
Drive I: | 931.51 Gb Total Space | 1.15 Gb Free Space | 0.12% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 10.22 Gb Free Space | 2.19% Space Free | Partition Type: NTFS
Drive M: | 298.09 Gb Total Space | 176.56 Gb Free Space | 59.23% Space Free | Partition Type: NTFS
Drive N: | 465.75 Gb Total Space | 0.35 Gb Free Space | 0.08% Space Free | Partition Type: NTFS

Computer Name: HOMESERVER-PC
Current User Name: HomeServer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2008/06/08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006/12/19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008/06/03 02:06:34 | 05,964,800 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2008/12/10 05:02:30 | 00,216,520 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2009/04/28 11:33:38 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/01/06 14:06:36 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/02/05 16:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/01/06 14:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe
PRC - [2009/08/06 12:29:27 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/08/15 19:48:58 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\HomeServer\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2006/11/02 07:16:04 | 00,010,240 | ---- | M] () -- C:\Windows\SysNative\regedt32.exe -- (.EsetTrialReset [Auto | Stopped])
SRV:64bit: - [2008/01/20 22:50:23 | 00,195,584 | ---- | M] () -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt [On_Demand | Stopped])
SRV:64bit: - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV:64bit: - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV:64bit: - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV:64bit: - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV:64bit: - [2008/01/20 22:51:03 | 00,598,016 | ---- | M] () -- C:\Windows\SysNative\cscsvc.dll -- (CscService [Auto | Running])
SRV:64bit: - [2008/01/20 22:47:07 | 00,689,152 | ---- | M] () -- C:\Windows\SysNative\fxssvc.exe -- (Fax [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 22:51:22 | 00,252,928 | ---- | M] () -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService [On_Demand | Running])
SRV:64bit: - [2008/01/20 22:46:36 | 01,147,904 | ---- | M] () -- C:\Windows\SysNative\wbengine.exe -- (wbengine [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 22:46:39 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV:64bit: - [2008/01/20 22:51:24 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2006/11/02 05:45:35 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\regedt32.exe -- (.EsetTrialReset [Auto | Stopped])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 14:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/27 14:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2008/01/20 22:50:39 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008/01/20 22:50:39 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 11:03:44 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/06/26 17:14:34 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/06/19 21:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/06/19 21:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/01/06 14:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/11/02 05:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Running])
SRV - [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2006/11/02 09:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2008/06/08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
SRV - [2008/01/20 22:47:35 | 00,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2008/06/24 16:05:56 | 00,537,896 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2008/08/18 10:02:00 | 00,222,208 | ---- | M] (NVIDIA) -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/12/19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running])
SRV - [2008/01/20 22:46:08 | 00,211,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr [Auto | Running])
SRV - [2008/08/01 12:11:20 | 00,158,208 | ---- | M] (NVIDIA) -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService [Auto | Running])
SRV - [2006/11/02 02:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006/11/02 02:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])
SRV - [2008/01/20 22:46:08 | 00,428,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm [Auto | Running])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2008/01/18 16:16:14 | 00,109,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016bus.sys -- (a016bus [On_Demand | Stopped])
DRV:64bit: - [2008/01/18 16:16:16 | 00,019,496 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016mdfl.sys -- (a016mdfl [On_Demand | Stopped])
DRV:64bit: - [2008/01/18 16:16:18 | 00,146,472 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016mdm.sys -- (a016mdm [On_Demand | Stopped])
DRV:64bit: - [2008/01/18 16:16:18 | 00,130,600 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016mgmt.sys -- (a016mgmt [On_Demand | Stopped])
DRV:64bit: - [2008/01/18 16:16:20 | 00,125,480 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016obex.sys -- (a016obex [On_Demand | Stopped])
DRV:64bit: - [2009/02/05 16:07:17 | 00,022,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV:64bit: - [2009/02/05 16:07:07 | 00,064,592 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
DRV:64bit: - [2009/02/05 16:06:13 | 00,027,216 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr [System | Running])
DRV:64bit: - [2009/02/05 16:07:36 | 00,089,680 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP [System | Running])
DRV:64bit: - [2009/02/05 16:06:23 | 00,058,448 | ---- | M] () -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV:64bit: - [2008/01/20 22:51:03 | 00,460,800 | ---- | M] () -- C:\Windows\SysNative\drivers\csc.sys -- (CSC [System | Running])
DRV:64bit: - [2007/02/15 20:57:06 | 00,040,648 | ---- | M] () -- C:\Windows\SysNative\Drivers\ElbyCDFL.sys -- (ElbyCDFL [On_Demand | Running])
DRV:64bit: - [2007/08/07 15:48:37 | 00,032,712 | ---- | M] () -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running])
DRV:64bit: - [2008/04/22 09:53:36 | 00,012,744 | R--- | M] () -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64 [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:51:10 | 00,161,848 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\fvevol.sys -- (fvevol [Boot | Running])
DRV:64bit: - [2008/04/17 14:12:54 | 00,019,304 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV:64bit: - [2006/11/02 01:28:10 | 00,273,920 | ---- | M] () -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
DRV:64bit: - [2008/06/30 13:28:00 | 00,056,320 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys -- (L1E [On_Demand | Running])
DRV:64bit: - [2006/11/01 03:23:42 | 00,015,680 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV:64bit: - [2008/06/23 18:21:32 | 00,173,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx [Boot | Running])
DRV:64bit: - [2009/05/09 01:14:20 | 00,015,752 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys -- (NuidFltr [On_Demand | Running])
DRV:64bit: - [2006/11/28 21:46:20 | 00,043,328 | ---- | M] () -- C:\Windows\SysNative\Drivers\PCAMp50a64.sys -- (PCAMp50a64 [On_Demand | Stopped])
DRV:64bit: - [2006/11/28 21:46:20 | 00,041,280 | ---- | M] () -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64 [On_Demand | Stopped])
DRV:64bit: - [2008/12/04 11:34:54 | 00,033,160 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\point64k.sys -- (Point64 [On_Demand | Running])
DRV:64bit: - [2008/04/16 15:49:34 | 00,028,416 | ---- | M] () -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb [On_Demand | Stopped])
DRV:64bit: - [2006/09/18 17:27:33 | 00,055,640 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\Rtnic64.sys -- (RTL8023x64 [On_Demand | Stopped])
DRV:64bit: - [2008/12/26 17:29:32 | 00,868,848 | ---- | M] () -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV:64bit: - [2008/01/20 22:46:32 | 00,012,288 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam [On_Demand | Running])
DRV:64bit: - [2008/11/07 15:23:30 | 00,040,448 | ---- | M] () -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64 [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:46:12 | 00,098,816 | ---- | M] () -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:46:00 | 00,019,456 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
DRV:64bit: - [2008/09/30 03:22:32 | 00,553,472 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\WNDA31vx.sys -- (WNDA3100 [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:46:34 | 00,046,080 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb [On_Demand | Stopped])
DRV:64bit: - [2007/02/26 19:15:20 | 00,092,704 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21 [On_Demand | Stopped])
DRV - [2007/12/17 05:14:14 | 00,014,392 | R--- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys -- (AsIO [System | Running])
DRV - [2008/12/26 13:33:33 | 00,000,000 | ---D | M] -- C:\Windows\CSC -- (CSC [System | Running])
DRV - [2007/02/15 20:57:06 | 00,040,648 | ---- | M] (SlySoft, Inc.) -- C:\Windows\SysWow64\Drivers\ElbyCDFL.sys -- (ElbyCDFL [On_Demand | Running])
DRV - [2006/04/20 18:42:02 | 00,081,920 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\SysWow64\ElbyCDIO.dll -- (ElbyCDIO [System | Running])
DRV - [2006/09/18 17:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2008/08/18 10:04:02 | 00,040,480 | ---- | M] (NVidia Corp.) -- C:\Windows\nvoclk64.sys -- (NVR0Dev [On_Demand | Running])
DRV - [2008/08/01 12:08:28 | 00,040,480 | ---- | M] (NVidia Corp.) -- C:\Windows\nvflsh64.sys -- (NVR0FLASHDev [Auto | Running])
DRV - [2009/04/28 11:33:42 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Stopped])
DRV - [2009/04/28 11:33:44 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/04/28 11:33:40 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Stopped])
DRV - [2006/09/18 17:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\S-1-5-21-4050978306-452591223-2502459960-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/02 17:40:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/08/06 12:29:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/08/09 13:54:46 | 00,000,000 | ---D | M]

