Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot Open ANY .EXE Files


  • Please log in to reply
39 replies to this topic

#1 mudcat24

mudcat24

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 PM

Posted 02 October 2010 - 04:12 PM

Hey guys! Back again with another messed up laptop sad.gif

I really have no idea what caused it. I'm able to boot it up into windows, but it takes FOREVER to load the desktop.
It stays with just the Desktop Wallpaper, then like 10 minutes later the Desktop Icons and Windows Taskbar finally showup.

Whenver I try to open a .exe file I get the
Windows cannot access the specified device, path, or file error.

I've ran Malwarebytes Anti-Malware and Spybot Search & Destroy in Safe Mode and neither of them detected any viruses.

Here are my system specs:
ACER ASPIRE 5100 LAPTOP
AMD Turion 64
ATI Raedon Xpress 1100
RAM 1GB
HARD DRIVE 80GB
Windows XP Service Pack 2
Windows XP Media Center Edition

I ran an OTL quick scan

OTL logfile created on: 10/2/2010 7:57:50 PM - Run
OTLPE by OldTimer - Version 3.1.41.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

766.00 Mb Total Physical Memory | 521.00 Mb Available Physical Memory | 68.00% Memory free
706.00 Mb Paging File | 571.00 Mb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 6.62 Gb Free Space | 8.88% Space Free | Partition Type: NTFS
Drive D: | 6.82 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 3.73 Gb Total Space | 3.19 Gb Free Space | 85.52% Space Free | Partition Type: FAT

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
Using ControlSet: ControlSet005

========== Win32 Services (SafeList) ==========

SRV - [2010/09/23 17:15:02 | 002,950,744 | ---- | M] () [Auto] -- c:\Program Files\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai)
SRV - [2010/06/01 19:00:52 | 001,778,480 | ---- | M] (COMODO) [Auto] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/05/20 17:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/08/13 14:43:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/03/29 21:53:34 | 000,028,672 | ---- | M] (Acer Inc.) [Auto] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (psdvdisk)
DRV - File not found [Kernel | On_Demand] -- -- (psdfilter)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.953\pbfilter.sys -- (pbfilter)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [File_System | Auto] -- -- (eLock2FSCTLDriver)
DRV - File not found [File_System | Auto] -- -- (eLock2BurnerLockDriver)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/06/04 11:55:58 | 000,229,312 | ---- | M] (COMODO) [File_System | System] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/06/01 19:00:24 | 000,087,824 | ---- | M] (COMODO) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2010/06/01 19:00:22 | 000,025,240 | ---- | M] (COMODO) [Kernel | System] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2009/08/13 23:10:27 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/06/26 02:50:38 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/01/15 17:17:42 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/11/14 12:29:44 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/10/28 23:10:58 | 003,341,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/08/12 04:02:06 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/09/24 09:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/05/25 11:19:48 | 000,040,064 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/05/25 11:19:44 | 000,074,752 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006/05/25 11:19:40 | 000,061,056 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006/04/14 16:27:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2006/04/14 16:27:44 | 000,069,632 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2006/04/14 16:27:44 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2006/03/03 13:52:30 | 000,192,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/01/11 17:13:34 | 000,935,424 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/01/11 17:12:54 | 000,194,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/01/11 17:12:50 | 000,671,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/12/23 16:13:06 | 000,013,184 | ---- | M] (Dritek System Inc.) [Kernel | Auto] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2005/09/23 19:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/09/16 12:46:30 | 000,044,224 | R--- | M] (BVRP Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2004/12/08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [1996/04/03 15:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\extensions\\{fce8417d-ef18-11dd-845c-000c6e211f50}: C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6m1y29zh.default\extensions\ [2010/09/16 17:44:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/08/17 18:45:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/07 22:43:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/07 22:43:16 | 000,000,000 | ---D | M]