[2009/01/03 16:11:41 | 00,000,000 | ---D | M] -- C:\Users\HomeServer\AppData\Roaming\mozilla\Extensions
[2009/01/03 16:11:41 | 00,000,000 | ---D | M] -- C:\Users\HomeServer\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/13 14:53:09 | 00,000,000 | ---D | M] -- C:\Users\HomeServer\AppData\Roaming\mozilla\Firefox\Profiles\d3fiqvzz.default\extensions
[2009/08/04 18:52:11 | 00,000,000 | ---D | M] -- C:\Users\HomeServer\AppData\Roaming\mozilla\Firefox\Profiles\d3fiqvzz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/23 21:48:04 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/08/06 12:29:28 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/23 21:48:04 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/08/06 12:29:27 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/08/06 12:29:27 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009/07/23 21:47:53 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009/08/06 12:29:27 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2006/10/26 21:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2008/12/02 04:04:40 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2008/12/02 04:04:40 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2008/12/02 04:04:40 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2008/12/02 04:04:40 | 00,002,343 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2008/12/02 04:04:40 | 00,001,706 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2008/12/02 04:04:40 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2008/12/02 04:04:40 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files (x86)\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BbInstallUser] C:\Program Files\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe (Bluebeam Software, Inc.)
O4:64bit: - HKLM..\Run: [BbPrintMonitor] C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe (Bluebeam Software, Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\Skytel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKU\S-1-5-21-4050978306-452591223-2502459960-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4050978306-452591223-2502459960-1000..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.73.246 68.87.71.230
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/15 02:32:20 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/27 19:26:41 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/02/26 00:32:25 | 00,000,000 | -HS- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{24034685-d373-11dd-bda0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{24034685-d373-11dd-bda0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe -- File not found
O33 - MountPoints2\{ab7c41f7-f951-11dd-8e33-0010b5fe43fb}\Shell\AutoRun\command - "" = C:\Windows\SysWow64\setupSNK.exe -- [2008/01/20 22:46:42 | 00,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{ab7c41fa-f951-11dd-8e33-0010b5fe43fb}\Shell - "" = AutoRun
O33 - MountPoints2\{ab7c41fa-f951-11dd-8e33-0010b5fe43fb}\Shell\AutoRun\command - "" = O:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/08/15 19:49:08 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\HomeServer\Desktop\OTL.exe
[2009/08/15 19:25:23 | 00,000,023 | -HS- | C] () -- C:\Windows\SysWow64\ed4_d.dll
[2009/08/15 19:25:23 | 00,000,023 | ---- | C] () -- C:\Windows\SysWow64\feed6_d.ocx
[2009/08/15 19:25:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\RegSupreme Pro
[2009/08/15 11:37:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Panda USB Vaccine
[2009/08/13 20:45:37 | 00,000,956 | ---- | C] () -- C:\Users\HomeServer\Desktop\Stream Torrent 1.0.lnk
[2009/08/13 20:45:37 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\AppData\Roaming\StreamTorrent
[2009/08/13 20:45:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\StreamTorrent 1.0
[2009/08/09 13:49:48 | 00,000,000 | ---D | C] -- C:\_OTS
[2009/08/08 00:40:59 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\AppData\Roaming\vlc
[2009/08/08 00:40:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2009/08/08 00:37:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\TVAnts
[2009/08/07 11:24:59 | 00,031,744 | ---- | C] () -- C:\Users\HomeServer\Documents\Carroll Manor Material Change Letter.doc
[2009/08/06 21:36:26 | 00,000,013 | ---- | C] () -- C:\Windows\msgtn.ini
[2009/08/06 21:36:25 | 00,000,113 | ---- | C] () -- C:\Windows\PPSMediaList.ini
[2009/08/06 21:36:25 | 00,000,063 | ---- | C] () -- C:\Windows\powerlist.ini
[2009/08/06 21:36:03 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\AppData\Roaming\PPStream
[2009/08/06 21:36:02 | 00,000,802 | ---- | C] () -- C:\Windows\psnetwork.ini
[2009/08/06 21:36:02 | 00,000,404 | ---- | C] () -- C:\Windows\powerplayer.ini
[2009/08/06 21:36:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PPStream
[2009/08/06 21:30:44 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\Desktop\UUSee 2007 English
[2009/08/06 21:21:46 | 00,000,000 | ---D | C] -- C:\ProgramData\Google
[2009/08/06 21:21:43 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\uusee
[2009/08/02 19:05:23 | 00,022,040 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2009/08/02 17:32:19 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/08/02 17:32:19 | 01,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2009/08/02 17:32:19 | 00,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2009/08/02 17:32:19 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/08/02 17:32:19 | 00,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2009/08/02 17:32:19 | 00,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2009/08/02 17:32:18 | 00,700,928 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2009/08/02 17:32:18 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/08/02 17:32:18 | 00,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2009/08/02 17:32:18 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009/08/02 17:32:18 | 00,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2009/08/02 17:32:18 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/08/02 17:32:18 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/08/02 17:32:17 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/08/02 17:32:17 | 01,146,880 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2009/08/02 17:32:17 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/08/02 17:32:17 | 00,458,240 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2009/08/02 17:32:17 | 00,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/08/02 17:32:17 | 00,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2009/08/02 17:32:17 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/08/02 17:32:17 | 00,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2009/08/02 17:32:17 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009/08/02 17:32:17 | 00,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2009/08/02 17:32:17 | 00,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2009/08/02 17:32:17 | 00,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2009/08/02 17:32:17 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009/08/02 17:32:17 | 00,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2009/08/02 17:32:16 | 02,334,208 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2009/08/02 17:32:16 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/08/02 17:32:16 | 01,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2009/08/02 17:32:16 | 01,484,288 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2009/08/02 17:32:16 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009/08/02 17:32:16 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009/08/02 17:32:16 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009/08/02 17:32:15 | 12,458,496 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2009/08/02 17:32:15 | 11,067,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/08/02 17:32:14 | 09,233,408 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2009/08/02 17:32:14 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/08/02 17:32:13 | 00,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2009/08/02 17:32:13 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/08/02 17:32:13 | 00,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2009/08/02 17:32:13 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009/08/02 17:30:46 | 00,161,792 | ---- | C] () -- C:\Windows\SysNative\advpack.dll
[2009/08/02 17:30:46 | 00,088,064 | ---- | C] () -- C:\Windows\SysNative\admparse.dll
[2009/08/02 17:30:46 | 00,022,528 | ---- | C] () -- C:\Windows\SysNative\corpol.dll
[2009/08/02 17:30:45 | 00,223,232 | ---- | C] () -- C:\Windows\SysNative\msls31.dll
[2009/08/02 17:30:45 | 00,157,696 | ---- | C] () -- C:\Windows\SysNative\ieakeng.dll
[2009/08/02 17:30:45 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2009/08/02 17:30:45 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2009/08/02 17:30:45 | 00,085,504 | ---- | C] () -- C:\Windows\SysNative\icardie.dll
[2009/08/02 17:30:45 | 00,077,824 | ---- | C] () -- C:\Windows\SysNative\tdc.ocx
[2009/08/02 17:30:45 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2009/08/02 17:30:45 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2009/08/02 17:30:45 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2009/08/02 17:30:45 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2009/08/02 17:30:44 | 00,481,280 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2009/08/02 17:30:44 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2009/08/02 17:30:44 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2009/08/02 17:30:44 | 00,125,952 | ---- | C] () -- C:\Windows\SysNative\inseng.dll
[2009/08/02 17:30:44 | 00,076,288 | ---- | C] () -- C:\Windows\SysNative\wextract.exe
[2009/08/02 17:30:44 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2009/08/02 17:30:44 | 00,063,488 | ---- | C] () -- C:\Windows\SysNative\pngfilt.dll
[2009/08/02 17:30:44 | 00,055,808 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll
[2009/08/02 17:30:44 | 00,052,736 | ---- | C] () -- C:\Windows\SysNative\imgutil.dll
[2009/08/02 17:30:44 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2009/08/02 17:30:43 | 01,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2009/08/02 17:30:43 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2009/08/02 17:30:43 | 00,508,416 | ---- | C] () -- C:\Windows\SysNative\dxtmsft.dll
[2009/08/02 17:30:43 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2009/08/02 17:30:43 | 00,318,464 | ---- | C] () -- C:\Windows\SysNative\dxtrans.dll
[2009/08/02 17:30:43 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2009/08/02 17:30:43 | 00,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2009/08/02 17:30:43 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2009/08/02 17:30:42 | 00,304,640 | ---- | C] () -- C:\Windows\SysNative\webcheck.dll
[2009/08/02 17:30:42 | 00,278,528 | ---- | C] () -- C:\Windows\SysNative\WinFXDocObj.exe
[2009/08/02 17:30:42 | 00,271,872 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2009/08/02 17:30:42 | 00,241,664 | ---- | C] () -- C:\Windows\SysNative\msrating.dll
[2009/08/02 17:30:42 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webcheck.dll
[2009/08/02 17:30:42 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2009/08/02 17:30:42 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinFXDocObj.exe
[2009/08/02 17:30:42 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2009/08/02 17:30:42 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2009/08/02 17:30:42 | 00,163,840 | ---- | C] () -- C:\Windows\SysNative\ieakui.dll
[2009/08/02 17:30:42 | 00,131,584 | ---- | C] () -- C:\Windows\SysNative\PDMSetup.exe
[2009/08/02 17:30:42 | 00,129,024 | ---- | C] () -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2009/08/02 17:30:42 | 00,128,512 | ---- | C] () -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2009/08/02 17:30:42 | 00,125,440 | ---- | C] () -- C:\Windows\SysNative\SetDepNx.exe
[2009/08/02 17:30:42 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2009/08/02 17:30:42 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2009/08/02 17:30:42 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2009/08/02 17:30:42 | 00,041,984 | ---- | C] () -- C:\Windows\SysNative\mshta.exe
[2009/08/02 17:30:41 | 00,817,664 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2009/08/02 17:30:41 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2009/08/02 17:30:41 | 00,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2009/08/02 17:30:41 | 00,479,744 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2009/08/02 17:30:41 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2009/08/02 17:30:41 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2009/08/02 17:30:41 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2009/08/02 17:30:41 | 00,108,032 | ---- | C] () -- C:\Windows\SysNative\url.dll
[2009/08/02 17:30:41 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2009/08/02 17:30:41 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2009/08/02 17:30:41 | 00,048,128 | ---- | C] () -- C:\Windows\SysNative\mshtmler.dll
[2009/08/02 17:30:41 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshta.exe
[2009/08/02 17:30:40 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2009/08/02 17:30:40 | 03,698,584 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat
[2009/08/02 17:30:40 | 00,193,536 | ---- | C] () -- C:\Windows\SysNative\iexpress.exe
[2009/08/02 17:30:40 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PDMSetup.exe
[2009/08/02 17:30:40 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2009/08/02 17:30:40 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2009/08/02 17:30:40 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetDepNx.exe
[2009/07/29 23:33:20 | 00,034,304 | ---- | C] () -- C:\Users\HomeServer\Desktop\JTK Resume.doc
[2009/07/27 17:25:33 | 00,012,084 | ---- | C] () -- C:\Users\HomeServer\Documents\Book1.xlsx
[2009/07/27 17:08:36 | 00,729,088 | ---- | C] () -- C:\Users\HomeServer\Documents\AndersonM_Access Quiz_072709.accdb
[2009/07/27 01:19:49 | 48,417,8607 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/07/23 21:48:03 | 00,410,984 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/07/23 21:48:03 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/07/23 21:48:03 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/07/23 21:48:03 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/07/23 21:47:47 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2009/07/22 16:30:48 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\Documents\AutoCad 2010
[2009/07/21 22:41:40 | 00,000,000 | --SD | C] -- C:\Users\HomeServer\Documents\My Data Sources
[2009/04/27 14:20:34 | 00,004,096 | ---- | C] () -- C:\Windows\SysWow64\drivers\portio64.sys
[2009/04/27 14:20:34 | 00,002,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\portio32.sys
[2009/03/13 20:02:17 | 00,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/02/04 05:50:32 | 00,024,576 | ---- | C] () -- C:\Windows\SysWow64\nsis_loader.dll
[2009/01/08 06:10:23 | 01,525,760 | ---- | C] () -- C:\Windows\SysWow64\calclib.dll
[2008/12/26 00:06:26 | 00,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2008/12/26 00:06:26 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008/12/25 22:38:37 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008/12/25 22:38:37 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008/12/25 22:38:35 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008/12/25 22:38:35 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008/12/25 10:22:44 | 00,030,808 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008/12/25 10:22:21 | 00,030,418 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/10/07 10:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 10:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/01/20 22:49:10 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 22:48:56 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/12/28 03:22:02 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2006/11/02 08:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 08:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/09/13 07:06:10 | 00,045,056 | ---- | C] () -- C:\Windows\SysWow64\gtapi.dll