[2010/09/16 17:54:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/28 04:30:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/06/13 16:41:31 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010/09/05 21:18:24 | 000,407,846 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14129 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - Reg Error: Value error. File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\user_ON_C\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe ()
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe (Walt Disney Internet Group)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\user_ON_C..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} http://cnn-5.vo.llnwd.net/c1/static/cab_he...pWebUpdater.cab (GameTap Web Updater)
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.4/ji...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsecurity.net/scanner/cascanner.cab (CAScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/12 16:52:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 00:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/28 14:30:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010/09/28 11:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/09/28 11:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/09/25 23:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2010/09/24 14:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\New Folder B
[2010/09/23 22:00:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/23 21:35:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/09/23 21:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/09/23 21:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/09/23 21:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/09/23 21:22:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/09/06 12:22:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010/09/05 21:32:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\HC Toy Story
[2010/09/05 13:39:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\SAT & ACT
[2010/07/22 02:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2010/07/22 02:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Softland
[2010/07/22 02:46:04 | 000,023,368 | ---- | C] (Softland) -- C:\WINDOWS\System32\novamnp7.dll
[2010/07/22 02:46:04 | 000,020,808 | ---- | C] (Softland) -- C:\WINDOWS\System32\novamip7.dll
[2010/07/22 02:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2010/07/20 17:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\AoA Audio Extractor
[2010/07/11 02:35:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\New Folder (5)
[2010/07/11 02:34:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Sony Creative Software
[2010/07/10 23:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\VASST
[2010/07/10 23:19:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Sony
[2010/07/07 23:13:22 | 000,000,000 | ---D | C] -- C:\Program Files\StreamTorrent 1.0
[2010/07/07 17:33:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\New Folder (4)
[2010/07/07 05:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\New Folder (3)
[2010/07/07 01:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/07/07 01:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010/07/06 18:39:23 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010/07/05 03:09:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/12/05 18:30:42 | 001,228,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\ADBEPHSPCS4_LS1.exe
[2008/11/16 11:55:30 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/10/02 19:59:58 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/10/02 18:45:11 | 013,893,632 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010/10/02 18:45:11 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/10/02 18:45:11 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/10/02 18:45:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/02 18:44:00 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010/10/02 16:31:07 | 000,060,452 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/10/02 16:31:03 | 803,385,344 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/02 14:49:42 | 000,009,830 | ---- | M] () -- C:\exefix.reg
[2010/10/01 21:08:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/28 10:59:21 | 000,000,439 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010/09/28 10:57:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/27 02:51:36 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/27 02:51:36 | 000,441,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/27 02:51:36 | 000,071,258 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/25 23:55:48 | 155,004,012 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Registry Backup.reg
[2010/09/24 10:54:48 | 002,230,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/23 22:02:39 | 000,000,105 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/23 21:29:43 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/16 19:13:59 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/11 11:40:32 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/10 02:34:24 | 000,041,984 | ---- | M] () -- C:\Documents and Settings\user\My Documents\pua.doc
[2010/09/08 21:03:19 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Workout Diet Plan.doc
[2010/09/07 17:53:11 | 000,060,416 | ---- | M] () -- C:\Documents and Settings\user\Desktop\homes for june 2.xls
[2010/09/07 17:53:04 | 000,042,584 | ---- | M] () -- C:\Documents and Settings\user\Desktop\homes for june.csv
[2010/09/07 17:52:57 | 000,150,436 | ---- | M] () -- C:\Documents and Settings\user\Desktop\aug homes.CSV
[2010/09/07 17:52:26 | 000,160,086 | ---- | M] () -- C:\Documents and Settings\user\Desktop\may homes.CSV
[2010/09/05 23:01:08 | 000,002,568 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/09/05 21:18:24 | 000,407,846 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/09/05 19:50:08 | 000,114,912 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/09/05 18:48:44 | 000,173,476 | ---- | M] () -- C:\Documents and Settings\user\My Documents\HC Sid.cdr
[2010/09/04 16:47:09 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/04 02:19:02 | 000,072,022 | ---- | M] () -- C:\Documents and Settings\user\Desktop\buzz2.png
[2010/08/31 22:48:09 | 000,020,878 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Microsoft_Office_2007_-_Full_Package_-_Easy_Install_[DOLEFISH].5426553.TPB.torrent
[2010/08/27 19:27:38 | 000,188,233 | ---- | M] () -- C:\Documents and Settings\user\Desktop\acer battery.pdf
[2010/08/24 16:41:17 | 000,440,056 | ---- | M] () -- C:\Documents and Settings\user\Desktop\sms-received5.caf
[2010/08/24 16:18:08 | 000,491,578 | ---- | M] () -- C:\Documents and Settings\user\Desktop\ep.wav
[2010/08/16 01:31:33 | 000,255,908 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Adam West_1_clip0.avi
[2010/08/16 00:27:58 | 000,366,592 | ---- | M] () -- C:\Documents and Settings\user\My Documents\top cartoons.doc
[2010/08/09 13:31:15 | 003,707,790 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\IconCache.db
[2010/08/07 04:22:56 | 030,632,334 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Adam West.mp4
[2010/08/06 23:26:35 | 012,138,843 | ---- | M] () -- C:\Documents and Settings\user\Desktop\mlbtv_phiflo.mp4
[2010/07/23 03:20:57 | 000,309,904 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Jenny's Night Stand.png
[2010/07/22 16:15:41 | 021,101,899 | ---- | M] () -- C:\Documents and Settings\user\My Documents\AA1.psd
[2010/07/22 16:15:25 | 021,103,168 | ---- | M] () -- C:\Documents and Settings\user\My Documents\AA2.psd
[2010/07/22 16:14:50 | 021,111,892 | ---- | M] () -- C:\Documents and Settings\user\My Documents\AA3.psd
[2010/07/22 16:14:29 | 021,110,460 | ---- | M] () -- C:\Documents and Settings\user\My Documents\AA4.psd
[2010/07/22 05:22:53 | 000,866,072 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Printable Ticket 1.2.pdf
[2010/07/22 04:32:27 | 000,866,072 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Printable Ticket 4.pdf
[2010/07/22 04:31:41 | 000,866,072 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Printable Ticket 3.pdf
[2010/07/22 04:29:46 | 000,866,072 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Printable Ticket 2.pdf
[2010/07/22 04:18:19 | 021,336,890 | ---- | M] () -- C:\Documents and Settings\user\My Documents\FL_Tix.psd
[2010/07/22 02:48:25 | 000,774,693 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Printable Ticket.pdf
[2010/07/20 19:04:34 | 000,022,490 | ---- | M] () -- C:\Documents and Settings\user\Desktop\456.mp3
[2010/07/20 19:01:05 | 000,053,820 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MIC-2010-07-20_19h02m46s.wav
[2010/07/20 19:01:05 | 000,051,260 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MIC-2010-07-20_19h02m14s.wav
[2010/07/20 18:22:45 | 000,048,794 | ---- | M] () -- C:\Documents and Settings\user\Desktop\123.mp3
[2010/07/20 17:43:08 | 000,485,024 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Beyond Baseball Albert Pujols.mp3
[2010/07/20 17:16:57 | 000,050,748 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MIC-2010-07-20_17h13m08s.wav
[2010/07/18 23:28:43 | 000,034,816 | -H-- | M] () -- C:\Documents and Settings\user\Desktop\photothumb.db
[2010/07/14 01:05:31 | 000,019,303 | ---- | M] () -- C:\Documents and Settings\user\My Documents\ObjectDock
[2010/07/11 04:27:00 | 000,288,488 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/10 23:28:46 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\user\My Documents\a.media
[2010/07/10 22:59:56 | 000,002,712 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Register Vegas Pro.htm
[2010/07/08 05:47:02 | 000,407,846 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100905-211823.backup
[2010/07/07 02:28:42 | 000,002,676 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Register Vegas Movie Studio Platinum.htm
[2010/07/05 18:27:44 | 011,048,840 | ---- | M] () -- C:\Documents and Settings\user\My Documents\veetle-0.9.17.exe
[2010/07/05 10:33:18 | 000,023,368 | ---- | M] (Softland) -- C:\WINDOWS\System32\novamnp7.dll
[2010/07/05 10:33:16 | 000,020,808 | ---- | M] (Softland) -- C:\WINDOWS\System32\novamip7.dll
[2010/07/05 08:28:14 | 000,002,804 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Register Vegas Movie Studio HD.htm
[2010/07/05 03:16:26 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/02 16:31:03 | 803,385,344 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/02 16:28:08 | 000,009,830 | ---- | C] () -- C:\exefix.reg
[2010/09/25 23:55:03 | 155,004,012 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Registry Backup.reg
[2010/09/09 16:34:45 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\user\My Documents\pua.doc
[2010/09/09 02:04:29 | 000,012,376 | ---- | C] () -- C:\Documents and Settings\user\Bally Essay.txt
[2010/09/08 21:03:18 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Workout Diet Plan.doc
[2010/09/07 17:53:11 | 000,060,416 | ---- | C] () -- C:\Documents and Settings\user\Desktop\homes for june 2.xls
[2010/09/07 17:53:04 | 000,042,584 | ---- | C] () -- C:\Documents and Settings\user\Desktop\homes for june.csv
[2010/09/07 17:52:57 | 000,150,436 | ---- | C] () -- C:\Documents and Settings\user\Desktop\aug homes.CSV
[2010/09/07 17:52:20 | 000,160,086 | ---- | C] () -- C:\Documents and Settings\user\Desktop\may homes.CSV
[2010/09/05 19:57:39 | 000,002,599 | ---- | C] () -- C:\Documents and Settings\user\toy story.txt
[2010/09/05 18:48:44 | 000,173,476 | ---- | C] () -- C:\Documents and Settings\user\My Documents\HC Sid.cdr
[2010/09/04 02:18:41 | 000,072,022 | ---- | C] () -- C:\Documents and Settings\user\Desktop\buzz2.png
[2010/08/31 22:48:15 | 000,020,878 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Microsoft_Office_2007_-_Full_Package_-_Easy_Install_[DOLEFISH].5426553.TPB.torrent
[2010/08/27 19:27:32 | 000,188,233 | ---- | C] () -- C:\Documents and Settings\user\Desktop\acer battery.pdf
[2010/08/24 16:37:02 | 000,440,056 | ---- | C] () -- C:\Documents and Settings\user\Desktop\sms-received5.caf
[2010/08/24 16:18:08 | 000,491,578 | ---- | C] () -- C:\Documents and Settings\user\Desktop\ep.wav
[2010/08/23 01:52:19 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\user\Grants.txt
[2010/08/16 01:31:31 | 000,255,908 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Adam West_1_clip0.avi
[2010/08/16 00:27:56 | 000,366,592 | ---- | C] () -- C:\Documents and Settings\user\My Documents\top cartoons.doc
[2010/08/07 04:19:46 | 030,632,334 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Adam West.mp4
[2010/08/06 23:26:33 | 012,138,843 | ---- | C] () -- C:\Documents and Settings\user\Desktop\mlbtv_phiflo.mp4
[2010/08/06 05:49:02 | 000,012,376 | ---- | C] () -- C:\Documents and Settings\user\pua.txt
[2010/08/04 02:46:46 | 000,002,331 | ---- | C] () -- C:\Documents and Settings\user\college.txt
[2010/07/30 06:18:53 | 000,004,595 | ---- | C] () -- C:\Documents and Settings\user\aokeja.txt
[2010/07/28 05:15:48 | 000,005,091 | ---- | C] () -- C:\Documents and Settings\user\fbcvo.txt
[2010/07/28 05:10:17 | 000,002,759 | ---- | C] () -- C:\Documents and Settings\user\fb2.txt
[2010/07/23 03:20:57 | 000,309,904 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Jenny's Night Stand.png
[2010/07/22 05:35:25 | 021,110,460 | ---- | C] () -- C:\Documents and Settings\user\My Documents\AA4.psd
[2010/07/22 05:34:43 | 021,111,892 | ---- | C] () -- C:\Documents and Settings\user\My Documents\AA3.psd
[2010/07/22 05:33:56 | 021,103,168 | ---- | C] () -- C:\Documents and Settings\user\My Documents\AA2.psd
[2010/07/22 05:33:08 | 021,101,899 | ---- | C] () -- C:\Documents and Settings\user\My Documents\AA1.psd
[2010/07/22 05:22:43 | 000,866,072 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Printable Ticket 1.2.pdf
[2010/07/22 04:32:26 | 000,866,072 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Printable Ticket 4.pdf
[2010/07/22 04:31:39 | 000,866,072 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Printable Ticket 3.pdf
[2010/07/22 04:29:41 | 000,866,072 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Printable Ticket 2.pdf
[2010/07/22 04:18:12 | 021,336,890 | ---- | C] () -- C:\Documents and Settings\user\My Documents\FL_Tix.psd
[2010/07/22 02:48:23 | 000,774,693 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Printable Ticket.pdf
[2010/07/22 02:46:04 | 000,007,549 | ---- | C] () -- C:\WINDOWS\System32\novap7.ctm
[2010/07/20 23:14:32 | 000,000,053 | ---- | C] () -- C:\Documents and Settings\user\tix.txt
[2010/07/20 19:04:32 | 000,022,490 | ---- | C] () -- C:\Documents and Settings\user\Desktop\456.mp3
[2010/07/20 19:01:05 | 000,053,820 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MIC-2010-07-20_19h02m46s.wav
[2010/07/20 19:01:05 | 000,051,260 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MIC-2010-07-20_19h02m14s.wav
[2010/07/20 18:22:41 | 000,048,794 | ---- | C] () -- C:\Documents and Settings\user\Desktop\123.mp3
[2010/07/20 17:43:04 | 000,485,024 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Beyond Baseball Albert Pujols.mp3
[2010/07/20 17:16:57 | 000,050,748 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MIC-2010-07-20_17h13m08s.wav
[2010/07/19 01:25:56 | 000,002,778 | ---- | C] () -- C:\Documents and Settings\user\fb.txt
[2010/07/16 06:58:52 | 000,000,247 | ---- | C] () -- C:\Documents and Settings\user\strasmas.txt
[2010/07/14 02:08:15 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\user\aaa.txt
[2010/07/14 01:05:36 | 000,019,303 | ---- | C] () -- C:\Documents and Settings\user\My Documents\ObjectDock
[2010/07/11 04:27:00 | 000,288,488 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/10 23:28:46 | 000,008,856 | ---- | C] () -- C:\Documents and Settings\user\My Documents\a.veg
[2010/07/10 23:28:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\user\My Documents\a.media
[2010/07/10 23:01:26 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\user\veg 9.txt
[2010/07/09 05:06:48 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\user\lowerthirds.txt
[2010/07/09 02:49:31 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\user\statespic.txt
[2010/07/05 23:05:12 | 000,002,712 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Register Vegas Pro.htm
[2010/07/05 18:27:44 | 011,048,840 | ---- | C] () -- C:\Documents and Settings\user\My Documents\veetle-0.9.17.exe
[2010/07/05 09:32:18 | 000,002,676 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Register Vegas Movie Studio Platinum.htm
[2010/07/05 07:58:06 | 000,002,804 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Register Vegas Movie Studio HD.htm
[2010/07/01 14:44:31 | 000,003,144 | ---- | C] () -- C:\Documents and Settings\user\jman.txt
[2010/05/12 20:55:35 | 000,000,017 | ---- | C] () -- C:\Documents and Settings\user\boesfinal.txt
[2010/04/26 23:22:31 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\user\yankees suck.txt
[2010/04/20 11:34:30 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\user\hope shatterd.txt
[2010/04/11 01:29:02 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\user\tbreds_vs_coralgables.txt
[2010/04/02 19:31:49 | 000,000,175 | ---- | C] () -- C:\Documents and Settings\user\ps.txt
[2010/03/29 03:53:42 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\user\math bleep.txt
[2010/03/18 05:50:02 | 000,022,094 | ---- | C] () -- C:\Documents and Settings\user\JORGE'S PLAYLIST.txt
[2009/12/05 18:30:41 | 853,860,607 | ---- | C] () -- C:\Program Files\ADBEPHSPCS4_LS1.7z
[2009/11/24 22:43:20 | 000,011,177 | ---- | C] () -- C:\Documents and Settings\user\.recently-used.xbel
[2009/11/08 16:23:28 | 000,000,978 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2009/10/24 21:17:40 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/10/24 21:17:39 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/10/24 21:17:37 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/10/24 17:13:41 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009/10/24 17:13:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009/10/01 20:20:53 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences2.dat
[2009/10/01 20:18:57 | 000,000,038 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences.dat
[2009/08/12 19:47:55 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\bsratswf.dll
[2009/08/12 19:47:55 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\bsratwmv.dll
[2009/08/06 00:06:59 | 000,007,103 | ---- | C] () -- C:\Documents and Settings\user\Workout.txt
[2009/07/31 06:00:31 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/07/31 06:00:30 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/07/31 06:00:30 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009/07/31 06:00:30 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/07/29 14:29:09 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2009/07/29 14:29:05 | 000,036,864 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2009/07/29 14:28:59 | 004,980,736 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2009/07/28 18:13:16 | 000,005,285 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/15 21:44:21 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\user\Application Data\$_hpcst$.hpc
[2009/07/06 17:28:18 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/07/03 19:36:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2009/07/02 01:19:41 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\user\error.txt
[2009/06/28 18:50:38 | 000,000,200 | ---- | C] () -- C:\Documents and Settings\user\trio_log.txt
[2009/03/15 03:02:59 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/13 21:48:54 | 000,000,287 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/01/05 21:56:57 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/11/27 00:11:10 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\user\.plugin141.trace
[2008/11/21 15:55:07 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\D6F05C7EA2.sys
[2008/11/21 15:37:39 | 000,002,568 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/11/18 20:16:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/11/17 21:09:28 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/16 12:14:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2008/11/16 12:14:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2008/11/16 11:55:30 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2008/11/15 23:41:13 | 000,000,088 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2008/11/15 23:14:41 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2008/11/15 23:13:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/13 10:39:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/12 18:41:37 | 000,356,352 | R--- | C] () -- C:\WINDOWS\EMCRI.dll
[2008/11/12 17:05:54 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\fusioncache.dat
[2008/11/12 17:00:39 | 000,016,384 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG
[2008/11/12 17:00:39 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini
[2008/11/12 17:00:38 | 013,893,632 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT
[2008/11/12 16:59:40 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2008/11/12 16:59:39 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2008/11/12 16:59:39 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2008/11/12 16:58:18 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2008/11/12 16:58:17 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2008/11/12 16:58:17 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/09/20 06:27:16 | 003,190,784 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2007/09/20 06:27:16 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/09/20 06:27:16 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2007/09/20 06:27:16 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007/09/20 06:27:16 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/09/20 06:27:16 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2007/09/20 06:27:16 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2007/09/20 06:27:16 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2007/09/20 06:27:16 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2007/09/20 06:27:16 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007/09/20 06:27:16 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2007/09/20 06:27:16 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2007/09/20 06:27:16 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2007/09/20 06:27:16 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2007/09/20 06:27:16 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/09/20 06:27:16 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2007/09/20 06:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2007/09/20 06:27:16 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2007/09/20 06:27:16 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2007/09/20 06:27:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/03/02 06:44:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\zmbv.dll
[2006/05/25 09:33:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2005/11/11 21:40:48 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2005/08/05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/10 07:00:00 | 000,153,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmio.sys
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009/09/07 16:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2010/07/22 02:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2008/11/16 21:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\acccore
[2010/06/21 03:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\avidemux
[2008/11/23 18:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Canon
[2009/02/08 18:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FireShot
[2010/03/21 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1
[2010/09/28 00:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FrostWire
[2009/10/24 17:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GetRightToGo
[2009/11/24 22:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\gtk-2.0
[2009/12/31 02:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ImgBurn
[2009/06/07 14:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\LimeWire
[2009/07/06 21:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Netscape
[2009/07/06 21:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Photodex
[2010/06/22 19:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Publish Providers
[2009/11/01 02:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SharePod
[2010/07/22 02:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Softland
[2010/07/11 00:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony
[2010/07/11 02:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony Creative Software
[2010/04/05 14:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\StreamTorrent
[2009/07/23 23:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ulead Systems
[2009/05/24 18:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Uniblue
[2010/09/01 03:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\uTorrent

========== Purity Check ==========


< End of report >

Merged posts. ~ OB

Edited by Orange Blossom, 02 October 2010 - 11:20 PM.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:06 PM

Posted 04 October 2010 - 06:06 PM

Hi, mudcat24 smile.gif

Welcome back. You should remove all Peer to Peer programs from your computer. They are the source of all these problems.

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**
  1. If you are using Firefox, make sure that your download settings are as follows:
    • Tools->Options->Main tab
    • Set to "Always ask me where to Save the files".
  2. During the download, rename Combofix to Combo-Fix as follows:





  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    -----------------------------------------------------------
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      -----------------------------------------------------------
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    -----------------------------------------------------------
  7. Double click on combo-Fix.exe & follow the prompts.
  8. Install the Recovery Console if prompted.
  9. When finished, it will produce a report for you.
  10. Please post the "C:\Combo-Fix.txt" .
**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**


Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 mudcat24

mudcat24
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 PM

Posted 04 October 2010 - 11:20 PM

My computer doesn't let me open combofix.

I get the Windows cannot access the specified device, path, or file error. sad.gif

#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:06 PM

Posted 04 October 2010 - 11:32 PM

QUOTE(mudcat24 @ Oct 5 2010, 12:20 AM) View Post
My computer doesn't let me open combofix.

I get the Windows cannot access the specified device, path, or file error. sad.gif

Right click Combofix and and select Properties. Since the download came from another computer, it may be blocked. Unblock the file and try again.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:06 PM

Posted 04 October 2010 - 11:55 PM

If that fails try this.

Remove the copy of Combofix you downloaded.

Please download and run Rkill by Grinler from any of the following locations (Vista and Win7: to run the application, right click on Rkill and choose Run as an Administrator):
  1. rkill.exe
  2. rkill.com
  3. rkill.scr
  4. rkill.pif

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**
  1. If you are using Firefox, make sure that your download settings are as follows:
    • Tools->Options->Main tab
    • Set to "Always ask me where to Save the files".
  2. During the download, rename Combofix to MyPoppy as follows:





  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    -----------------------------------------------------------
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      -----------------------------------------------------------
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    -----------------------------------------------------------
  7. Double click on MyPoppy & follow the prompts.
  8. Install the Recovery Console if prompted.
  9. When finished, it will produce a report for you.
  10. Please post the "C:\MyPoppy.txt" .
**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**


Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 mudcat24

mudcat24
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 PM

Posted 07 October 2010 - 07:33 PM

I'm unable to open any of them.

#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:06 PM

Posted 07 October 2010 - 09:57 PM

Download exe_fix by noahdfear, run the applicatin and select Temporarily allow exes to run and lock registry against hijack, then try again.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:06 PM

Posted 07 October 2010 - 10:14 PM

I didn't realize you are running OTLPE. Follow these steps whether the above works or not:

Save these instructions to a USB drive or the hardrive so you can have access to these while in a PE environment.