========== Files - Modified Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/08/15 19:48:58 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\HomeServer\Desktop\OTL.exe
[2009/08/15 19:39:56 | 00,003,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/15 19:39:56 | 00,003,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/15 19:25:23 | 00,000,023 | -HS- | M] () -- C:\Windows\SysWow64\ed4_d.dll
[2009/08/15 19:25:23 | 00,000,023 | ---- | M] () -- C:\Windows\SysWow64\feed6_d.ocx
[2009/08/15 15:44:21 | 03,020,680 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/08/15 15:44:21 | 00,942,778 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/08/15 15:44:21 | 00,004,884 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/08/15 15:39:58 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/15 15:39:55 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/15 15:36:27 | 04,263,144 | -H-- | M] () -- C:\Users\HomeServer\AppData\Local\IconCache.db
[2009/08/13 20:45:37 | 00,000,956 | ---- | M] () -- C:\Users\HomeServer\Desktop\Stream Torrent 1.0.lnk
[2009/08/07 11:24:59 | 00,031,744 | ---- | M] () -- C:\Users\HomeServer\Documents\Carroll Manor Material Change Letter.doc
[2009/08/06 21:44:04 | 00,000,802 | ---- | M] () -- C:\Windows\psnetwork.ini
[2009/08/06 21:44:04 | 00,000,404 | ---- | M] () -- C:\Windows\powerplayer.ini
[2009/08/06 21:44:04 | 00,000,113 | ---- | M] () -- C:\Windows\PPSMediaList.ini
[2009/08/06 21:44:04 | 00,000,013 | ---- | M] () -- C:\Windows\msgtn.ini
[2009/08/06 21:36:49 | 00,000,063 | ---- | M] () -- C:\Windows\powerlist.ini
[2009/08/06 20:53:10 | 00,040,448 | ---- | M] () -- C:\Users\HomeServer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/06 12:22:06 | 48,417,8607 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/08/06 10:25:10 | 00,000,111 | ---- | M] () -- C:\Users\HomeServer\AppData\Roaming\default.pls
[2009/08/04 18:51:30 | 00,445,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/08/03 19:38:02 | 00,133,224 | ---- | M] () -- C:\Users\HomeServer\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/02 18:28:45 | 00,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.new
[2009/08/02 17:36:55 | 00,000,219 | ---- | M] () -- C:\Windows\win.ini
[2009/07/30 20:09:32 | 00,002,579 | ---- | M] () -- C:\Users\HomeServer\Desktop\Microsoft Office Publisher 2007.lnk
[2009/07/29 23:33:20 | 00,034,304 | ---- | M] () -- C:\Users\HomeServer\Desktop\JTK Resume.doc
[2009/07/27 17:56:03 | 00,729,088 | ---- | M] () -- C:\Users\HomeServer\Documents\AndersonM_Access Quiz_072709.accdb
[2009/07/27 17:25:33 | 00,012,084 | ---- | M] () -- C:\Users\HomeServer\Documents\Book1.xlsx
[2009/07/23 21:47:52 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/07/23 21:47:52 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/07/23 21:47:52 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/07/23 21:47:51 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/07/21 18:11:15 | 01,146,880 | ---- | M] () -- C:\Windows\SysNative\wininet.dll
[2009/07/21 18:11:04 | 01,484,288 | ---- | M] () -- C:\Windows\SysNative\urlmon.dll
[2009/07/21 18:09:54 | 00,243,712 | ---- | M] () -- C:\Windows\SysNative\occache.dll
[2009/07/21 18:07:37 | 09,233,408 | ---- | M] () -- C:\Windows\SysNative\mshtml.dll
[2009/07/21 18:07:34 | 00,700,928 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll
[2009/07/21 18:07:34 | 00,071,680 | ---- | M] () -- C:\Windows\SysNative\msfeedsbs.dll
[2009/07/21 18:06:56 | 00,031,744 | ---- | M] () -- C:\Windows\SysNative\jsproxy.dll
[2009/07/21 18:06:48 | 01,538,560 | ---- | M] () -- C:\Windows\SysNative\inetcpl.cpl
[2009/07/21 18:06:31 | 02,334,208 | ---- | M] () -- C:\Windows\SysNative\iertutil.dll
[2009/07/21 18:06:31 | 00,219,136 | ---- | M] () -- C:\Windows\SysNative\ieui.dll
[2009/07/21 18:06:31 | 00,132,096 | ---- | M] () -- C:\Windows\SysNative\iesysprep.dll
[2009/07/21 18:06:31 | 00,077,312 | ---- | M] () -- C:\Windows\SysNative\iesetup.dll
[2009/07/21 18:06:30 | 12,458,496 | ---- | M] () -- C:\Windows\SysNative\ieframe.dll
[2009/07/21 18:06:30 | 00,252,416 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll
[2009/07/21 18:06:30 | 00,072,192 | ---- | M] () -- C:\Windows\SysNative\iernonce.dll
[2009/07/21 18:06:27 | 00,458,240 | ---- | M] () -- C:\Windows\SysNative\iedkcs32.dll
[2009/07/21 17:52:28 | 00,915,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/07/21 17:52:13 | 01,208,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/07/21 17:50:46 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/07/21 17:48:31 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/07/21 17:48:27 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/07/21 17:48:27 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/07/21 17:47:47 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/07/21 17:47:41 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009/07/21 17:47:28 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/07/21 17:47:28 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009/07/21 17:47:27 | 01,985,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/07/21 17:47:27 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009/07/21 17:47:26 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/07/21 17:47:26 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009/07/21 17:47:26 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009/07/21 17:47:21 | 00,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/07/21 16:34:53 | 00,162,816 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe
[2009/07/21 16:34:41 | 00,070,656 | ---- | M] () -- C:\Windows\SysNative\ie4uinit.exe
[2009/07/21 16:34:12 | 00,012,288 | ---- | M] () -- C:\Windows\SysNative\msfeedssync.exe
[2009/07/21 16:34:00 | 01,638,912 | ---- | M] () -- C:\Windows\SysNative\mshtml.tlb
[2009/07/21 16:13:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/07/21 16:13:51 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009/07/21 16:13:15 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009/07/21 16:12:49 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/07/21 15:09:32 | 00,057,667 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2009/07/21 14:31:43 | 00,057,667 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2009/07/19 14:42:09 | 00,000,443 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
< End of report >
-------------------------------------------------------

OTL Extras logfile created on: 8/15/2009 7:49:26 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\HomeServer\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 58.44% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 139.73 Gb Total Space | 88.04 Gb Free Space | 63.01% Space Free | Partition Type: NTFS
Drive D: | 279.47 Gb Total Space | 9.70 Gb Free Space | 3.47% Space Free | Partition Type: NTFS
Drive E: | 279.45 Gb Total Space | 3.82 Gb Free Space | 1.37% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 1.80 Gb Free Space | 0.77% Space Free | Partition Type: NTFS
Drive G: | 279.45 Gb Total Space | 78.99 Gb Free Space | 28.27% Space Free | Partition Type: NTFS
Drive H: | 698.63 Gb Total Space | 1.16 Gb Free Space | 0.17% Space Free | Partition Type: NTFS
Drive I: | 931.51 Gb Total Space | 1.15 Gb Free Space | 0.12% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 10.22 Gb Free Space | 2.19% Space Free | Partition Type: NTFS
Drive M: | 298.09 Gb Total Space | 176.56 Gb Free Space | 59.23% Space Free | Partition Type: NTFS
Drive N: | 465.75 Gb Total Space | 0.35 Gb Free Space | 0.08% Space Free | Partition Type: NTFS