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under the Custom Scan box paste this in
      /md5start
      dmio.sys
      int15.sys
      giveio.sys
      /md5stop
      %SYSTEMDRIVE%\*.*
      %systemroot%\System32\config\*.sav
      %systemroot%\*. /mp /s
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Please post the contents of the C:\OTL.txt file in your next reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 mudcat24

mudcat24
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 PM

Posted 08 October 2010 - 11:35 AM

OTL logfile created on: 10/8/2010 2:22:19 PM - Run
OTLPE by OldTimer - Version 3.1.41.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

766.00 Mb Total Physical Memory | 515.00 Mb Available Physical Memory | 67.00% Memory free
706.00 Mb Paging File | 566.00 Mb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 6.53 Gb Free Space | 8.77% Space Free | Partition Type: NTFS
Drive D: | 6.82 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.94 Gb Total Space | 0.21 Gb Free Space | 10.75% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 3.73 Gb Total Space | 2.68 Gb Free Space | 71.79% Space Free | Partition Type: FAT

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet004

========== Win32 Services (SafeList) ==========

SRV - [2010/09/23 17:15:02 | 002,950,744 | ---- | M] () [Auto] -- c:\Program Files\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai)
SRV - [2010/06/01 19:00:52 | 001,778,480 | ---- | M] (COMODO) [Auto] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/05/20 17:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/08/13 14:43:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/03/29 21:53:34 | 000,028,672 | ---- | M] (Acer Inc.) [Auto] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Disabled] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled] -- -- (ultra)
DRV - File not found [Kernel | Disabled] -- -- (TosIde)
DRV - File not found [Kernel | Disabled] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled] -- -- (symc810)
DRV - File not found [Kernel | Disabled] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | Disabled] -- -- (ql1280)
DRV - File not found [Kernel | Disabled] -- -- (ql1240)
DRV - File not found [Kernel | Disabled] -- -- (ql12160)
DRV - File not found [Kernel | Disabled] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled] -- -- (ql1080)
DRV - File not found [Kernel | On_Demand] -- -- (psdvdisk)
DRV - File not found [Kernel | On_Demand] -- -- (psdfilter)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - File not found [Kernel | Disabled] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled] -- -- (perc2)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.953\pbfilter.sys -- (pbfilter)
DRV - File not found [Kernel | Disabled] -- -- (mraid35x)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled] -- -- (ini910u)
DRV - File not found [Kernel | Disabled] -- -- (i2omp)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled] -- -- (hpn)
DRV - File not found [File_System | Auto] -- -- (eLock2FSCTLDriver)
DRV - File not found [File_System | Auto] -- -- (eLock2BurnerLockDriver)
DRV - File not found [Kernel | Disabled] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled] -- -- (dac2w2k)
DRV - File not found [Kernel | Disabled] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled] -- -- (CmdIde)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Disabled] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (asc3550)
DRV - File not found [Kernel | Disabled] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled] -- -- (asc)
DRV - File not found [Kernel | Disabled] -- -- (amsint)
DRV - File not found [Kernel | Disabled] -- -- (AliIde)
DRV - File not found [Kernel | Disabled] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2010/06/21 11:27:11 | 000,354,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/06/04 11:55:58 | 000,229,312 | ---- | M] (COMODO) [File_System | System] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/06/01 19:00:24 | 000,087,824 | ---- | M] (COMODO) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2010/06/01 19:00:22 | 000,025,240 | ---- | M] (COMODO) [Kernel | System] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2009/10/20 12:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/08/13 23:10:27 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/06/26 02:50:38 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/06/24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/05/29 13:36:16 | 000,039,424 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/03/19 16:32:48 | 000,023,400 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/01/15 17:17:42 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/11/14 12:29:44 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/10/28 23:10:58 | 003,341,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/08/14 06:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/08/12 04:02:06 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 20:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/04/13 20:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 15:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 15:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:17:05 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008/04/13 15:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 15:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:29 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/04/13 14:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:27 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/13 14:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 14:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:35 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 14:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 14:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:48 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/04/13 14:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 14:39:47 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:44 | 000,079,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus)
DRV - [2008/04/13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 14:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 14:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 14:36:38 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/04/13 14:36:37 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmbatt.sys -- (CmBatt)
DRV - [2008/04/13 14:36:37 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 14:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 14:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 12:39:15 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/11/06 18:04:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2006/10/18 21:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 20:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 19:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2006/09/24 09:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/05/25 11:19:48 | 000,040,064 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/05/25 11:19:44 | 000,074,752 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006/05/25 11:19:40 | 000,061,056 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006/04/14 16:27:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2006/04/14 16:27:44 | 000,069,632 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2006/04/14 16:27:44 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2006/03/03 13:52:30 | 000,192,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/01/11 17:13:34 | 000,935,424 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/01/11 17:12:54 | 000,194,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/01/11 17:12:50 | 000,671,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/12/23 16:13:06 | 000,013,184 | ---- | M] (Dritek System Inc.) [Kernel | Auto] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2005/10/05 17:57:08 | 000,012,544 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/23 19:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/09/16 12:46:30 | 000,044,224 | R--- | M] (BVRP Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2004/12/13 17:14:00 | 000,039,904 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6)
DRV - [2004/12/08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2004/08/10 07:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2004/08/10 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004/08/10 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004/08/10 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004/08/10 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/10 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004/08/10 07:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/10 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004/08/10 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/10 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004/08/10 07:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2004/08/10 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/10 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004/08/10 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004/08/10 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004/08/10 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004/08/10 07:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2004/08/10 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2004/08/10 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/08/10 04:45:04 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mhndrv.sys -- (MHNDRV)
DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001/08/17 14:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 09:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [1996/04/03 15:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\user_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/03 03:01:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/01/03 00:32:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{fce8417d-ef18-11dd-845c-000c6e211f50}: C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6m1y29zh.default\extensions\ [2010/09/16 17:44:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/08/17 18:45:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/07 22:43:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/07 22:43:16 | 000,000,000 | ---D | M]

[2010/09/16 17:54:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/07 22:43:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/03 00:32:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/08/26 19:17:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/11/24 20:53:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/06/28 04:30:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/07 22:42:50 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/08/07 22:42:50 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/08/07 22:43:03 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/10/13 14:00:00 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/10/13 14:00:00 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2010/08/07 22:43:06 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/08/07 22:43:06 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/08/07 22:43:06 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/08/07 22:43:06 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/08/07 22:43:06 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/06/13 16:41:31 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
[2010/08/07 22:43:06 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/08/07 22:43:06 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/09/05 21:18:24 | 000,407,846 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14129 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6m1y29zh.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.78.dll File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\user_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe ()
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Broadcom Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe (Walt Disney Internet Group)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKU\Administrator_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} http://cnn-5.vo.llnwd.net/c1/static/cab_he...pWebUpdater.cab (GameTap Web Updater)
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.4/ji...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsecurity.net/scanner/cascanner.cab (CAScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/12 16:52:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 00:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/28 14:30:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010/09/28 11:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/09/28 11:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/09/25 23:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2010/09/24 14:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\New Folder B
[2010/09/23 22:00:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/23 21:35:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/09/23 21:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/09/23 21:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/09/23 21:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/09/23 21:22:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/12/05 18:30:42 | 001,228,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\ADBEPHSPCS4_LS1.exe
[2008/11/16 11:55:30 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/08 14:21:39 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/10/07 23:09:23 | 013,893,632 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010/10/07 23:09:23 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/10/07 23:09:23 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/10/07 23:09:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/07 23:07:40 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010/10/07 20:17:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/07 20:16:54 | 000,060,452 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/10/07 20:16:50 | 803,385,344 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/07 20:02:22 | 003,875,331 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MyPoppy.exe
[2010/10/02 14:49:42 | 000,009,830 | ---- | M] () -- C:\exefix.reg
[2010/09/28 10:57:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/27 02:51:36 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/27 02:51:36 | 000,441,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/27 02:51:36 | 000,071,258 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/25 23:55:48 | 155,004,012 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Registry Backup.reg
[2010/09/24 10:54:48 | 002,230,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/23 22:02:39 | 000,000,105 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/23 21:29:43 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/16 19:13:59 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/11 11:40:32 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/10 02:34:24 | 000,041,984 | ---- | M] () -- C:\Documents and Settings\user\My Documents\pua.doc
[2010/09/08 21:03:19 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Workout Diet Plan.doc
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/07 21:30:37 | 003,875,331 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MyPoppy.exe
[2010/10/03 20:07:04 | 803,385,344 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/02 16:28:08 | 000,009,830 | ---- | C] () -- C:\exefix.reg
[2010/09/25 23:55:03 | 155,004,012 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Registry Backup.reg
[2010/09/09 16:34:45 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\user\My Documents\pua.doc
[2010/09/09 02:04:29 | 000,012,376 | ---- | C] () -- C:\Documents and Settings\user\Bally Essay.txt
[2010/09/08 21:03:18 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Workout Diet Plan.doc
[2010/09/05 19:57:39 | 000,002,599 | ---- | C] () -- C:\Documents and Settings\user\toy story.txt
[2010/08/23 01:52:19 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\user\Grants.txt
[2010/08/06 05:49:02 | 000,012,376 | ---- | C] () -- C:\Documents and Settings\user\pua.txt
[2010/08/04 02:46:46 | 000,002,331 | ---- | C] () -- C:\Documents and Settings\user\college.txt
[2010/07/30 06:18:53 | 000,004,595 | ---- | C] () -- C:\Documents and Settings\user\aokeja.txt
[2010/07/28 05:15:48 | 000,005,091 | ---- | C] () -- C:\Documents and Settings\user\fbcvo.txt
[2010/07/28 05:10:17 | 000,002,759 | ---- | C] () -- C:\Documents and Settings\user\fb2.txt
[2010/07/20 23:14:32 | 000,000,053 | ---- | C] () -- C:\Documents and Settings\user\tix.txt
[2010/07/19 01:25:56 | 000,002,778 | ---- | C] () -- C:\Documents and Settings\user\fb.txt
[2010/07/16 06:58:52 | 000,000,247 | ---- | C] () -- C:\Documents and Settings\user\strasmas.txt
[2010/07/14 02:08:15 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\user\aaa.txt
[2010/07/11 04:27:00 | 000,288,488 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/10 23:01:26 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\user\veg 9.txt
[2010/07/09 05:06:48 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\user\lowerthirds.txt
[2010/07/09 02:49:31 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\user\statespic.txt
[2010/07/01 14:44:31 | 000,003,144 | ---- | C] () -- C:\Documents and Settings\user\jman.txt
[2010/05/12 20:55:35 | 000,000,017 | ---- | C] () -- C:\Documents and Settings\user\boesfinal.txt
[2010/04/26 23:22:31 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\user\yankees suck.txt
[2010/04/20 11:34:30 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\user\hope shatterd.txt
[2010/04/11 01:29:02 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\user\tbreds_vs_coralgables.txt
[2010/04/02 19:31:49 | 000,000,175 | ---- | C] () -- C:\Documents and Settings\user\ps.txt
[2010/03/29 03:53:42 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\user\math bleep.txt
[2010/03/18 05:50:02 | 000,022,094 | ---- | C] () -- C:\Documents and Settings\user\JORGE'S PLAYLIST.txt
[2009/12/05 18:30:41 | 853,860,607 | ---- | C] () -- C:\Program Files\ADBEPHSPCS4_LS1.7z
[2009/11/24 22:43:20 | 000,011,177 | ---- | C] () -- C:\Documents and Settings\user\.recently-used.xbel
[2009/11/08 16:23:28 | 000,000,978 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2009/10/24 21:17:40 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/10/24 21:17:39 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/10/24 21:17:37 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/10/24 17:13:41 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009/10/24 17:13:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009/10/01 20:20:53 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences2.dat
[2009/10/01 20:18:57 | 000,000,038 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences.dat
[2009/08/12 19:47:55 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\bsratswf.dll
[2009/08/12 19:47:55 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\bsratwmv.dll
[2009/08/06 00:06:59 | 000,007,103 | ---- | C] () -- C:\Documents and Settings\user\Workout.txt
[2009/07/31 06:00:31 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/07/31 06:00:30 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/07/31 06:00:30 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009/07/31 06:00:30 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/07/29 14:29:09 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2009/07/29 14:29:05 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2009/07/29 14:28:59 | 004,980,736 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2009/07/28 18:13:16 | 000,005,285 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/15 21:44:21 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\user\Application Data\$_hpcst$.hpc
[2009/07/06 17:28:18 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/07/03 19:36:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2009/07/02 01:19:41 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\user\error.txt
[2009/06/28 18:50:38 | 000,000,200 | ---- | C] () -- C:\Documents and Settings\user\trio_log.txt
[2009/03/15 03:02:59 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/13 21:48:54 | 000,000,287 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/01/05 21:56:57 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/11/27 00:11:10 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\user\.plugin141.trace
[2008/11/21 15:55:07 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\D6F05C7EA2.sys
[2008/11/21 15:37:39 | 000,002,568 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/11/18 20:16:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/11/17 21:09:28 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/16 12:14:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2008/11/16 12:14:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2008/11/16 11:55:30 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2008/11/15 23:41:13 | 000,000,088 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2008/11/15 23:14:41 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2008/11/15 23:13:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/13 10:39:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/12 18:41:37 | 000,356,352 | R--- | C] () -- C:\WINDOWS\EMCRI.dll
[2008/11/12 17:05:54 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\fusioncache.dat
[2008/11/12 17:00:39 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG
[2008/11/12 17:00:39 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini
[2008/11/12 17:00:38 | 013,893,632 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT
[2008/11/12 16:59:40 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2008/11/12 16:59:39 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2008/11/12 16:59:39 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2008/11/12 16:58:18 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2008/11/12 16:58:17 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2008/11/12 16:58:17 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/09/20 06:27:16 | 003,190,784 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2007/09/20 06:27:16 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/09/20 06:27:16 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2007/09/20 06:27:16 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007/09/20 06:27:16 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/09/20 06:27:16 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2007/09/20 06:27:16 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2007/09/20 06:27:16 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2007/09/20 06:27:16 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2007/09/20 06:27:16 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007/09/20 06:27:16 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2007/09/20 06:27:16 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2007/09/20 06:27:16 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2007/09/20 06:27:16 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2007/09/20 06:27:16 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/09/20 06:27:16 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2007/09/20 06:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2007/09/20 06:27:16 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2007/09/20 06:27:16 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2007/09/20 06:27:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/03/02 06:44:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\zmbv.dll
[2006/05/25 09:33:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2005/11/11 21:40:48 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2005/08/05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/10 07:00:00 | 000,153,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmio.sys
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009/09/07 16:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2010/07/22 02:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2008/11/16 21:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\acccore
[2010/06/21 03:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\avidemux
[2008/11/23 18:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Canon
[2009/02/08 18:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FireShot
[2010/03/21 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1
[2010/09/28 00:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FrostWire
[2009/10/24 17:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GetRightToGo
[2009/11/24 22:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\gtk-2.0
[2009/12/31 02:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ImgBurn
[2009/06/07 14:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\LimeWire
[2009/07/06 21:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Netscape
[2009/07/06 21:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Photodex
[2010/06/22 19:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Publish Providers
[2009/11/01 02:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SharePod
[2010/07/22 02:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Softland
[2010/07/11 00:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony
[2010/07/11 02:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony Creative Software
[2010/04/05 14:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\StreamTorrent
[2009/07/23 23:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ulead Systems
[2009/05/24 18:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Uniblue
[2010/09/01 03:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\uTorrent