Computer Name: HOMESERVER-PC
Current User Name: HomeServer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe ()
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe ()
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe ()
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe ()
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe ()
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe ()
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Users\HomeServer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G9ZVTQO6\ppstreamsetup[1].exe" = C:\Users\HomeServer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G9ZVTQO6\ppstreamsetup[1].exe:*:Enabled:PPStream Installer -- File not found
"C:\Program Files (x86)\PPStream\PPStream.exe" = C:\Program Files (x86)\PPStream\PPStream.exe:*:Enabled:PPS网络电视 -- (PPStream Inc.)
"C:\Program Files (x86)\PPStream\PPSAP.exe" = C:\Program Files (x86)\PPStream\PPSAP.exe:*:Enabled:PPS 网络加速器 -- (PPStream Inc)
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Users\HomeServer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G9ZVTQO6\ppstreamsetup[1].exe" = C:\Users\HomeServer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G9ZVTQO6\ppstreamsetup[1].exe:*:Enabled:PPStream Installer -- File not found
"C:\Program Files (x86)\PPStream\PPStream.exe" = C:\Program Files (x86)\PPStream\PPStream.exe:*:Enabled:PPS网络电视 -- (PPStream Inc.)
"C:\Program Files (x86)\PPStream\PPSAP.exe" = C:\Program Files (x86)\PPStream\PPSAP.exe:*:Enabled:PPS 网络加速器 -- (PPStream Inc)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A0A907-465E-4A4C-A583-B649A49CA103}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{067B96DD-FC62-476C-B432-561A169B11DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{080C2FEF-4380-4232-A115-6C8D49752896}" = lport=56763 | protocol=6 | dir=in | name=pmb p2p tcp listening port |
"{0D569C78-760A-4491-9184-3E105C5841C3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14E3CF7D-2628-48FB-B44A-A03FFBF8C826}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{24B01739-5759-4349-87A1-8A2E3500546D}" = rport=10244 | protocol=6 | dir=out | app=system |
"{285A2F09-79B0-4BAD-ADA3-416EE625B430}" = lport=3390 | protocol=6 | dir=in | app=system |
"{2A922AB7-AB51-41A1-A409-9254BC3412D5}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{31DE936A-25F9-4E95-A58B-8FB760C19854}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{388211DA-CBFD-4C69-8495-B0E0CA91A076}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{49E78770-A870-4B3B-845F-908E1FE25EB5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{49F0E855-E003-4364-9D70-C14FB4A874C6}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5436B7B2-CDA2-42D6-9040-2061A0E04316}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{65D968D7-DBAF-4778-8083-E6ABF4F2FFC5}" = lport=10244 | protocol=6 | dir=in | app=system |
"{6677A9DF-242D-403F-B3CF-06EA855159B6}" = rport=137 | protocol=17 | dir=out | app=system |
"{6A0B54B6-1745-4739-9505-F6529BAE799E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6CF67F8B-6292-4809-8948-FCC1E441EFF3}" = rport=138 | protocol=17 | dir=out | app=system |
"{6F7F402A-71A6-4720-B15E-5608E9823FF2}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{74756841-8CB6-4989-8A89-D27E1C4F2A0F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E7146AF-243B-4819-869C-8C2BA2F8EBA6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82B92CA6-00B4-402F-875F-B896B4D6BDED}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{871C156C-C71C-4007-838B-10DD097D4F6E}" = rport=10244 | protocol=6 | dir=out | app=system |
"{9D6C2EE9-0939-4699-8C36-54B19F62971E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F184850-A778-4136-810A-EAA668C10C58}" = lport=137 | protocol=17 | dir=in | app=system |
"{A02430BE-4FB2-4035-A0DA-81E392909DB3}" = rport=445 | protocol=6 | dir=out | app=system |
"{A6114F44-A7E0-4C10-BE82-4E4C497D092F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{AA03447D-F01D-4BDF-A223-CF902B02ACFB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AD9C0942-4573-41A0-BE7B-B260CC899503}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B02F4CBA-E521-4987-AB7B-D3239B645414}" = lport=445 | protocol=6 | dir=in | app=system |
"{B2A9F890-FA2F-47DB-A832-C8A70A0E889D}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{B6ABD3FD-8669-4C29-9F25-B34A01DC8B45}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{B6DC4607-E198-4205-97D5-525EC16DBBE2}" = lport=3390 | protocol=6 | dir=in | app=system |
"{B954B42C-78B5-4D09-8A1C-04FBC0BEECE2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BBFEEF41-9B1D-4780-9E48-022357B95681}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C12072D5-6536-43E6-8C9D-27E8394B6252}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C83540E7-E3E5-4E8C-915B-4ABB3374AD1B}" = lport=139 | protocol=6 | dir=in | app=system |
"{CB6F64C8-0986-4773-99DC-E5A18E0D5C2F}" = lport=10244 | protocol=6 | dir=in | app=system |
"{CBBBB98F-A7D2-48B9-B4A1-CBCE437D7188}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{D4934BF5-2532-4FC6-BD01-59B758C4DFA0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D56E09D3-71F4-4DE8-B104-D8D19B34ACA5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DB8CB41A-5A5C-40D9-8D03-A5141FDB625A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E43A5A10-B8D0-4820-B94C-1D35D75561C3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F429C33D-EF8B-4D18-8D92-B60647147687}" = lport=138 | protocol=17 | dir=in | app=system |
"{F85AC43E-205C-4412-A0B1-A0775FA9D206}" = rport=139 | protocol=6 | dir=out | app=system |
"{FDFFD7F6-A2BD-4E41-AA83-EB325BFDC611}" = lport=56763 | protocol=17 | dir=in | name=pmb p2p udp listening port |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{096AFE67-B35C-4B87-88F1-FFBF781EAFEC}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{10DFD932-33EA-47C0-8AC3-D9A6510EE959}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe |
"{14CC6B1A-5A2D-4597-93F2-D28A6EC6206A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{19F59052-5806-4A25-8E23-EC48983BF5EF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1C180F05-5BC9-4B57-A77C-1D8E4948FE11}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{208089B1-7D63-4246-839E-6DD531F372D9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{25141AD7-E51F-46C5-9F7E-B4BD8F48628F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{2907797C-BC59-434F-BD37-10D37A626EF1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{36966E49-F54F-4D23-8D6A-A6A5DE561EE0}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{3CD63B17-3B8E-49B6-821D-D8CCB66B056F}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{4039D0EC-6821-4F07-8076-C93BE87AD326}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4396A09E-83DF-4BAC-925F-5709D0F5BD25}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4FD28BFE-8AA4-4099-96DA-849DEFD04A9F}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{512A7DD0-EB19-4F9F-89E5-9DB262F6A102}" = protocol=6 | dir=in | app=c:\program files (x86)\nbc direct\directplayercore.exe |
"{7442975C-349B-4173-994F-067289F5657C}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{78CED72A-DF25-4855-A7DE-C6B70CFFCA3C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7E76EB10-F8BE-4138-8B6B-28574BAE5D1F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8465F860-C5E4-4032-A1E2-7183AD61BC69}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{91531B4D-0B02-4DB9-A578-1A1131024954}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{98BE5DAD-7A0B-4D8B-8B3F-498D628B42D5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B5178880-0F17-49B0-BD8B-FF9A81EF26C3}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{C03FF63B-A328-4189-B166-2FA65093DC19}" = protocol=17 | dir=in | app=c:\program files (x86)\nbc direct\directplayercore.exe |
"{C8ECF71B-F9A5-44DF-AB5A-5763F00C1881}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{D9ABB651-D46A-43F5-86BC-95CC31BA59C1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DB6AC1F7-2A1F-4C2D-89F6-02AFFC447708}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{DE1BD1C0-DF7A-4B15-8BFD-95561194B276}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E475D0B3-828C-4E15-A5A6-FD78982C89A7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FB498B4E-B521-4D46-ACD8-72AB20B9D3B7}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{102FC8B3-6B5C-4731-B909-F0975BACC0B5}C:\program files (x86)\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"TCP Query User{5AD200D1-64A9-4716-BFDE-1DE123D17092}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{760E46E5-9F64-4CAE-9509-D53AFB3D4970}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{AA280630-A332-4DEA-83CA-5CA2FC436517}C:\program files (x86)\common files\uusee\uuseemediacenter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\uusee\uuseemediacenter.exe |
"TCP Query User{B1F8F66B-363A-4ADA-9444-58E7835C560F}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{D397D47A-2DAF-4F7D-80F4-F7F458F41B22}C:\program files (x86)\ppstream\ppstream.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ppstream\ppstream.exe |
"UDP Query User{48591743-486D-4702-873B-09A576DFC2D4}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{55DBB1DE-5157-4902-BC82-F05F4A540D30}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{5A029B09-7599-45BE-8547-52451951569C}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{825B9F83-447E-412C-BE9E-D7C4095B7BC8}C:\program files (x86)\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"UDP Query User{86B96175-D855-4354-8744-5A2054D851F0}C:\program files (x86)\common files\uusee\uuseemediacenter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\uusee\uuseemediacenter.exe |
"UDP Query User{F5BB9559-0978-49B8-A96A-96E8A7C4595B}C:\program files (x86)\ppstream\ppstream.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ppstream\ppstream.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{2EF5C74A-1137-46B1-A7BA-5A39ED27A22A}" = Bonjour
"{3850334B-82B7-4875-BEFD-CB91F2527565}" = 64 Bit HP CIO Components Installer
"{4575935D-9457-4517-8750-2341F4286F5F}" = iTunes
"{52784483-7088-4A4C-81E2-808303AD98F5}" = Apple Mobile Device Support
"{86D3D561-D1FD-4d57-8395-20030467E0F9}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}" = Microsoft Xbox 360 Accessories 1.1
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{B2F36211-EA94-4BC4-819C-25913C800E8A}" = Bluebeam PDF Revu x64 v6.5.4
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2A0CBEE-8949-474E-9D2B-539726D20531}" = Microsoft IntelliPoint 6.3
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048DB60B-5AD7-40D3-ACDA-6E8B233829FA}" = Logitech Harmony Remote Software 7
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 14
"{27F00C63-449B-2FAB-CBE8-24AB80E17449}" = Acrobat.com
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}" = Macromedia Fireworks 8
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.0.50a
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F69C969-2942-4E7B-B594-75B37664B8BA}" = NVIDIA System Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD®
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{8DD659B5-052B-5528-BF67-8B0818E90C54}" = Supercast
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9437D30F-C828-4576-88E4-5CB6B78726AD}" = Sonic CinePlayer Decoder Pack
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Fran鏰is, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_912" = Adobe Acrobat 9.1.2 - CPSID_49166
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Fran鏰is, Deutsch
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D6C9AF27-9414-46C8-B9D8-D878BA041033}" = Nero 8
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast!" = avast! Antivirus
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"CloneCD" = CloneCD
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"Crysis WARHEAD®" = Crysis WARHEAD®
"DC-Bass Source" = DC-Bass Source 1.1.1
"DirectVobSub" = DirectVobSub (remove only)
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 1685] [2007-12-06]
"foobar2000" = foobar2000 v0.9.6.1
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD Ultra
"InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{B2F36211-EA94-4BC4-819C-25913C800E8A}" = Bluebeam PDF Revu x64 v6.5.4
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"iPrep 101" = iPrep 101 v0.0.6.2 Beta
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"Mp3tag" = Mp3tag v2.42
"mv61xxDriver" = marvell 61xx
"NewsBin5" = NewsBin Pro
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"PPStream" = PPStream V2.6.86.8898 Final
"QuickPar" = QuickPar 0.9
"RealMedia" = RealMedia (remove only)
"RegSupreme Pro_is1" = RegSupreme Pro
"SHOUTcast Source" = SHOUTcast Source (remove only)
"StreamTorrent 1.0" = Stream Torrent 1.0
"SystemRequirementsLab" = System Requirements Lab
"TVAnts 1.0" = TVAnts 1.0
"VLC media player" = VLC media player 1.0.1
"WinRAR archiver" = WinRAR archiver
"ZoomPlayer" = Zoom Player (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = 礣orrent
"XBMC" = XBMC Media Center