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: DMIO.SYS >
[2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) MD5=7C824CF7BBDE77D95C08005717A95F6F -- C:\WINDOWS\ServicePackFiles\i386\dmio.sys
[2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) MD5=7C824CF7BBDE77D95C08005717A95F6F -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\dmio.sys
[2008/04/13 14:44:46 | 000,153,344 | ---- | M] () MD5=8B0A653D484127D37603D91047AC854C -- C:\WINDOWS\system32\drivers\dmio.sys
[2004/08/10 07:00:00 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) MD5=F5E7B358A732D09F4BCF2824B88B9E28 -- C:\WINDOWS\$NtServicePackUninstall$\dmio.sys

< MD5 for: GIVEIO.SYS >
[1996/04/03 15:33:26 | 000,005,248 | ---- | M] () MD5=77EBF3E9386DAA51551AF429052D88D0 -- C:\WINDOWS\system32\giveio.sys

< MD5 for: INT15.SYS >
[2006/04/14 16:27:40 | 000,069,632 | ---- | M] () MD5=4D8D5B1C895EA0F2A721B98A7CE198F1 -- C:\Acer\Empowering Technology\int15.sys
[2006/04/14 16:27:44 | 000,069,632 | ---- | M] () MD5=4D8D5B1C895EA0F2A721B98A7CE198F1 -- C:\WINDOWS\system32\drivers\int15.sys

< %SYSTEMDRIVE%\*.* >
[2010/03/28 16:10:24 | 000,026,026 | ---- | M] () -- C:\ASLog.txt
[2009/10/24 16:46:55 | 000,000,000 | ---- | M] () -- C:\asoutput.log
[2008/11/12 16:52:22 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/09 23:29:03 | 000,000,090 | ---- | M] () -- C:\bcmwl5.log
[2009/07/29 00:14:06 | 000,000,308 | ---- | M] () -- C:\Boot.bak
[2008/11/13 21:20:36 | 000,000,308 | RHS- | M] () -- C:\BOOT.BKK
[2009/10/23 21:50:39 | 000,000,378 | -HS- | M] () -- C:\boot.ini
[2004/08/03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\cdrom.sys
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2008/11/12 16:52:22 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/07/09 13:25:49 | 000,000,055 | ---- | M] () -- C:\DVDPATH.TXT
[2010/10/02 14:49:42 | 000,009,830 | ---- | M] () -- C:\exefix.reg
[2010/10/07 20:16:50 | 803,385,344 | -HS- | M] () -- C:\hiberfil.sys
[2008/11/15 20:17:28 | 000,000,067 | ---- | M] () -- C:\inferno.log
[2008/11/12 16:52:22 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/11/16 21:59:09 | 000,000,369 | -H-- | M] () -- C:\IPH.PH
[2008/11/12 16:52:22 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/10 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/09/23 21:29:43 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/10/02 20:01:06 | 000,101,378 | ---- | M] () -- C:\OTL.Txt
[2010/10/07 20:16:48 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys
[2010/06/14 15:09:34 | 000,001,431 | ---- | M] () -- C:\photodex-presenter-install.log
[2010/05/25 23:26:12 | 000,000,216 | ---- | M] () -- C:\temp.txt
[2008/12/16 13:55:25 | 000,000,045 | ---- | M] () -- C:\TEST.XML

< %systemroot%\System32\config\*.sav >
[2008/11/12 11:34:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/11/12 11:34:42 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/11/12 11:34:42 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/06/20 13:46:57 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2010/06/24 08:15:27 | 006,067,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2010/06/24 08:15:27 | 000,268,288 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2008/04/13 20:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\psapi.dll
[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll

< %systemroot%\Tasks\*.job >
< End of report >


#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:06 PM

Posted 08 October 2010 - 02:59 PM

Save this as a text file in the USB drive.
  • Boot to the OTLPE CD
  • Please double-click OTLPE.exe to run it as you did before.
  • Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    QUOTE
    :Files
    C:\WINDOWS\system32\drivers\dmio.sys|C:\WINDOWS\ServicePackFiles\i386\dmio.sys /replace

  • Return to OTLPE, right click in the "Custom Scans/Fixes" window and choose Paste.
  • Click the red Run Fix button.
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.

Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under the Custom Scan box paste this in
      /md5start
      dnsapi.dll
      ieframe.dll
      iertutil.dll
      mstask.dll
      ntdsapi.dll
      psapi.dll
      shell32.dll
      /md5stop
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply also.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#11 mudcat24

mudcat24
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 PM

Posted 08 October 2010 - 08:47 PM

Run Fix

========== FILES ==========
File C:\WINDOWS\system32\drivers\dmio.sys successfully replaced with C:\WINDOWS\ServicePackFiles\i386\dmio.sys

OTLPE by OldTimer - Version 3.1.41.0 log created on 10092010_002344



OTL logfile created on: 10/9/2010 1:33:25 AM - Run
OTLPE by OldTimer - Version 3.1.41.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

766.00 Mb Total Physical Memory | 514.00 Mb Available Physical Memory | 67.00% Memory free
706.00 Mb Paging File | 561.00 Mb Available in Paging File | 79.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 6.53 Gb Free Space | 8.77% Space Free | Partition Type: NTFS
Drive D: | 6.82 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.94 Gb Total Space | 0.21 Gb Free Space | 10.74% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 3.73 Gb Total Space | 2.68 Gb Free Space | 71.76% Space Free | Partition Type: FAT

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet004

========== Win32 Services (SafeList) ==========

SRV - [2010/09/23 17:15:02 | 002,950,744 | ---- | M] () [Auto] -- c:\Program Files\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai)
SRV - [2010/06/01 19:00:52 | 001,778,480 | ---- | M] (COMODO) [Auto] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/05/20 17:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/08/13 14:43:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/03/29 21:53:34 | 000,028,672 | ---- | M] (Acer Inc.) [Auto] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Disabled] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled] -- -- (ultra)
DRV - File not found [Kernel | Disabled] -- -- (TosIde)
DRV - File not found [Kernel | Disabled] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled] -- -- (symc810)
DRV - File not found [Kernel | Disabled] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | Disabled] -- -- (ql1280)
DRV - File not found [Kernel | Disabled] -- -- (ql1240)
DRV - File not found [Kernel | Disabled] -- -- (ql12160)
DRV - File not found [Kernel | Disabled] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled] -- -- (ql1080)
DRV - File not found [Kernel | On_Demand] -- -- (psdvdisk)
DRV - File not found [Kernel | On_Demand] -- -- (psdfilter)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - File not found [Kernel | Disabled] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled] -- -- (perc2)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.953\pbfilter.sys -- (pbfilter)
DRV - File not found [Kernel | Disabled] -- -- (mraid35x)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled] -- -- (ini910u)
DRV - File not found [Kernel | Disabled] -- -- (i2omp)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled] -- -- (hpn)
DRV - File not found [File_System | Auto] -- -- (eLock2FSCTLDriver)
DRV - File not found [File_System | Auto] -- -- (eLock2BurnerLockDriver)
DRV - File not found [Kernel | Disabled] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled] -- -- (dac2w2k)
DRV - File not found [Kernel | Disabled] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled] -- -- (CmdIde)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Disabled] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (asc3550)
DRV - File not found [Kernel | Disabled] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled] -- -- (asc)
DRV - File not found [Kernel | Disabled] -- -- (amsint)
DRV - File not found [Kernel | Disabled] -- -- (AliIde)
DRV - File not found [Kernel | Disabled] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2010/06/21 11:27:11 | 000,354,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/06/04 11:55:58 | 000,229,312 | ---- | M] (COMODO) [File_System | System] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/06/01 19:00:24 | 000,087,824 | ---- | M] (COMODO) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2010/06/01 19:00:22 | 000,025,240 | ---- | M] (COMODO) [Kernel | System] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2009/10/20 12:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/08/13 23:10:27 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/06/26 02:50:38 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/06/24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/05/29 13:36:16 | 000,039,424 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/03/19 16:32:48 | 000,023,400 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/01/15 17:17:42 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/11/14 12:29:44 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/10/28 23:10:58 | 003,341,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/08/14 06:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/08/12 04:02:06 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 20:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/04/13 20:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 15:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 15:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:17:05 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008/04/13 15:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 15:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:29 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/04/13 14:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:27 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/13 14:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 14:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:35 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 14:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 14:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:48 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/04/13 14:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 14:39:47 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:44 | 000,079,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus)
DRV - [2008/04/13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 14:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 14:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 14:36:38 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/04/13 14:36:37 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmbatt.sys -- (CmBatt)
DRV - [2008/04/13 14:36:37 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 14:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 14:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 12:39:15 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/11/06 18:04:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2006/10/18 21:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 20:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 19:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2006/09/24 09:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/05/25 11:19:48 | 000,040,064 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/05/25 11:19:44 | 000,074,752 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006/05/25 11:19:40 | 000,061,056 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006/04/14 16:27:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2006/04/14 16:27:44 | 000,069,632 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2006/04/14 16:27:44 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2006/03/03 13:52:30 | 000,192,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/01/11 17:13:34 | 000,935,424 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/01/11 17:12:54 | 000,194,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/01/11 17:12:50 | 000,671,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/12/23 16:13:06 | 000,013,184 | ---- | M] (Dritek System Inc.) [Kernel | Auto] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2005/10/05 17:57:08 | 000,012,544 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/23 19:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/09/16 12:46:30 | 000,044,224 | R--- | M] (BVRP Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2004/12/13 17:14:00 | 000,039,904 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6)
DRV - [2004/12/08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2004/08/10 07:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2004/08/10 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004/08/10 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004/08/10 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004/08/10 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/10 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004/08/10 07:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/10 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004/08/10 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/10 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004/08/10 07:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2004/08/10 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/10 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004/08/10 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004/08/10 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004/08/10 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004/08/10 07:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2004/08/10 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2004/08/10 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/08/10 04:45:04 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mhndrv.sys -- (MHNDRV)
DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001/08/17 14:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 09:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [1996/04/03 15:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\user_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/03 03:01:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/01/03 00:32:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{fce8417d-ef18-11dd-845c-000c6e211f50}: C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6m1y29zh.default\extensions\ [2010/09/16 17:44:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/08/17 18:45:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/07 22:43:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/07 22:43:16 | 000,000,000 | ---D | M]