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 5/12/2009 5:14:25 PM | Computer Name = HomeServer-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\HomeServer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DOIBLSZ9\703221[1].htm
failed, 00000005.

Error - 6/25/2009 7:16:37 PM | Computer Name = HomeServer-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\HomeServer\AppData\Local\Adobe\Updater6\Install\reader9rdr-en_US\AdbeRdrUpd912_all_incr.msp
failed, 00000005.

Error - 6/26/2009 9:47:44 PM | Computer Name = HomeServer-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\HomeServer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7ZA654P2\translate_txt37200f08[1].htm
failed, 00000005.

Error - 7/14/2009 10:19:27 AM | Computer Name = HomeServer-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\HomeServer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7ZA654P2\transcriptandcertificaterequestform[1].pdf
failed, 00000005.

Error - 8/4/2009 6:44:58 PM | Computer Name = HomeServer-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\HomeServer\AppData\Local\Adobe\Updater6\Install\acrobat9man-EFG\AcrobatUpd913_all_incr.msp
failed, 00000005.

[ Application Events ]
Error - 8/15/2009 11:40:05 AM | Computer Name = HomeServer-PC | Source = Windows Search Service | ID = 3079
Description =

Error - 8/15/2009 11:43:06 AM | Computer Name = HomeServer-PC | Source = Windows Search Service | ID = 3079
Description =

Error - 8/15/2009 11:46:00 AM | Computer Name = HomeServer-PC | Source = Windows Search Service | ID = 3079
Description =

Error - 8/15/2009 11:51:25 AM | Computer Name = HomeServer-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 8/15/2009 11:51:25 AM | Computer Name = HomeServer-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 8/15/2009 3:40:09 PM | Computer Name = HomeServer-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/15/2009 3:42:13 PM | Computer Name = HomeServer-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 8/15/2009 3:42:13 PM | Computer Name = HomeServer-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 8/15/2009 3:44:18 PM | Computer Name = HomeServer-PC | Source = LoadPerf | ID = 3012
Description =

Error - 8/15/2009 3:44:18 PM | Computer Name = HomeServer-PC | Source = LoadPerf | ID = 3011
Description =

[ System Events ]
Error - 8/2/2009 5:50:30 PM | Computer Name = HomeServer-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/2/2009 5:50:30 PM | Computer Name = HomeServer-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/4/2009 6:29:41 PM | Computer Name = HomeServer-PC | Source = bowser | ID = 8003
Description =

Error - 8/4/2009 6:49:29 PM | Computer Name = HomeServer-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.

Error - 8/4/2009 6:49:29 PM | Computer Name = HomeServer-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.

Error - 8/4/2009 6:51:28 PM | Computer Name = HomeServer-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.102 for the Network Card with network
address 0023543374AF has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 8/4/2009 6:51:32 PM | Computer Name = HomeServer-PC | Source = HTTP | ID = 15016
Description =

Error - 8/4/2009 6:51:47 PM | Computer Name = HomeServer-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 8/4/2009 6:51:47 PM | Computer Name = HomeServer-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/4/2009 6:51:47 PM | Computer Name = HomeServer-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

#6 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 15 August 2009 - 06:56 PM

Hello.

Please give me an update of the condition of your machine as requested please.

Thanks.
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#7 role2682

role2682
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 15 August 2009 - 07:01 PM

IE Crashes, sluggish performance, long boot time, on boot it stays on the windows loading screen for 3 -4 minutes. Also my wired network goes down a few times a week and the only way I get get it up again is to restart the pc. I've tried repairing with windows, it fails, then disables my network adapter and when I try to enable the network adapter the enabling window comes up and just stays there untill I close it in task manager. I have also tried repair from comand promt with no sucesses

Edited by role2682, 15 August 2009 - 08:00 PM.


#8 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 16 August 2009 - 08:59 AM

Hello.

Please do a scan with Malwarebytes.

Download and run MalwareBytes Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

For complete or visual instructions on installing and running Malwarebytes Anti-Malware please read this link

Re-run OTL as well and post back with OTL.txt

Thanks.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#9 role2682

role2682
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 16 August 2009 - 11:45 PM

OTL logfile created on: 8/17/2009 12:36:34 AM - Run 2
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\HomeServer\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 27.51% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 139.73 Gb Total Space | 88.17 Gb Free Space | 63.10% Space Free | Partition Type: NTFS
Drive D: | 279.47 Gb Total Space | 9.70 Gb Free Space | 3.47% Space Free | Partition Type: NTFS
Drive E: | 279.45 Gb Total Space | 3.82 Gb Free Space | 1.37% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 1.80 Gb Free Space | 0.77% Space Free | Partition Type: NTFS
Drive G: | 279.45 Gb Total Space | 88.26 Gb Free Space | 31.58% Space Free | Partition Type: NTFS
Drive H: | 698.63 Gb Total Space | 1.16 Gb Free Space | 0.17% Space Free | Partition Type: NTFS
Drive I: | 931.51 Gb Total Space | 1.15 Gb Free Space | 0.12% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 10.22 Gb Free Space | 2.19% Space Free | Partition Type: NTFS
Drive M: | 298.09 Gb Total Space | 176.56 Gb Free Space | 59.23% Space Free | Partition Type: NTFS
Drive N: | 465.75 Gb Total Space | 0.35 Gb Free Space | 0.08% Space Free | Partition Type: NTFS

Computer Name: HOMESERVER-PC
Current User Name: HomeServer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008/06/03 02:06:34 | 05,964,800 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2008/12/10 05:02:30 | 00,216,520 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2009/04/28 11:33:38 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/01/06 14:06:36 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/02/05 16:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2008/06/08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006/12/19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
PRC - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/01/06 14:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe
PRC - [2009/08/06 12:29:27 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/01/06 14:06:28 | 14,294,824 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunes.exe
PRC - [2008/11/07 15:28:18 | 00,153,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
PRC - [2008/11/07 15:28:30 | 00,015,376 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
PRC - [2009/07/21 17:53:43 | 00,638,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/07/21 17:53:43 | 00,638,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/15 19:48:58 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\HomeServer\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2006/11/02 07:16:04 | 00,010,240 | ---- | M] () -- C:\Windows\SysNative\regedt32.exe -- (.EsetTrialReset [Auto | Stopped])
SRV:64bit: - [2008/01/20 22:50:23 | 00,195,584 | ---- | M] () -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt [On_Demand | Stopped])
SRV:64bit: - [2009/02/05 16:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV:64bit: - [2009/02/05 16:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV:64bit: - [2009/02/05 16:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV:64bit: - [2009/02/05 16:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV:64bit: - [2008/01/20 22:51:03 | 00,598,016 | ---- | M] () -- C:\Windows\SysNative\cscsvc.dll -- (CscService [Auto | Running])
SRV:64bit: - [2008/01/20 22:47:07 | 00,689,152 | ---- | M] () -- C:\Windows\SysNative\fxssvc.exe -- (Fax [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 22:51:22 | 00,252,928 | ---- | M] () -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService [On_Demand | Running])
SRV:64bit: - [2008/01/20 22:46:36 | 01,147,904 | ---- | M] () -- C:\Windows\SysNative\wbengine.exe -- (wbengine [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 22:46:39 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV:64bit: - [2008/01/20 22:51:24 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2006/11/02 05:45:35 | 00,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\regedt32.exe -- (.EsetTrialReset [Auto | Stopped])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 14:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/27 14:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2008/01/20 22:50:39 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008/01/20 22:50:39 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 11:03:44 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/06/26 17:14:34 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/06/19 21:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/06/19 21:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/01/06 14:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/11/02 05:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Running])
SRV - [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2006/11/02 09:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2008/06/08 09:31:04 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
SRV - [2008/01/20 22:47:35 | 00,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2008/06/24 16:05:56 | 00,537,896 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2008/08/18 10:02:00 | 00,222,208 | ---- | M] (NVIDIA) -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/12/19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running])
SRV - [2008/01/20 22:46:08 | 00,211,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr [Auto | Running])
SRV - [2008/08/01 12:11:20 | 00,158,208 | ---- | M] (NVIDIA) -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService [Auto | Running])
SRV - [2006/11/02 02:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006/11/02 02:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])
SRV - [2008/01/20 22:46:08 | 00,428,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm [Auto | Running])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2008/01/18 16:16:14 | 00,109,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016bus.sys -- (a016bus [On_Demand | Stopped])
DRV:64bit: - [2008/01/18 16:16:16 | 00,019,496 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016mdfl.sys -- (a016mdfl [On_Demand | Stopped])
DRV:64bit: - [2008/01/18 16:16:18 | 00,146,472 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016mdm.sys -- (a016mdm [On_Demand | Stopped])
DRV:64bit: - [2008/01/18 16:16:18 | 00,130,600 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016mgmt.sys -- (a016mgmt [On_Demand | Stopped])
DRV:64bit: - [2008/01/18 16:16:20 | 00,125,480 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\a016obex.sys -- (a016obex [On_Demand | Stopped])
DRV:64bit: - [2009/02/05 16:07:17 | 00,022,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV:64bit: - [2009/02/05 16:07:07 | 00,064,592 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
DRV:64bit: - [2009/02/05 16:06:13 | 00,027,216 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr [System | Running])
DRV:64bit: - [2009/02/05 16:07:36 | 00,089,680 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP [System | Running])
DRV:64bit: - [2009/02/05 16:06:23 | 00,058,448 | ---- | M] () -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV:64bit: - [2008/01/20 22:51:03 | 00,460,800 | ---- | M] () -- C:\Windows\SysNative\drivers\csc.sys -- (CSC [System | Running])
DRV:64bit: - [2007/02/15 20:57:06 | 00,040,648 | ---- | M] () -- C:\Windows\SysNative\Drivers\ElbyCDFL.sys -- (ElbyCDFL [On_Demand | Running])
DRV:64bit: - [2007/08/07 15:48:37 | 00,032,712 | ---- | M] () -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO [System | Running])
DRV:64bit: - [2008/04/22 09:53:36 | 00,012,744 | R--- | M] () -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys -- (ENTECH64 [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:51:10 | 00,161,848 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\fvevol.sys -- (fvevol [Boot | Running])
DRV:64bit: - [2008/04/17 14:12:54 | 00,019,304 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV:64bit: - [2006/11/02 01:28:10 | 00,273,920 | ---- | M] () -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
DRV:64bit: - [2008/06/30 13:28:00 | 00,056,320 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\L1E60x64.sys -- (L1E [On_Demand | Running])
DRV:64bit: - [2006/11/01 03:23:42 | 00,015,680 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV:64bit: - [2008/06/23 18:21:32 | 00,173,096 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\mv61xx.sys -- (mv61xx [Boot | Running])
DRV:64bit: - [2009/05/09 01:14:20 | 00,015,752 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys -- (NuidFltr [On_Demand | Running])
DRV:64bit: - [2006/11/28 21:46:20 | 00,043,328 | ---- | M] () -- C:\Windows\SysNative\Drivers\PCAMp50a64.sys -- (PCAMp50a64 [On_Demand | Stopped])
DRV:64bit: - [2006/11/28 21:46:20 | 00,041,280 | ---- | M] () -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64 [On_Demand | Stopped])
DRV:64bit: - [2008/12/04 11:34:54 | 00,033,160 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\point64k.sys -- (Point64 [On_Demand | Running])
DRV:64bit: - [2008/04/16 15:49:34 | 00,028,416 | ---- | M] () -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb [On_Demand | Stopped])
DRV:64bit: - [2006/09/18 17:27:33 | 00,055,640 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\Rtnic64.sys -- (RTL8023x64 [On_Demand | Stopped])
DRV:64bit: - [2008/12/26 17:29:32 | 00,868,848 | ---- | M] () -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV:64bit: - [2008/01/20 22:46:32 | 00,012,288 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam [On_Demand | Running])
DRV:64bit: - [2008/11/07 15:23:30 | 00,040,448 | ---- | M] () -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64 [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:46:12 | 00,098,816 | ---- | M] () -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:46:00 | 00,019,456 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
DRV:64bit: - [2008/09/30 03:22:32 | 00,553,472 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\WNDA31vx.sys -- (WNDA3100 [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:46:34 | 00,046,080 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb [On_Demand | Stopped])
DRV:64bit: - [2007/02/26 19:15:20 | 00,092,704 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21 [On_Demand | Stopped])
DRV - [2007/12/17 05:14:14 | 00,014,392 | R--- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys -- (AsIO [System | Running])
DRV - [2008/12/26 13:33:33 | 00,000,000 | ---D | M] -- C:\Windows\CSC -- (CSC [System | Running])
DRV - [2007/02/15 20:57:06 | 00,040,648 | ---- | M] (SlySoft, Inc.) -- C:\Windows\SysWow64\Drivers\ElbyCDFL.sys -- (ElbyCDFL [On_Demand | Running])
DRV - [2006/04/20 18:42:02 | 00,081,920 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\SysWow64\ElbyCDIO.dll -- (ElbyCDIO [System | Running])
DRV - [2006/09/18 17:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2008/08/18 10:04:02 | 00,040,480 | ---- | M] (NVidia Corp.) -- C:\Windows\nvoclk64.sys -- (NVR0Dev [On_Demand | Running])
DRV - [2008/08/01 12:08:28 | 00,040,480 | ---- | M] (NVidia Corp.) -- C:\Windows\nvflsh64.sys -- (NVR0FLASHDev [Auto | Running])
DRV - [2009/04/28 11:33:42 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Stopped])
DRV - [2009/04/28 11:33:44 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/04/28 11:33:40 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Stopped])
DRV - [2006/09/18 17:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\S-1-5-21-4050978306-452591223-2502459960-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/02 17:40:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/08/06 12:29:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/08/09 13:54:46 | 00,000,000 | ---D | M]