[2010/09/16 17:54:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/07 22:43:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/03 00:32:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/08/26 19:17:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/11/24 20:53:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/06/28 04:30:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/07 22:42:50 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/08/07 22:42:50 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/08/07 22:43:03 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/10/13 14:00:00 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/10/13 14:00:00 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2010/08/07 22:43:06 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/08/07 22:43:06 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/08/07 22:43:06 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/08/07 22:43:06 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/08/07 22:43:06 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/06/13 16:41:31 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
[2010/08/07 22:43:06 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/08/07 22:43:06 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/09/05 21:18:24 | 000,407,846 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14129 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6m1y29zh.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.78.dll File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\user_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe ()
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Broadcom Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe (Walt Disney Internet Group)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKU\Administrator_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} http://cnn-5.vo.llnwd.net/c1/static/cab_he...pWebUpdater.cab (GameTap Web Updater)
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.4/ji...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsecurity.net/scanner/cascanner.cab (CAScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/12 16:52:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 00:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/09 00:23:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/28 14:30:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010/09/28 11:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/09/28 11:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/09/25 23:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2010/09/24 14:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\New Folder B
[2010/09/23 22:00:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/23 21:35:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/09/23 21:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/09/23 21:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/09/23 21:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/09/23 21:22:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/12/05 18:30:42 | 001,228,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\ADBEPHSPCS4_LS1.exe
[2008/11/16 11:55:30 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/09 00:25:35 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/10/07 23:09:23 | 013,893,632 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010/10/07 23:09:23 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/10/07 23:09:23 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/10/07 23:09:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/07 23:07:40 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010/10/07 20:17:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/07 20:16:54 | 000,060,452 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/10/07 20:16:50 | 803,385,344 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/07 20:02:22 | 003,875,331 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MyPoppy.exe
[2010/10/02 14:49:42 | 000,009,830 | ---- | M] () -- C:\exefix.reg
[2010/09/28 10:57:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/27 02:51:36 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/27 02:51:36 | 000,441,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/27 02:51:36 | 000,071,258 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/25 23:55:48 | 155,004,012 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Registry Backup.reg
[2010/09/24 10:54:48 | 002,230,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/23 22:02:39 | 000,000,105 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/23 21:29:43 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/16 19:13:59 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/11 11:40:32 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/10 02:34:24 | 000,041,984 | ---- | M] () -- C:\Documents and Settings\user\My Documents\pua.doc
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/07 21:30:37 | 003,875,331 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MyPoppy.exe
[2010/10/03 20:07:04 | 803,385,344 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/02 16:28:08 | 000,009,830 | ---- | C] () -- C:\exefix.reg
[2010/09/25 23:55:03 | 155,004,012 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Registry Backup.reg
[2010/09/09 16:34:45 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\user\My Documents\pua.doc
[2010/09/09 02:04:29 | 000,012,376 | ---- | C] () -- C:\Documents and Settings\user\Bally Essay.txt
[2010/09/05 19:57:39 | 000,002,599 | ---- | C] () -- C:\Documents and Settings\user\toy story.txt
[2010/08/23 01:52:19 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\user\Grants.txt
[2010/08/06 05:49:02 | 000,012,376 | ---- | C] () -- C:\Documents and Settings\user\pua.txt
[2010/08/04 02:46:46 | 000,002,331 | ---- | C] () -- C:\Documents and Settings\user\college.txt
[2010/07/30 06:18:53 | 000,004,595 | ---- | C] () -- C:\Documents and Settings\user\aokeja.txt
[2010/07/28 05:15:48 | 000,005,091 | ---- | C] () -- C:\Documents and Settings\user\fbcvo.txt
[2010/07/28 05:10:17 | 000,002,759 | ---- | C] () -- C:\Documents and Settings\user\fb2.txt
[2010/07/20 23:14:32 | 000,000,053 | ---- | C] () -- C:\Documents and Settings\user\tix.txt
[2010/07/19 01:25:56 | 000,002,778 | ---- | C] () -- C:\Documents and Settings\user\fb.txt
[2010/07/16 06:58:52 | 000,000,247 | ---- | C] () -- C:\Documents and Settings\user\strasmas.txt
[2010/07/14 02:08:15 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\user\aaa.txt
[2010/07/11 04:27:00 | 000,288,488 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/10 23:01:26 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\user\veg 9.txt
[2010/07/09 05:06:48 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\user\lowerthirds.txt
[2010/07/09 02:49:31 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\user\statespic.txt
[2010/07/01 14:44:31 | 000,003,144 | ---- | C] () -- C:\Documents and Settings\user\jman.txt
[2010/05/12 20:55:35 | 000,000,017 | ---- | C] () -- C:\Documents and Settings\user\boesfinal.txt
[2010/04/26 23:22:31 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\user\yankees suck.txt
[2010/04/20 11:34:30 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\user\hope shatterd.txt
[2010/04/11 01:29:02 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\user\tbreds_vs_coralgables.txt
[2010/04/02 19:31:49 | 000,000,175 | ---- | C] () -- C:\Documents and Settings\user\ps.txt
[2010/03/29 03:53:42 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\user\math bleep.txt
[2010/03/18 05:50:02 | 000,022,094 | ---- | C] () -- C:\Documents and Settings\user\JORGE'S PLAYLIST.txt
[2009/12/05 18:30:41 | 853,860,607 | ---- | C] () -- C:\Program Files\ADBEPHSPCS4_LS1.7z
[2009/11/24 22:43:20 | 000,011,177 | ---- | C] () -- C:\Documents and Settings\user\.recently-used.xbel
[2009/11/08 16:23:28 | 000,000,978 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2009/10/24 21:17:40 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/10/24 21:17:39 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/10/24 21:17:37 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/10/24 17:13:41 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009/10/24 17:13:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009/10/01 20:20:53 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences2.dat
[2009/10/01 20:18:57 | 000,000,038 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences.dat
[2009/08/12 19:47:55 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\bsratswf.dll
[2009/08/12 19:47:55 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\bsratwmv.dll
[2009/08/06 00:06:59 | 000,007,103 | ---- | C] () -- C:\Documents and Settings\user\Workout.txt
[2009/07/31 06:00:31 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/07/31 06:00:30 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/07/31 06:00:30 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009/07/31 06:00:30 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/07/29 14:29:09 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2009/07/29 14:29:05 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2009/07/29 14:28:59 | 004,980,736 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2009/07/28 18:13:16 | 000,005,285 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/15 21:44:21 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\user\Application Data\$_hpcst$.hpc
[2009/07/06 17:28:18 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/07/03 19:36:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2009/07/02 01:19:41 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\user\error.txt
[2009/06/28 18:50:38 | 000,000,200 | ---- | C] () -- C:\Documents and Settings\user\trio_log.txt
[2009/03/15 03:02:59 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/13 21:48:54 | 000,000,287 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/01/05 21:56:57 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/11/27 00:11:10 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\user\.plugin141.trace
[2008/11/21 15:55:07 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\D6F05C7EA2.sys
[2008/11/21 15:37:39 | 000,002,568 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/11/18 20:16:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/11/17 21:09:28 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/16 12:14:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2008/11/16 12:14:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2008/11/16 11:55:30 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2008/11/15 23:41:13 | 000,000,088 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2008/11/15 23:14:41 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2008/11/15 23:13:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/13 10:39:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/12 18:41:37 | 000,356,352 | R--- | C] () -- C:\WINDOWS\EMCRI.dll
[2008/11/12 17:05:54 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\fusioncache.dat
[2008/11/12 17:00:39 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG
[2008/11/12 17:00:39 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini
[2008/11/12 17:00:38 | 013,893,632 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT
[2008/11/12 16:59:40 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2008/11/12 16:59:39 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2008/11/12 16:59:39 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2008/11/12 16:58:18 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2008/11/12 16:58:17 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2008/11/12 16:58:17 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/09/20 06:27:16 | 003,190,784 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2007/09/20 06:27:16 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/09/20 06:27:16 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2007/09/20 06:27:16 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007/09/20 06:27:16 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/09/20 06:27:16 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2007/09/20 06:27:16 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2007/09/20 06:27:16 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2007/09/20 06:27:16 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2007/09/20 06:27:16 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007/09/20 06:27:16 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2007/09/20 06:27:16 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2007/09/20 06:27:16 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2007/09/20 06:27:16 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2007/09/20 06:27:16 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/09/20 06:27:16 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2007/09/20 06:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2007/09/20 06:27:16 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2007/09/20 06:27:16 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2007/09/20 06:27:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/03/02 06:44:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\zmbv.dll
[2006/05/25 09:33:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2005/11/11 21:40:48 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2005/08/05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009/09/07 16:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2010/07/22 02:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2008/11/16 21:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\acccore
[2010/06/21 03:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\avidemux
[2008/11/23 18:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Canon
[2009/02/08 18:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FireShot
[2010/03/21 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1
[2010/09/28 00:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FrostWire
[2009/10/24 17:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GetRightToGo
[2009/11/24 22:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\gtk-2.0
[2009/12/31 02:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ImgBurn
[2009/06/07 14:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\LimeWire
[2009/07/06 21:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Netscape
[2009/07/06 21:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Photodex
[2010/06/22 19:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Publish Providers
[2009/11/01 02:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SharePod
[2010/07/22 02:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Softland
[2010/07/11 00:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony
[2010/07/11 02:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony Creative Software
[2010/04/05 14:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\StreamTorrent
[2009/07/23 23:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ulead Systems
[2009/05/24 18:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Uniblue
[2010/09/01 03:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\uTorrent

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: DNSAPI.DLL >
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\dnsapi.dll
[2008/06/20 13:41:10 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=176497D0E7AE618860552A4B5635B206 -- C:\WINDOWS\$NtServicePackUninstall$\dnsapi.dll
[2008/06/20 13:43:05 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=1C2A6C104E6184B05EEB0C114BE4F150 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
[2008/06/20 13:46:57 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=5D3FDE8FB2801A2041D1B965372C4928 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
[2008/06/20 13:46:57 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=5D3FDE8FB2801A2041D1B965372C4928 -- C:\WINDOWS\system32\dllcache\dnsapi.dll
[2004/08/10 07:00:00 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=C76735BFB7214907B4590DD35AE64A79 -- C:\WINDOWS\$NtUninstallKB951748_0$\dnsapi.dll
[2008/06/20 13:36:11 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=D803BDB34C060035D4753DDA046D5C72 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
[2008/06/20 13:46:57 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll

< MD5 for: IEFRAME.DLL >
[2008/10/16 16:24:09 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=233F3168F83CCAEA70EDD0FC6C272A74 -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
[2008/10/16 16:38:37 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=23DD2287BA2630805E16571CB5E4E3EB -- C:\WINDOWS\ie7updates\KB961260-IE7\ieframe.dll
[2010/03/11 07:49:30 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=25891590F55C29A6561C53FD67452B0C -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\ieframe.dll
[2007/08/13 18:54:10 | 006,049,280 | ---- | M] (Microsoft Corporation) MD5=3460EC04E65C7B52024B5073C4AACFAA -- C:\WINDOWS\ie7updates\KB982381-IE7\ieframe.dll
[2009/08/29 03:31:12 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=4457FBAE53EB951FCFD4A92F4A62FCC4 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\ieframe.dll
[2009/10/29 03:45:43 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=5530B5093740BCFEDDE85C54CE2476BB -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\ieframe.dll
[2009/04/29 00:49:17 | 006,069,248 | ---- | M] (Microsoft Corporation) MD5=629932D1D34AC476AB8EBC78D719B33B -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\ieframe.dll
[2010/05/06 16:06:24 | 011,078,144 | ---- | M] (Microsoft Corporation) MD5=829BC36DEC43E7A9F53E826BAC991540 -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\ieframe.dll
[2010/05/04 13:20:35 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=8641B27F8DF694C39CA1DBA2F71373FB -- C:\WINDOWS\ie7updates\KB2183461-IE7\ieframe.dll
[2010/01/05 05:57:27 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=976F8175CDCD27192196669E052F7C51 -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\ieframe.dll
[2010/05/04 13:20:01 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=98AF5E356C2D9BF3C0CEDA7484A8297D -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\ieframe.dll
[2008/10/03 13:41:15 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=9A647EB36A8D4C97A15F46CD560E98E2 -- C:\WINDOWS\ie7updates\KB958215-IE7\ieframe.dll
[2009/02/20 14:09:36 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=A280BC1D20C94DDEE22EF9DB507821E0 -- C:\WINDOWS\ie7updates\KB969897-IE7\ieframe.dll
[2010/01/05 06:00:23 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BC88680EDB207514D8009BD98761B6BB -- C:\WINDOWS\ie7updates\KB980182-IE7\ieframe.dll
[2009/07/19 09:31:48 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=BCB67F7FC4EDDDD1D0F3FF9CD41D706C -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\ieframe.dll
[2010/06/24 08:15:27 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BED7CDEFE6353F95B5AB2B2715E7FA81 -- C:\WINDOWS\SoftwareDistribution\Download\bd4a8ed1ff18ce602cf240d9190152b0\sp3gdr\ieframe.dll
[2010/06/24 08:15:27 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BED7CDEFE6353F95B5AB2B2715E7FA81 -- C:\WINDOWS\system32\dllcache\ieframe.dll
[2008/10/03 13:26:50 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=C0F690706C8F4468B17A20530D7B32E2 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
[2008/12/20 19:55:50 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=CBA0078473E65D8F4BE1A472099162D0 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ieframe.dll
[2010/06/24 08:16:21 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=D6D47DBCC1F85FD2B63BB5CD60FAEA72 -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\ieframe.dll
[2010/06/24 08:16:21 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=D6D47DBCC1F85FD2B63BB5CD60FAEA72 -- C:\WINDOWS\SoftwareDistribution\Download\bd4a8ed1ff18ce602cf240d9190152b0\sp3qfe\ieframe.dll
[2009/07/19 09:32:59 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=DAABB9EC6CDEE737044E76812D5E1EEB -- C:\WINDOWS\ie7updates\KB974455-IE7\ieframe.dll
[2009/02/20 14:09:52 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=DFAD02C430698F3C28C82380F87B262E -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\ieframe.dll
[2010/06/24 08:15:27 | 006,067,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< MD5 for: IERTUTIL.DLL >
[2009/08/29 03:31:12 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=02BDD5FE51CD53F58CDA085B29F183B9 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iertutil.dll
[2010/06/24 08:15:27 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0C51DB6731F0E0F548582C95BA95992C -- C:\WINDOWS\SoftwareDistribution\Download\bd4a8ed1ff18ce602cf240d9190152b0\sp3gdr\iertutil.dll
[2010/06/24 08:15:27 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0C51DB6731F0E0F548582C95BA95992C -- C:\WINDOWS\system32\dllcache\iertutil.dll
[2009/02/20 14:09:37 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0EB06AA08ADFE9BDF78AC6CD914721C2 -- C:\WINDOWS\ie7updates\KB969897-IE7\iertutil.dll
[2008/10/16 16:38:37 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=21E9A2407A947EF9D788812A2404D57D -- C:\WINDOWS\ie7updates\KB961260-IE7\iertutil.dll
[2010/05/04 13:20:36 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=28D1D65D22D76A07D4E168F64CE6A15A -- C:\WINDOWS\ie7updates\KB2183461-IE7\iertutil.dll
[2007/08/13 18:34:04 | 000,266,752 | ---- | M] (Microsoft Corporation) MD5=37B82F050378ABA1FC6BF6664575F68B -- C:\WINDOWS\ie7updates\KB982381-IE7\iertutil.dll
[2008/10/16 16:24:09 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=3E776F61E3CD7334BA4F04D25A382A3D -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
[2009/02/20 14:09:52 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=47F3AE3BF4C6E30124B4F456A3944F6A -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iertutil.dll
[2008/08/26 05:08:39 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=496911E0EEFFB07C5803FAEFF2A8F06D -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
[2008/12/20 19:55:50 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=51DB5F2D1D5FEDEF5FA920F4EB5BC91E -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iertutil.dll
[2010/03/11 07:49:31 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=52745C1BA2F4B2038BDC84A0D392833D -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iertutil.dll
[2009/06/29 12:12:16 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=783E933FFAE1401A05DEB23553C07D3D -- C:\WINDOWS\ie7updates\KB974455-IE7\iertutil.dll
[2009/06/29 12:23:11 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=9B20BF14CC2A13A2BAB7ECAEB05206CE -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iertutil.dll
[2008/08/26 03:24:29 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=A223769899F3D981DEFC81CD791D687F -- C:\WINDOWS\ie7updates\KB958215-IE7\iertutil.dll
[2009/10/29 03:45:43 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=A8EDBE192207E3AE7EFC58D857507E98 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iertutil.dll
[2010/05/06 06:36:24 | 001,986,048 | ---- | M] (Microsoft Corporation) MD5=AA9B8D2F3BEB369DB82E48C689D7A8FC -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\iertutil.dll
[2010/01/05 06:00:24 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=BF7DFAD80E6991942D362F71BE1EAD1F -- C:\WINDOWS\ie7updates\KB980182-IE7\iertutil.dll
[2010/06/24 08:16:21 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=C0D77293644765C00FEBC52CC5DF3703 -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iertutil.dll
[2010/06/24 08:16:21 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=C0D77293644765C00FEBC52CC5DF3703 -- C:\WINDOWS\SoftwareDistribution\Download\bd4a8ed1ff18ce602cf240d9190152b0\sp3qfe\iertutil.dll
[2010/05/04 13:20:01 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=DD2AA1304C4293A1888AA1A3285A4D88 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iertutil.dll
[2009/04/29 00:49:18 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=F0054228DF9E36667E10644986B19AAF -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iertutil.dll
[2010/01/05 05:57:28 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=F546A6E483BE82692D448A872E9E76A9 -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iertutil.dll
[2010/06/24 08:15:27 | 000,268,288 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll

< MD5 for: MSTASK.DLL >
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=4044E880593FE1AC9942190FCE414BE7 -- C:\WINDOWS\ServicePackFiles\i386\mstask.dll
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=4044E880593FE1AC9942190FCE414BE7 -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\mstask.dll
[2004/08/10 07:00:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=DAD1CEF1B77539B4EF734A1041CF95ED -- C:\WINDOWS\$NtServicePackUninstall$\mstask.dll
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll

< MD5 for: NTDSAPI.DLL >
[2004/08/10 07:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6201BACF384292A5FE94CE73364AE53A -- C:\WINDOWS\$NtServicePackUninstall$\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=EC4C0D9BFD9F7E33F8B395AD54E13063 -- C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=EC4C0D9BFD9F7E33F8B395AD54E13063 -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll

< MD5 for: PSAPI.DLL >
[2004/08/10 07:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=96E48C7EB9089D1DBF6F85CA11B264DF -- C:\WINDOWS\$NtServicePackUninstall$\psapi.dll
[2008/04/13 20:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=9CFCB3CA3D83B4EAA133F0644A2C6F31 -- C:\WINDOWS\ServicePackFiles\i386\psapi.dll
[2008/04/13 20:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=9CFCB3CA3D83B4EAA133F0644A2C6F31 -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\psapi.dll
[2008/10/28 22:05:00 | 000,018,192 | ---- | M] (Microsoft Corporation) MD5=B3D22A483875A61CB2060C7D518EFFC2 -- C:\Acer\ATI\SUPPORT\8-11_xp32_dd_ccc_wdm_enu_70226\psapi.dll
[2008/04/13 20:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\psapi.dll

< MD5 for: SHELL32.DLL >
[2008/07/03 09:03:29 | 008,460,800 | ---- | M] (Microsoft Corporation) MD5=06DA8C5383AAF17127FC4B1658BA3F4F -- C:\WINDOWS\$hf_mig$\KB967715\SP2QFE\shell32.dll
[2008/06/17 15:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=08B99916C98E15F6C28D24D73E53B45A -- C:\WINDOWS\$hf_mig$\KB967715\SP3GDR\shell32.dll
[2008/06/17 15:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=08B99916C98E15F6C28D24D73E53B45A -- C:\WINDOWS\$NtUninstallKB2286198$\shell32.dll
[2008/04/13 20:12:05 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\$NtUninstallKB967715$\shell32.dll
[2008/04/13 20:12:05 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\ServicePackFiles\i386\shell32.dll
[2008/04/13 20:12:05 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\shell32.dll
[2008/06/17 15:04:34 | 008,461,824 | ---- | M] (Microsoft Corporation) MD5=270CE1BFDF019A3D7527F1DA6FB1FA96 -- C:\WINDOWS\$hf_mig$\KB967715\SP3QFE\shell32.dll
[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) MD5=304CFF53C9C9BEB03607ABE94A8FC781 -- C:\WINDOWS\SoftwareDistribution\Download\0ffc790b117ebc1d1b7e531ea04decbf\sp3gdr\shell32.dll
[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) MD5=304CFF53C9C9BEB03607ABE94A8FC781 -- C:\WINDOWS\system32\dllcache\shell32.dll
[2008/07/03 09:16:57 | 008,454,656 | ---- | M] (Microsoft Corporation) MD5=56B6333DDA2576803F99F0EA373D0A7B -- C:\WINDOWS\$NtServicePackUninstall$\shell32.dll
[2010/07/27 02:28:54 | 008,463,360 | ---- | M] (Microsoft Corporation) MD5=B65D8CE7C75835906CD21C974B875503 -- C:\WINDOWS\$hf_mig$\KB2286198\SP3QFE\shell32.dll
[2010/07/27 02:28:54 | 008,463,360 | ---- | M] (Microsoft Corporation) MD5=B65D8CE7C75835906CD21C974B875503 -- C:\WINDOWS\SoftwareDistribution\Download\0ffc790b117ebc1d1b7e531ea04decbf\sp3qfe\shell32.dll
[2004/08/10 07:00:00 | 008,384,000 | ---- | M] (Microsoft Corporation) MD5=D5988A5048E4DC7175BCA9F29FC144AE -- C:\WINDOWS\$NtUninstallKB967715_0$\shell32.dll
[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
< End of report >



#12 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:06 PM

Posted 09 October 2010 - 12:04 AM

Save this as a text file in the USB drive.
  • Boot to the OTLPE CD
  • Please double-click OTLPE.exe to run it as you did before.
  • Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    QUOTE
    :files
    C:\WINDOWS\system32\dnsapi.dll|C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll /Replace
    C:\WINDOWS\system32\ieframe.dll|C:\WINDOWS\system32\dllcache\ieframe.dll /Replace
    C:\WINDOWS\system32\iertutil.dll|C:\WINDOWS\system32\dllcache\iertutil.dll /Replace
    C:\WINDOWS\system32\mstask.dll|C:\WINDOWS\ServicePackFiles\i386\mstask.dll /Replace
    C:\WINDOWS\system32\ntdsapi.dll|C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll /Replace
    C:\WINDOWS\system32\psapi.dll|C:\WINDOWS\ServicePackFiles\i386\psapi.dll /Replace
    C:\WINDOWS\system32\shell32.dll|C:\WINDOWS\system32\dllcache\shell32.dll /Replace

  • Return to OTLPE, right click in the "Custom Scans/Fixes" window and choose Paste.
  • Click the red Run Fix button.
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in a reply.
Restart the computer back to the OTLPE CD.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under the Custom Scan box paste this in
      /md5start
      dnsapi.dll
      ieframe.dll
      iertutil.dll
      mstask.dll
      ntdsapi.dll
      psapi.dll
      shell32.dll
      /md5stop
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive.
  • Please post the contents of the C:\OTL.txt file in your reply also.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#13 mudcat24

mudcat24
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 PM

Posted 10 October 2010 - 01:51 AM

Run Fix

========== FILES ==========
File C:\WINDOWS\system32\dnsapi.dll successfully replaced with C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll
File C:\WINDOWS\system32\ieframe.dll successfully replaced with C:\WINDOWS\system32\dllcache\ieframe.dll
File C:\WINDOWS\system32\iertutil.dll successfully replaced with C:\WINDOWS\system32\dllcache\iertutil.dll
File C:\WINDOWS\system32\mstask.dll successfully replaced with C:\WINDOWS\ServicePackFiles\i386\mstask.dll
File C:\WINDOWS\system32\ntdsapi.dll successfully replaced with C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll
File C:\WINDOWS\system32\psapi.dll successfully replaced with C:\WINDOWS\ServicePackFiles\i386\psapi.dll
Unable to replace file: C:\WINDOWS\system32\shell32.dll with C:\WINDOWS\system32\dllcache\shell32.dll without a reboot.

OTLPE by OldTimer - Version 3.1.41.0 log created on 10102010_065929

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...



Run Scan

OTL logfile created on: 10/10/2010 8:15:11 AM - Run
OTLPE by OldTimer - Version 3.1.41.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

766.00 Mb Total Physical Memory | 513.00 Mb Available Physical Memory | 67.00% Memory free
706.00 Mb Paging File | 564.00 Mb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 6.53 Gb Free Space | 8.77% Space Free | Partition Type: NTFS
Drive D: | 6.82 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 1.94 Gb Total Space | 0.21 Gb Free Space | 10.73% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 3.73 Gb Total Space | 2.68 Gb Free Space | 71.79% Space Free | Partition Type: FAT