[2009/01/03 16:11:41 | 00,000,000 | ---D | M] -- C:\Users\HomeServer\AppData\Roaming\mozilla\Extensions
[2009/01/03 16:11:41 | 00,000,000 | ---D | M] -- C:\Users\HomeServer\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/16 15:19:54 | 00,000,000 | ---D | M] -- C:\Users\HomeServer\AppData\Roaming\mozilla\Firefox\Profiles\d3fiqvzz.default\extensions
[2009/08/04 18:52:11 | 00,000,000 | ---D | M] -- C:\Users\HomeServer\AppData\Roaming\mozilla\Firefox\Profiles\d3fiqvzz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/23 21:48:04 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/08/06 12:29:28 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/23 21:48:04 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/08/06 12:29:27 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/08/06 12:29:27 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009/07/23 21:47:53 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009/08/06 12:29:27 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2006/10/26 21:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2009/03/02 17:35:10 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2008/12/02 04:04:40 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2008/12/02 04:04:40 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2008/12/02 04:04:40 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2008/12/02 04:04:40 | 00,002,343 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2008/12/02 04:04:40 | 00,001,706 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2008/12/02 04:04:40 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2008/12/02 04:04:40 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files (x86)\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BbInstallUser] C:\Program Files\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe (Bluebeam Software, Inc.)
O4:64bit: - HKLM..\Run: [BbPrintMonitor] C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe (Bluebeam Software, Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\Skytel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKU\S-1-5-21-4050978306-452591223-2502459960-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4050978306-452591223-2502459960-1000..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-4050978306-452591223-2502459960-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.73.246 68.87.71.230
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/15 02:32:20 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/27 19:26:41 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/02/26 00:32:25 | 00,000,000 | -HS- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{24034685-d373-11dd-bda0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{24034685-d373-11dd-bda0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe -- File not found
O33 - MountPoints2\{ab7c41f7-f951-11dd-8e33-0010b5fe43fb}\Shell\AutoRun\command - "" = C:\Windows\SysWow64\setupSNK.exe -- [2008/01/20 22:46:42 | 00,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{ab7c41fa-f951-11dd-8e33-0010b5fe43fb}\Shell - "" = AutoRun
O33 - MountPoints2\{ab7c41fa-f951-11dd-8e33-0010b5fe43fb}\Shell\AutoRun\command - "" = O:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/08/15 19:49:08 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\HomeServer\Desktop\OTL.exe
[2009/08/15 19:25:23 | 00,000,023 | -HS- | C] () -- C:\Windows\SysWow64\ed4_d.dll
[2009/08/15 19:25:23 | 00,000,023 | ---- | C] () -- C:\Windows\SysWow64\feed6_d.ocx
[2009/08/13 20:45:37 | 00,000,956 | ---- | C] () -- C:\Users\HomeServer\Desktop\Stream Torrent 1.0.lnk
[2009/08/13 20:45:37 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\AppData\Roaming\StreamTorrent
[2009/08/13 20:45:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\StreamTorrent 1.0
[2009/08/09 13:49:48 | 00,000,000 | ---D | C] -- C:\_OTS
[2009/08/08 00:40:59 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\AppData\Roaming\vlc
[2009/08/08 00:40:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2009/08/08 00:37:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\TVAnts
[2009/08/07 11:24:59 | 00,031,744 | ---- | C] () -- C:\Users\HomeServer\Documents\Carroll Manor Material Change Letter.doc
[2009/08/06 21:36:26 | 00,000,013 | ---- | C] () -- C:\Windows\msgtn.ini
[2009/08/06 21:36:25 | 00,000,113 | ---- | C] () -- C:\Windows\PPSMediaList.ini
[2009/08/06 21:36:25 | 00,000,063 | ---- | C] () -- C:\Windows\powerlist.ini
[2009/08/06 21:36:03 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\AppData\Roaming\PPStream
[2009/08/06 21:36:02 | 00,000,802 | ---- | C] () -- C:\Windows\psnetwork.ini
[2009/08/06 21:36:02 | 00,000,404 | ---- | C] () -- C:\Windows\powerplayer.ini
[2009/08/06 21:36:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PPStream
[2009/08/06 21:30:44 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\Desktop\UUSee 2007 English
[2009/08/06 21:21:46 | 00,000,000 | ---D | C] -- C:\ProgramData\Google
[2009/08/06 21:21:43 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\uusee
[2009/08/02 19:05:23 | 00,022,040 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2009/08/02 17:32:19 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/08/02 17:32:19 | 01,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2009/08/02 17:32:19 | 00,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2009/08/02 17:32:19 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/08/02 17:32:19 | 00,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2009/08/02 17:32:19 | 00,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2009/08/02 17:32:18 | 00,700,928 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2009/08/02 17:32:18 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/08/02 17:32:18 | 00,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2009/08/02 17:32:18 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009/08/02 17:32:18 | 00,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2009/08/02 17:32:18 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/08/02 17:32:18 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/08/02 17:32:17 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/08/02 17:32:17 | 01,146,880 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2009/08/02 17:32:17 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/08/02 17:32:17 | 00,458,240 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2009/08/02 17:32:17 | 00,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/08/02 17:32:17 | 00,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2009/08/02 17:32:17 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/08/02 17:32:17 | 00,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2009/08/02 17:32:17 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009/08/02 17:32:17 | 00,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2009/08/02 17:32:17 | 00,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2009/08/02 17:32:17 | 00,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2009/08/02 17:32:17 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009/08/02 17:32:17 | 00,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2009/08/02 17:32:16 | 02,334,208 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2009/08/02 17:32:16 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/08/02 17:32:16 | 01,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2009/08/02 17:32:16 | 01,484,288 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2009/08/02 17:32:16 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009/08/02 17:32:16 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009/08/02 17:32:16 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009/08/02 17:32:15 | 12,458,496 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2009/08/02 17:32:15 | 11,067,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/08/02 17:32:14 | 09,233,408 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2009/08/02 17:32:14 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/08/02 17:32:13 | 00,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2009/08/02 17:32:13 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/08/02 17:32:13 | 00,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2009/08/02 17:32:13 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009/08/02 17:30:46 | 00,161,792 | ---- | C] () -- C:\Windows\SysNative\advpack.dll
[2009/08/02 17:30:46 | 00,088,064 | ---- | C] () -- C:\Windows\SysNative\admparse.dll
[2009/08/02 17:30:46 | 00,022,528 | ---- | C] () -- C:\Windows\SysNative\corpol.dll
[2009/08/02 17:30:45 | 00,223,232 | ---- | C] () -- C:\Windows\SysNative\msls31.dll
[2009/08/02 17:30:45 | 00,157,696 | ---- | C] () -- C:\Windows\SysNative\ieakeng.dll
[2009/08/02 17:30:45 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2009/08/02 17:30:45 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2009/08/02 17:30:45 | 00,085,504 | ---- | C] () -- C:\Windows\SysNative\icardie.dll
[2009/08/02 17:30:45 | 00,077,824 | ---- | C] () -- C:\Windows\SysNative\tdc.ocx
[2009/08/02 17:30:45 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2009/08/02 17:30:45 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2009/08/02 17:30:45 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2009/08/02 17:30:45 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2009/08/02 17:30:44 | 00,481,280 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2009/08/02 17:30:44 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2009/08/02 17:30:44 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2009/08/02 17:30:44 | 00,125,952 | ---- | C] () -- C:\Windows\SysNative\inseng.dll
[2009/08/02 17:30:44 | 00,076,288 | ---- | C] () -- C:\Windows\SysNative\wextract.exe
[2009/08/02 17:30:44 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2009/08/02 17:30:44 | 00,063,488 | ---- | C] () -- C:\Windows\SysNative\pngfilt.dll
[2009/08/02 17:30:44 | 00,055,808 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll
[2009/08/02 17:30:44 | 00,052,736 | ---- | C] () -- C:\Windows\SysNative\imgutil.dll
[2009/08/02 17:30:44 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2009/08/02 17:30:43 | 01,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2009/08/02 17:30:43 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2009/08/02 17:30:43 | 00,508,416 | ---- | C] () -- C:\Windows\SysNative\dxtmsft.dll
[2009/08/02 17:30:43 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2009/08/02 17:30:43 | 00,318,464 | ---- | C] () -- C:\Windows\SysNative\dxtrans.dll
[2009/08/02 17:30:43 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2009/08/02 17:30:43 | 00,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2009/08/02 17:30:43 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2009/08/02 17:30:42 | 00,304,640 | ---- | C] () -- C:\Windows\SysNative\webcheck.dll
[2009/08/02 17:30:42 | 00,278,528 | ---- | C] () -- C:\Windows\SysNative\WinFXDocObj.exe
[2009/08/02 17:30:42 | 00,271,872 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2009/08/02 17:30:42 | 00,241,664 | ---- | C] () -- C:\Windows\SysNative\msrating.dll
[2009/08/02 17:30:42 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webcheck.dll
[2009/08/02 17:30:42 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2009/08/02 17:30:42 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinFXDocObj.exe
[2009/08/02 17:30:42 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2009/08/02 17:30:42 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2009/08/02 17:30:42 | 00,163,840 | ---- | C] () -- C:\Windows\SysNative\ieakui.dll
[2009/08/02 17:30:42 | 00,131,584 | ---- | C] () -- C:\Windows\SysNative\PDMSetup.exe
[2009/08/02 17:30:42 | 00,129,024 | ---- | C] () -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2009/08/02 17:30:42 | 00,128,512 | ---- | C] () -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2009/08/02 17:30:42 | 00,125,440 | ---- | C] () -- C:\Windows\SysNative\SetDepNx.exe
[2009/08/02 17:30:42 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2009/08/02 17:30:42 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2009/08/02 17:30:42 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2009/08/02 17:30:42 | 00,041,984 | ---- | C] () -- C:\Windows\SysNative\mshta.exe
[2009/08/02 17:30:41 | 00,817,664 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2009/08/02 17:30:41 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2009/08/02 17:30:41 | 00,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2009/08/02 17:30:41 | 00,479,744 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2009/08/02 17:30:41 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2009/08/02 17:30:41 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2009/08/02 17:30:41 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2009/08/02 17:30:41 | 00,108,032 | ---- | C] () -- C:\Windows\SysNative\url.dll
[2009/08/02 17:30:41 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2009/08/02 17:30:41 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2009/08/02 17:30:41 | 00,048,128 | ---- | C] () -- C:\Windows\SysNative\mshtmler.dll
[2009/08/02 17:30:41 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshta.exe
[2009/08/02 17:30:40 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2009/08/02 17:30:40 | 03,698,584 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat
[2009/08/02 17:30:40 | 00,193,536 | ---- | C] () -- C:\Windows\SysNative\iexpress.exe
[2009/08/02 17:30:40 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PDMSetup.exe
[2009/08/02 17:30:40 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2009/08/02 17:30:40 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2009/08/02 17:30:40 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetDepNx.exe
[2009/07/29 23:33:20 | 00,034,304 | ---- | C] () -- C:\Users\HomeServer\Desktop\JTK Resume.doc
[2009/07/27 17:25:33 | 00,012,084 | ---- | C] () -- C:\Users\HomeServer\Documents\Book1.xlsx
[2009/07/27 17:08:36 | 00,729,088 | ---- | C] () -- C:\Users\HomeServer\Documents\AndersonM_Access Quiz_072709.accdb
[2009/07/27 01:19:49 | 48,417,8607 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/07/23 21:48:03 | 00,410,984 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/07/23 21:48:03 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/07/23 21:48:03 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/07/23 21:48:03 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/07/23 21:47:47 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2009/07/22 16:30:48 | 00,000,000 | ---D | C] -- C:\Users\HomeServer\Documents\AutoCad 2010
[2009/07/21 22:41:40 | 00,000,000 | --SD | C] -- C:\Users\HomeServer\Documents\My Data Sources
[2009/04/27 14:20:34 | 00,004,096 | ---- | C] () -- C:\Windows\SysWow64\drivers\portio64.sys
[2009/04/27 14:20:34 | 00,002,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\portio32.sys
[2009/03/13 20:02:17 | 00,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/02/04 05:50:32 | 00,024,576 | ---- | C] () -- C:\Windows\SysWow64\nsis_loader.dll
[2009/01/08 06:10:23 | 01,525,760 | ---- | C] () -- C:\Windows\SysWow64\calclib.dll
[2008/12/26 00:06:26 | 00,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2008/12/26 00:06:26 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008/12/25 22:38:37 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2008/12/25 22:38:37 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2008/12/25 22:38:35 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2008/12/25 22:38:35 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2008/12/25 10:22:44 | 00,030,808 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008/12/25 10:22:21 | 00,030,418 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/10/07 10:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 10:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/01/20 22:49:10 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 22:48:56 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/12/28 03:22:02 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2006/11/02 08:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 08:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/09/13 07:06:10 | 00,045,056 | ---- | C] () -- C:\Windows\SysWow64\gtapi.dll