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet004

========== Win32 Services (SafeList) ==========

SRV - [2010/09/23 17:15:02 | 002,950,744 | ---- | M] () [Auto] -- c:\Program Files\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai)
SRV - [2010/06/01 19:00:52 | 001,778,480 | ---- | M] (COMODO) [Auto] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/05/20 17:19:16 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/08/13 14:43:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/02 21:40:12 | 000,174,656 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/03/29 21:53:34 | 000,028,672 | ---- | M] (Acer Inc.) [Auto] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Disabled] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled] -- -- (ultra)
DRV - File not found [Kernel | Disabled] -- -- (TosIde)
DRV - File not found [Kernel | Disabled] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled] -- -- (symc810)
DRV - File not found [Kernel | Disabled] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | Disabled] -- -- (ql1280)
DRV - File not found [Kernel | Disabled] -- -- (ql1240)
DRV - File not found [Kernel | Disabled] -- -- (ql12160)
DRV - File not found [Kernel | Disabled] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled] -- -- (ql1080)
DRV - File not found [Kernel | On_Demand] -- -- (psdvdisk)
DRV - File not found [Kernel | On_Demand] -- -- (psdfilter)
DRV - File not found [Kernel | On_Demand] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - File not found [Kernel | Disabled] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled] -- -- (perc2)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.953\pbfilter.sys -- (pbfilter)
DRV - File not found [Kernel | Disabled] -- -- (mraid35x)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled] -- -- (ini910u)
DRV - File not found [Kernel | Disabled] -- -- (i2omp)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled] -- -- (hpn)
DRV - File not found [File_System | Auto] -- -- (eLock2FSCTLDriver)
DRV - File not found [File_System | Auto] -- -- (eLock2BurnerLockDriver)
DRV - File not found [Kernel | Disabled] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled] -- -- (dac2w2k)
DRV - File not found [Kernel | Disabled] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled] -- -- (CmdIde)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Disabled] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (asc3550)
DRV - File not found [Kernel | Disabled] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled] -- -- (asc)
DRV - File not found [Kernel | Disabled] -- -- (amsint)
DRV - File not found [Kernel | Disabled] -- -- (AliIde)
DRV - File not found [Kernel | Disabled] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2010/06/21 11:27:11 | 000,354,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/06/04 11:55:58 | 000,229,312 | ---- | M] (COMODO) [File_System | System] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/06/01 19:00:24 | 000,087,824 | ---- | M] (COMODO) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2010/06/01 19:00:22 | 000,025,240 | ---- | M] (COMODO) [Kernel | System] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2009/10/20 12:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/08/13 23:10:27 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/06/26 02:50:38 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/06/24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/05/29 13:36:16 | 000,039,424 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/03/19 16:32:48 | 000,023,400 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/01/15 17:17:42 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/11/14 12:29:44 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/10/28 23:10:58 | 003,341,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/08/14 06:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008/08/12 04:02:06 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 20:13:22 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/04/13 20:13:21 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 20:13:20 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 20:13:20 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 15:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2008/04/13 15:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:18:00 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:17:05 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008/04/13 15:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:15:45 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 15:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:00:19 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:29 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/04/13 14:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:27 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/04/13 14:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 14:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:35 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:48 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 14:44:46 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:27 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 14:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:10 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 14:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:48 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/04/13 14:39:47 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 14:39:47 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:44 | 000,079,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus)
DRV - [2008/04/13 14:36:44 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 14:36:43 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 14:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 14:36:38 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/04/13 14:36:37 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmbatt.sys -- (CmBatt)
DRV - [2008/04/13 14:36:37 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/04/13 14:36:35 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 14:33:28 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 14:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 14:31:30 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 12:39:15 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/11/06 18:04:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2006/10/18 21:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 20:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 19:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2006/09/24 09:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/05/25 11:19:48 | 000,040,064 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/05/25 11:19:44 | 000,074,752 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006/05/25 11:19:40 | 000,061,056 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006/04/14 16:27:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2006/04/14 16:27:44 | 000,069,632 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2006/04/14 16:27:44 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2006/03/03 13:52:30 | 000,192,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/01/11 17:13:34 | 000,935,424 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/01/11 17:12:54 | 000,194,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/01/11 17:12:50 | 000,671,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/12/23 16:13:06 | 000,013,184 | ---- | M] (Dritek System Inc.) [Kernel | Auto] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2005/10/05 17:57:08 | 000,012,544 | ---- | M] (Conexant) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/23 19:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/09/16 12:46:30 | 000,044,224 | R--- | M] (BVRP Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2004/12/13 17:14:00 | 000,039,904 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6)
DRV - [2004/12/08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2004/08/10 07:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2004/08/10 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004/08/10 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004/08/10 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004/08/10 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/10 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004/08/10 07:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/10 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004/08/10 07:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/10 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004/08/10 07:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2004/08/10 07:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/10 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004/08/10 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004/08/10 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004/08/10 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004/08/10 07:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2004/08/10 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2004/08/10 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/08/10 04:45:04 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mhndrv.sys -- (MHNDRV)
DRV - [2004/08/03 18:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001/08/17 14:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 09:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [1996/04/03 15:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\user_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/03 03:01:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/01/03 00:32:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{fce8417d-ef18-11dd-845c-000c6e211f50}: C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6m1y29zh.default\extensions\ [2010/09/16 17:44:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/08/17 18:45:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/07 22:43:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/07 22:43:16 | 000,000,000 | ---D | M]

[2010/09/16 17:54:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/07 22:43:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/03 00:32:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/08/26 19:17:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/11/24 20:53:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/06/28 04:30:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/07 22:42:50 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/08/07 22:42:50 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/08/07 22:43:03 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/10/13 14:00:00 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/10/24 14:15:36 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/10/13 14:00:00 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2010/08/07 22:43:06 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/08/07 22:43:06 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/08/07 22:43:06 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/08/07 22:43:06 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/08/07 22:43:06 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/06/13 16:41:31 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
[2010/08/07 22:43:06 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/08/07 22:43:06 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/09/05 21:18:24 | 000,407,846 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14129 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\6m1y29zh.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.78.dll File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\user_ON_C\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe ()
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Broadcom Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe (Walt Disney Internet Group)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKU\Administrator_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\user_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C8AEB218-8B7A-4E15-AC17-0EE8D99B80EB} http://cnn-5.vo.llnwd.net/c1/static/cab_he...pWebUpdater.cab (GameTap Web Updater)
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.4/ji...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsecurity.net/scanner/cascanner.cab (CAScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/12 16:52:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 00:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/10 06:59:31 | 000,552,960 | ---- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/10/09 00:23:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/09/28 14:30:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010/09/28 11:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/09/28 11:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/09/25 23:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2010/09/24 14:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\New Folder B
[2010/09/23 22:00:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/23 21:35:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/09/23 21:35:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/09/23 21:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/09/23 21:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/09/23 21:22:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/12/05 18:30:42 | 001,228,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\ADBEPHSPCS4_LS1.exe
[2008/11/16 11:55:30 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/10 08:14:37 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/10/07 23:09:23 | 013,893,632 | -H-- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010/10/07 23:09:23 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/10/07 23:09:23 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/10/07 23:09:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/07 23:07:40 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010/10/07 20:17:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/07 20:16:54 | 000,060,452 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010/10/07 20:16:50 | 803,385,344 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/07 20:02:22 | 003,875,331 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MyPoppy.exe
[2010/10/02 14:49:42 | 000,009,830 | ---- | M] () -- C:\exefix.reg
[2010/09/28 10:57:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/27 02:51:36 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/27 02:51:36 | 000,441,362 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/27 02:51:36 | 000,071,258 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/25 23:55:48 | 155,004,012 | ---- | M] () -- C:\Documents and Settings\user\My Documents\Registry Backup.reg
[2010/09/24 10:54:48 | 002,230,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/23 22:02:39 | 000,000,105 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/23 21:29:43 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/16 19:13:59 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/11 11:40:32 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\user\My Documents\*.tmp files -> C:\Documents and Settings\user\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/07 21:30:37 | 003,875,331 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MyPoppy.exe
[2010/10/03 20:07:04 | 803,385,344 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/02 16:28:08 | 000,009,830 | ---- | C] () -- C:\exefix.reg
[2010/09/25 23:55:03 | 155,004,012 | ---- | C] () -- C:\Documents and Settings\user\My Documents\Registry Backup.reg
[2010/09/09 02:04:29 | 000,012,376 | ---- | C] () -- C:\Documents and Settings\user\Bally Essay.txt
[2010/09/05 19:57:39 | 000,002,599 | ---- | C] () -- C:\Documents and Settings\user\toy story.txt
[2010/08/23 01:52:19 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\user\Grants.txt
[2010/08/06 05:49:02 | 000,012,376 | ---- | C] () -- C:\Documents and Settings\user\pua.txt
[2010/08/04 02:46:46 | 000,002,331 | ---- | C] () -- C:\Documents and Settings\user\college.txt
[2010/07/30 06:18:53 | 000,004,595 | ---- | C] () -- C:\Documents and Settings\user\aokeja.txt
[2010/07/28 05:15:48 | 000,005,091 | ---- | C] () -- C:\Documents and Settings\user\fbcvo.txt
[2010/07/28 05:10:17 | 000,002,759 | ---- | C] () -- C:\Documents and Settings\user\fb2.txt
[2010/07/20 23:14:32 | 000,000,053 | ---- | C] () -- C:\Documents and Settings\user\tix.txt
[2010/07/19 01:25:56 | 000,002,778 | ---- | C] () -- C:\Documents and Settings\user\fb.txt
[2010/07/16 06:58:52 | 000,000,247 | ---- | C] () -- C:\Documents and Settings\user\strasmas.txt
[2010/07/14 02:08:15 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\user\aaa.txt
[2010/07/11 04:27:00 | 000,288,488 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/10 23:01:26 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\user\veg 9.txt
[2010/07/09 05:06:48 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\user\lowerthirds.txt
[2010/07/09 02:49:31 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\user\statespic.txt
[2010/07/01 14:44:31 | 000,003,144 | ---- | C] () -- C:\Documents and Settings\user\jman.txt
[2010/05/12 20:55:35 | 000,000,017 | ---- | C] () -- C:\Documents and Settings\user\boesfinal.txt
[2010/04/26 23:22:31 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\user\yankees suck.txt
[2010/04/20 11:34:30 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\user\hope shatterd.txt
[2010/04/11 01:29:02 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\user\tbreds_vs_coralgables.txt
[2010/04/02 19:31:49 | 000,000,175 | ---- | C] () -- C:\Documents and Settings\user\ps.txt
[2010/03/29 03:53:42 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\user\math bleep.txt
[2010/03/18 05:50:02 | 000,022,094 | ---- | C] () -- C:\Documents and Settings\user\JORGE'S PLAYLIST.txt
[2009/12/05 18:30:41 | 853,860,607 | ---- | C] () -- C:\Program Files\ADBEPHSPCS4_LS1.7z
[2009/11/24 22:43:20 | 000,011,177 | ---- | C] () -- C:\Documents and Settings\user\.recently-used.xbel
[2009/11/08 16:23:28 | 000,000,978 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2009/10/24 21:17:40 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/10/24 21:17:39 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/10/24 21:17:37 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/10/24 17:13:41 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009/10/24 17:13:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009/10/01 20:20:53 | 000,000,045 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences2.dat
[2009/10/01 20:18:57 | 000,000,038 | ---- | C] () -- C:\Documents and Settings\user\jagex_runescape_preferences.dat
[2009/08/12 19:47:55 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\bsratswf.dll
[2009/08/12 19:47:55 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\bsratwmv.dll
[2009/08/06 00:06:59 | 000,007,103 | ---- | C] () -- C:\Documents and Settings\user\Workout.txt
[2009/07/31 06:00:31 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/07/31 06:00:30 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/07/31 06:00:30 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009/07/31 06:00:30 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/07/29 14:29:09 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2009/07/29 14:29:05 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat.LOG
[2009/07/29 14:28:59 | 004,980,736 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2009/07/28 18:13:16 | 000,005,285 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/15 21:44:21 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\user\Application Data\$_hpcst$.hpc
[2009/07/06 17:28:18 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/07/03 19:36:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2009/07/02 01:19:41 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\user\error.txt
[2009/06/28 18:50:38 | 000,000,200 | ---- | C] () -- C:\Documents and Settings\user\trio_log.txt
[2009/03/15 03:02:59 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/13 21:48:54 | 000,000,287 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/01/05 21:56:57 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008/11/27 00:11:10 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\user\.plugin141.trace
[2008/11/21 15:55:07 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\D6F05C7EA2.sys
[2008/11/21 15:37:39 | 000,002,568 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/11/18 20:16:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/11/17 21:09:28 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/16 12:14:15 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2008/11/16 12:14:15 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2008/11/16 11:55:30 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2008/11/15 23:41:13 | 000,000,088 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2008/11/15 23:14:41 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2008/11/15 23:13:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/13 10:39:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/12 18:41:37 | 000,356,352 | R--- | C] () -- C:\WINDOWS\EMCRI.dll
[2008/11/12 17:05:54 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\fusioncache.dat
[2008/11/12 17:00:39 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\user\ntuser.dat.LOG
[2008/11/12 17:00:39 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\user\ntuser.ini
[2008/11/12 17:00:38 | 013,893,632 | -H-- | C] () -- C:\Documents and Settings\user\NTUSER.DAT
[2008/11/12 16:59:40 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2008/11/12 16:59:39 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2008/11/12 16:59:39 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2008/11/12 16:58:18 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2008/11/12 16:58:17 | 000,262,144 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2008/11/12 16:58:17 | 000,008,192 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/09/20 06:27:16 | 003,190,784 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2007/09/20 06:27:16 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/09/20 06:27:16 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2007/09/20 06:27:16 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007/09/20 06:27:16 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007/09/20 06:27:16 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2007/09/20 06:27:16 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2007/09/20 06:27:16 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2007/09/20 06:27:16 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2007/09/20 06:27:16 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007/09/20 06:27:16 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2007/09/20 06:27:16 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2007/09/20 06:27:16 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2007/09/20 06:27:16 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2007/09/20 06:27:16 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/09/20 06:27:16 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2007/09/20 06:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2007/09/20 06:27:16 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2007/09/20 06:27:16 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2007/09/20 06:27:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/03/02 06:44:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\zmbv.dll
[2006/05/25 09:33:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2005/11/11 21:40:48 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2005/08/05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1998/10/11 01:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009/09/07 16:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2010/07/22 02:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
[2008/11/16 21:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\acccore
[2010/06/21 03:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\avidemux
[2008/11/23 18:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Canon
[2009/02/08 18:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FireShot
[2010/03/21 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1
[2010/09/28 00:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FrostWire
[2009/10/24 17:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GetRightToGo
[2009/11/24 22:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\gtk-2.0
[2009/12/31 02:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ImgBurn
[2009/06/07 14:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\LimeWire
[2009/07/06 21:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Netscape
[2009/07/06 21:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Photodex
[2010/06/22 19:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Publish Providers
[2009/11/01 02:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SharePod
[2010/07/22 02:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Softland
[2010/07/11 00:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony
[2010/07/11 02:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Sony Creative Software
[2010/04/05 14:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\StreamTorrent
[2009/07/23 23:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ulead Systems
[2009/05/24 18:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Uniblue
[2010/09/01 03:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\uTorrent