========== Files - Modified Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/08/16 22:44:06 | 00,003,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/16 22:44:06 | 00,003,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/15 20:48:46 | 03,033,826 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/08/15 20:48:46 | 00,947,358 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/08/15 20:48:46 | 00,004,884 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/08/15 20:44:10 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/15 20:44:06 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/15 20:40:35 | 04,427,145 | -H-- | M] () -- C:\Users\HomeServer\AppData\Local\IconCache.db
[2009/08/15 19:48:58 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\HomeServer\Desktop\OTL.exe
[2009/08/15 19:25:23 | 00,000,023 | -HS- | M] () -- C:\Windows\SysWow64\ed4_d.dll
[2009/08/15 19:25:23 | 00,000,023 | ---- | M] () -- C:\Windows\SysWow64\feed6_d.ocx
[2009/08/13 20:45:37 | 00,000,956 | ---- | M] () -- C:\Users\HomeServer\Desktop\Stream Torrent 1.0.lnk
[2009/08/07 11:24:59 | 00,031,744 | ---- | M] () -- C:\Users\HomeServer\Documents\Carroll Manor Material Change Letter.doc
[2009/08/06 21:44:04 | 00,000,802 | ---- | M] () -- C:\Windows\psnetwork.ini
[2009/08/06 21:44:04 | 00,000,404 | ---- | M] () -- C:\Windows\powerplayer.ini
[2009/08/06 21:44:04 | 00,000,113 | ---- | M] () -- C:\Windows\PPSMediaList.ini
[2009/08/06 21:44:04 | 00,000,013 | ---- | M] () -- C:\Windows\msgtn.ini
[2009/08/06 21:36:49 | 00,000,063 | ---- | M] () -- C:\Windows\powerlist.ini
[2009/08/06 20:53:10 | 00,040,448 | ---- | M] () -- C:\Users\HomeServer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/06 12:22:06 | 48,417,8607 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/08/06 10:25:10 | 00,000,111 | ---- | M] () -- C:\Users\HomeServer\AppData\Roaming\default.pls
[2009/08/04 18:51:30 | 00,445,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/08/03 19:38:02 | 00,133,224 | ---- | M] () -- C:\Users\HomeServer\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/08/03 13:36:08 | 00,022,040 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[2009/08/02 18:28:45 | 00,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.new
[2009/08/02 17:36:55 | 00,000,219 | ---- | M] () -- C:\Windows\win.ini
[2009/07/30 20:09:32 | 00,002,579 | ---- | M] () -- C:\Users\HomeServer\Desktop\Microsoft Office Publisher 2007.lnk
[2009/07/29 23:33:20 | 00,034,304 | ---- | M] () -- C:\Users\HomeServer\Desktop\JTK Resume.doc
[2009/07/27 17:56:03 | 00,729,088 | ---- | M] () -- C:\Users\HomeServer\Documents\AndersonM_Access Quiz_072709.accdb
[2009/07/27 17:25:33 | 00,012,084 | ---- | M] () -- C:\Users\HomeServer\Documents\Book1.xlsx
[2009/07/23 21:47:52 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/07/23 21:47:52 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/07/23 21:47:52 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/07/23 21:47:51 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/07/21 18:11:15 | 01,146,880 | ---- | M] () -- C:\Windows\SysNative\wininet.dll
[2009/07/21 18:11:04 | 01,484,288 | ---- | M] () -- C:\Windows\SysNative\urlmon.dll
[2009/07/21 18:09:54 | 00,243,712 | ---- | M] () -- C:\Windows\SysNative\occache.dll
[2009/07/21 18:07:37 | 09,233,408 | ---- | M] () -- C:\Windows\SysNative\mshtml.dll
[2009/07/21 18:07:34 | 00,700,928 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll
[2009/07/21 18:07:34 | 00,071,680 | ---- | M] () -- C:\Windows\SysNative\msfeedsbs.dll
[2009/07/21 18:06:56 | 00,031,744 | ---- | M] () -- C:\Windows\SysNative\jsproxy.dll
[2009/07/21 18:06:48 | 01,538,560 | ---- | M] () -- C:\Windows\SysNative\inetcpl.cpl
[2009/07/21 18:06:31 | 02,334,208 | ---- | M] () -- C:\Windows\SysNative\iertutil.dll
[2009/07/21 18:06:31 | 00,219,136 | ---- | M] () -- C:\Windows\SysNative\ieui.dll
[2009/07/21 18:06:31 | 00,132,096 | ---- | M] () -- C:\Windows\SysNative\iesysprep.dll
[2009/07/21 18:06:31 | 00,077,312 | ---- | M] () -- C:\Windows\SysNative\iesetup.dll
[2009/07/21 18:06:30 | 12,458,496 | ---- | M] () -- C:\Windows\SysNative\ieframe.dll
[2009/07/21 18:06:30 | 00,252,416 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll
[2009/07/21 18:06:30 | 00,072,192 | ---- | M] () -- C:\Windows\SysNative\iernonce.dll
[2009/07/21 18:06:27 | 00,458,240 | ---- | M] () -- C:\Windows\SysNative\iedkcs32.dll
[2009/07/21 17:52:28 | 00,915,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/07/21 17:52:13 | 01,208,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/07/21 17:50:46 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/07/21 17:48:31 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/07/21 17:48:27 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/07/21 17:48:27 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/07/21 17:47:47 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/07/21 17:47:41 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009/07/21 17:47:28 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/07/21 17:47:28 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009/07/21 17:47:27 | 01,985,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/07/21 17:47:27 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009/07/21 17:47:26 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/07/21 17:47:26 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009/07/21 17:47:26 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009/07/21 17:47:21 | 00,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/07/21 16:34:53 | 00,162,816 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe
[2009/07/21 16:34:41 | 00,070,656 | ---- | M] () -- C:\Windows\SysNative\ie4uinit.exe
[2009/07/21 16:34:12 | 00,012,288 | ---- | M] () -- C:\Windows\SysNative\msfeedssync.exe
[2009/07/21 16:34:00 | 01,638,912 | ---- | M] () -- C:\Windows\SysNative\mshtml.tlb
[2009/07/21 16:13:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/07/21 16:13:51 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009/07/21 16:13:15 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009/07/21 16:12:49 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/07/21 15:09:32 | 00,057,667 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2009/07/21 14:31:43 | 00,057,667 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2009/07/19 14:42:09 | 00,000,443 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
< End of report >

#10 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 17 August 2009 - 12:26 PM

May I see the Malwarebytes report pelase?
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#11 role2682

role2682
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 17 August 2009 - 05:24 PM

It came back with no infections/No malicious items detected (I ran quick and full scan).

------------------------------------

Malwarebytes' Anti-Malware 1.40
Database version: 2637
Windows 6.0.6001 Service Pack 1

8/17/2009 12:13:52 AM
mbam-log-2009-08-17 (00-13-52).txt

Scan type: Quick Scan
Objects scanned: 88564
Time elapsed: 2 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by role2682, 17 August 2009 - 05:37 PM.


#12 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 17 August 2009 - 09:21 PM

Hello.

Please run Kaspeersky online scan.

Then, take a new OTL run and post back with the logs.

--

Run Scan with Kaspersky

Please do a scan with Kaspersky Online Scanner. Please note: Kaspersky requires Java Runtime Environment (JRE) be installed before scanning for malware, as ActiveX is no longer being used.)

If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • Open the Kaspersky WebScanner
    page.
  • Click on the Posted Image button on the main page.
  • The program will launch and fill in the Information section on the left.
  • Read the "Requirements and Limitations" then press the Posted Image button.
  • The program will begin downloading the latest program and definition files. It may take a while so please be patient and let it finish.
  • Once the files have been downloaded, click on the Posted Image ...button.
    In the scan settings make sure the following are selected:
    • Detect malicious programs of the following categories:
      Viruses, Worms, Trojan Horses, Rootkits
      Spyware, Adware, Dialers and other potentially dangerous programs
    • Scan compound files (doesn't apply to the File scan area):
      Archives
      Mail databases
      By default the above items should already be checked.
    • Click the Posted Image button, if you made any changes.
  • Now under the Scan section on the left:

    Select My Computer
  • The program will now start and scan your system. This will run for a while, be patient and let it finish.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis if needed.

--

Regarding the performance issue, see if the steps below help at all:

Download and Run StartupLite

This program will identify startup entries that are unnecessary to be started at bootup. This will help free some memory.
  • Download StartupLite.exe by MalwareBytes to your desktop.
  • Double click on StartUpLite.exe to run it. If you are using Windows Vista, right click the icon and select Run As Administrator.
  • A list of unecessary startup entries will be compiled.
  • Take a read at the description of each and for most of them you probably won't need it please make sure there is a checkmark next to Disable.
  • Leave all the items as Disabled and click Continue.
  • Restart your computer once it's done.
Also, you can try some of the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#13 role2682

role2682
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 18 August 2009 - 03:59 PM

been scanning for 17 hours plus and only 25%. Is this working? I do have like 4.2 tb to scan.

#14 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 18 August 2009 - 04:22 PM

Hello.

been scanning for 17 hours plus and only 25%. Is this working? I do have like 4.2 tb to scan.

Wow. That's a lot.

Let's cancel the scan then. Re-scan with Kaspersky, but this time, only scan your C:\ drive.

Alternatively, you can select the scan critical area scan option.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#15 role2682

role2682
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:20 PM

Posted 18 August 2009 - 09:14 PM

It scanned the whole C drive (plus some more) so I don't think I will need to rescan? It comes back with one threat.

KASPERSKY ONLINE SCANNER 7.0: scan report
Tuesday, August 18, 2009
Operating system: Microsoft Windows Vista Ultimate Edition, 64-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, August 18, 2009 04:53:26
Records in database: 2650572
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\
O:\

Scan statistics:
Objects scanned: 165340
Threats found: 1
Infected objects found: 1
Suspicious objects found: 0
Scan duration: 22:58:59


File name / Threat / Threats count
C:\Program Files (x86)\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.g 1

Scanning stopped by the user.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users