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: DNSAPI.DLL >
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=0A3325D38DB90792BBBE01334F273974 -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\dnsapi.dll
[2008/06/20 13:41:10 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=176497D0E7AE618860552A4B5635B206 -- C:\WINDOWS\$NtServicePackUninstall$\dnsapi.dll
[2008/06/20 13:43:05 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=1C2A6C104E6184B05EEB0C114BE4F150 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
[2008/06/20 13:46:57 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=5D3FDE8FB2801A2041D1B965372C4928 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
[2008/06/20 13:46:57 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=5D3FDE8FB2801A2041D1B965372C4928 -- C:\WINDOWS\system32\dllcache\dnsapi.dll
[2004/08/10 07:00:00 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=C76735BFB7214907B4590DD35AE64A79 -- C:\WINDOWS\$NtUninstallKB951748_0$\dnsapi.dll
[2008/06/20 13:36:11 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=D803BDB34C060035D4753DDA046D5C72 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
[2008/04/13 20:11:52 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll

< MD5 for: IEFRAME.DLL >
[2008/10/16 16:24:09 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=233F3168F83CCAEA70EDD0FC6C272A74 -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
[2008/10/16 16:38:37 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=23DD2287BA2630805E16571CB5E4E3EB -- C:\WINDOWS\ie7updates\KB961260-IE7\ieframe.dll
[2010/03/11 07:49:30 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=25891590F55C29A6561C53FD67452B0C -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\ieframe.dll
[2007/08/13 18:54:10 | 006,049,280 | ---- | M] (Microsoft Corporation) MD5=3460EC04E65C7B52024B5073C4AACFAA -- C:\WINDOWS\ie7updates\KB982381-IE7\ieframe.dll
[2009/08/29 03:31:12 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=4457FBAE53EB951FCFD4A92F4A62FCC4 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\ieframe.dll
[2009/10/29 03:45:43 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=5530B5093740BCFEDDE85C54CE2476BB -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\ieframe.dll
[2009/04/29 00:49:17 | 006,069,248 | ---- | M] (Microsoft Corporation) MD5=629932D1D34AC476AB8EBC78D719B33B -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\ieframe.dll
[2010/05/06 16:06:24 | 011,078,144 | ---- | M] (Microsoft Corporation) MD5=829BC36DEC43E7A9F53E826BAC991540 -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\ieframe.dll
[2010/05/04 13:20:35 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=8641B27F8DF694C39CA1DBA2F71373FB -- C:\WINDOWS\ie7updates\KB2183461-IE7\ieframe.dll
[2010/01/05 05:57:27 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=976F8175CDCD27192196669E052F7C51 -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\ieframe.dll
[2010/05/04 13:20:01 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=98AF5E356C2D9BF3C0CEDA7484A8297D -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\ieframe.dll
[2008/10/03 13:41:15 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=9A647EB36A8D4C97A15F46CD560E98E2 -- C:\WINDOWS\ie7updates\KB958215-IE7\ieframe.dll
[2009/02/20 14:09:36 | 006,066,176 | ---- | M] (Microsoft Corporation) MD5=A280BC1D20C94DDEE22EF9DB507821E0 -- C:\WINDOWS\ie7updates\KB969897-IE7\ieframe.dll
[2010/01/05 06:00:23 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BC88680EDB207514D8009BD98761B6BB -- C:\WINDOWS\ie7updates\KB980182-IE7\ieframe.dll
[2009/07/19 09:31:48 | 006,070,784 | ---- | M] (Microsoft Corporation) MD5=BCB67F7FC4EDDDD1D0F3FF9CD41D706C -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\ieframe.dll
[2010/06/24 08:15:27 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BED7CDEFE6353F95B5AB2B2715E7FA81 -- C:\WINDOWS\SoftwareDistribution\Download\bd4a8ed1ff18ce602cf240d9190152b0\sp3gdr\ieframe.dll
[2010/06/24 08:15:27 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=BED7CDEFE6353F95B5AB2B2715E7FA81 -- C:\WINDOWS\system32\dllcache\ieframe.dll
[2008/10/03 13:26:50 | 006,068,224 | ---- | M] (Microsoft Corporation) MD5=C0F690706C8F4468B17A20530D7B32E2 -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
[2008/12/20 19:55:50 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=CBA0078473E65D8F4BE1A472099162D0 -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ieframe.dll
[2010/06/24 08:16:21 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=D6D47DBCC1F85FD2B63BB5CD60FAEA72 -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\ieframe.dll
[2010/06/24 08:16:21 | 006,071,296 | ---- | M] (Microsoft Corporation) MD5=D6D47DBCC1F85FD2B63BB5CD60FAEA72 -- C:\WINDOWS\SoftwareDistribution\Download\bd4a8ed1ff18ce602cf240d9190152b0\sp3qfe\ieframe.dll
[2009/07/19 09:32:59 | 006,067,200 | ---- | M] (Microsoft Corporation) MD5=DAABB9EC6CDEE737044E76812D5E1EEB -- C:\WINDOWS\ie7updates\KB974455-IE7\ieframe.dll
[2009/02/20 14:09:52 | 006,068,736 | ---- | M] (Microsoft Corporation) MD5=DFAD02C430698F3C28C82380F87B262E -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\ieframe.dll
[2010/06/24 08:15:27 | 006,067,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< MD5 for: IERTUTIL.DLL >
[2009/08/29 03:31:12 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=02BDD5FE51CD53F58CDA085B29F183B9 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iertutil.dll
[2010/06/24 08:15:27 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0C51DB6731F0E0F548582C95BA95992C -- C:\WINDOWS\SoftwareDistribution\Download\bd4a8ed1ff18ce602cf240d9190152b0\sp3gdr\iertutil.dll
[2010/06/24 08:15:27 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0C51DB6731F0E0F548582C95BA95992C -- C:\WINDOWS\system32\dllcache\iertutil.dll
[2009/02/20 14:09:37 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=0EB06AA08ADFE9BDF78AC6CD914721C2 -- C:\WINDOWS\ie7updates\KB969897-IE7\iertutil.dll
[2008/10/16 16:38:37 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=21E9A2407A947EF9D788812A2404D57D -- C:\WINDOWS\ie7updates\KB961260-IE7\iertutil.dll
[2010/05/04 13:20:36 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=28D1D65D22D76A07D4E168F64CE6A15A -- C:\WINDOWS\ie7updates\KB2183461-IE7\iertutil.dll
[2007/08/13 18:34:04 | 000,266,752 | ---- | M] (Microsoft Corporation) MD5=37B82F050378ABA1FC6BF6664575F68B -- C:\WINDOWS\ie7updates\KB982381-IE7\iertutil.dll
[2008/10/16 16:24:09 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=3E776F61E3CD7334BA4F04D25A382A3D -- C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
[2009/02/20 14:09:52 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=47F3AE3BF4C6E30124B4F456A3944F6A -- C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iertutil.dll
[2008/08/26 05:08:39 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=496911E0EEFFB07C5803FAEFF2A8F06D -- C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
[2008/12/20 19:55:50 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=51DB5F2D1D5FEDEF5FA920F4EB5BC91E -- C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iertutil.dll
[2010/03/11 07:49:31 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=52745C1BA2F4B2038BDC84A0D392833D -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iertutil.dll
[2009/06/29 12:12:16 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=783E933FFAE1401A05DEB23553C07D3D -- C:\WINDOWS\ie7updates\KB974455-IE7\iertutil.dll
[2009/06/29 12:23:11 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=9B20BF14CC2A13A2BAB7ECAEB05206CE -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iertutil.dll
[2008/08/26 03:24:29 | 000,267,776 | ---- | M] (Microsoft Corporation) MD5=A223769899F3D981DEFC81CD791D687F -- C:\WINDOWS\ie7updates\KB958215-IE7\iertutil.dll
[2009/10/29 03:45:43 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=A8EDBE192207E3AE7EFC58D857507E98 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iertutil.dll
[2010/05/06 06:36:24 | 001,986,048 | ---- | M] (Microsoft Corporation) MD5=AA9B8D2F3BEB369DB82E48C689D7A8FC -- C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\iertutil.dll
[2010/01/05 06:00:24 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=BF7DFAD80E6991942D362F71BE1EAD1F -- C:\WINDOWS\ie7updates\KB980182-IE7\iertutil.dll
[2010/06/24 08:16:21 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=C0D77293644765C00FEBC52CC5DF3703 -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iertutil.dll
[2010/06/24 08:16:21 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=C0D77293644765C00FEBC52CC5DF3703 -- C:\WINDOWS\SoftwareDistribution\Download\bd4a8ed1ff18ce602cf240d9190152b0\sp3qfe\iertutil.dll
[2010/05/04 13:20:01 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=DD2AA1304C4293A1888AA1A3285A4D88 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iertutil.dll
[2009/04/29 00:49:18 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=F0054228DF9E36667E10644986B19AAF -- C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iertutil.dll
[2010/01/05 05:57:28 | 000,268,288 | ---- | M] (Microsoft Corporation) MD5=F546A6E483BE82692D448A872E9E76A9 -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iertutil.dll
[2010/06/24 08:15:27 | 000,268,288 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll

< MD5 for: MSTASK.DLL >
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=4044E880593FE1AC9942190FCE414BE7 -- C:\WINDOWS\ServicePackFiles\i386\mstask.dll
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=4044E880593FE1AC9942190FCE414BE7 -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\mstask.dll
[2004/08/10 07:00:00 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=DAD1CEF1B77539B4EF734A1041CF95ED -- C:\WINDOWS\$NtServicePackUninstall$\mstask.dll
[2008/04/13 20:12:00 | 000,274,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll

< MD5 for: NTDSAPI.DLL >
[2004/08/10 07:00:00 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6201BACF384292A5FE94CE73364AE53A -- C:\WINDOWS\$NtServicePackUninstall$\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=EC4C0D9BFD9F7E33F8B395AD54E13063 -- C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=EC4C0D9BFD9F7E33F8B395AD54E13063 -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\ntdsapi.dll
[2008/04/13 20:12:02 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll

< MD5 for: PSAPI.DLL >
[2004/08/10 07:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=96E48C7EB9089D1DBF6F85CA11B264DF -- C:\WINDOWS\$NtServicePackUninstall$\psapi.dll
[2008/04/13 20:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=9CFCB3CA3D83B4EAA133F0644A2C6F31 -- C:\WINDOWS\ServicePackFiles\i386\psapi.dll
[2008/04/13 20:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=9CFCB3CA3D83B4EAA133F0644A2C6F31 -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\psapi.dll
[2008/10/28 22:05:00 | 000,018,192 | ---- | M] (Microsoft Corporation) MD5=B3D22A483875A61CB2060C7D518EFFC2 -- C:\Acer\ATI\SUPPORT\8-11_xp32_dd_ccc_wdm_enu_70226\psapi.dll
[2008/04/13 20:12:03 | 000,023,040 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\psapi.dll

< MD5 for: SHELL32.DLL >
[2008/07/03 09:03:29 | 008,460,800 | ---- | M] (Microsoft Corporation) MD5=06DA8C5383AAF17127FC4B1658BA3F4F -- C:\WINDOWS\$hf_mig$\KB967715\SP2QFE\shell32.dll
[2008/06/17 15:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=08B99916C98E15F6C28D24D73E53B45A -- C:\WINDOWS\$hf_mig$\KB967715\SP3GDR\shell32.dll
[2008/06/17 15:02:19 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=08B99916C98E15F6C28D24D73E53B45A -- C:\WINDOWS\$NtUninstallKB2286198$\shell32.dll
[2008/04/13 20:12:05 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\$NtUninstallKB967715$\shell32.dll
[2008/04/13 20:12:05 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\ServicePackFiles\i386\shell32.dll
[2008/04/13 20:12:05 | 008,461,312 | ---- | M] (Microsoft Corporation) MD5=0CF50B1F45DAB08430C1DBB79FE2CA5B -- C:\WINDOWS\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\shell32.dll
[2008/06/17 15:04:34 | 008,461,824 | ---- | M] (Microsoft Corporation) MD5=270CE1BFDF019A3D7527F1DA6FB1FA96 -- C:\WINDOWS\$hf_mig$\KB967715\SP3QFE\shell32.dll
[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) MD5=304CFF53C9C9BEB03607ABE94A8FC781 -- C:\WINDOWS\SoftwareDistribution\Download\0ffc790b117ebc1d1b7e531ea04decbf\sp3gdr\shell32.dll
[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) MD5=304CFF53C9C9BEB03607ABE94A8FC781 -- C:\WINDOWS\system32\dllcache\shell32.dll
[2008/07/03 09:16:57 | 008,454,656 | ---- | M] (Microsoft Corporation) MD5=56B6333DDA2576803F99F0EA373D0A7B -- C:\WINDOWS\$NtServicePackUninstall$\shell32.dll
[2010/07/27 02:28:54 | 008,463,360 | ---- | M] (Microsoft Corporation) MD5=B65D8CE7C75835906CD21C974B875503 -- C:\WINDOWS\$hf_mig$\KB2286198\SP3QFE\shell32.dll
[2010/07/27 02:28:54 | 008,463,360 | ---- | M] (Microsoft Corporation) MD5=B65D8CE7C75835906CD21C974B875503 -- C:\WINDOWS\SoftwareDistribution\Download\0ffc790b117ebc1d1b7e531ea04decbf\sp3qfe\shell32.dll
[2004/08/10 07:00:00 | 008,384,000 | ---- | M] (Microsoft Corporation) MD5=D5988A5048E4DC7175BCA9F29FC144AE -- C:\WINDOWS\$NtUninstallKB967715_0$\shell32.dll
[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
< End of report >



#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:06 PM

Posted 10 October 2010 - 01:04 PM

The seems to be a hook in the shell2.dll file.

Lets check the MBR:


Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

QUOTE
Enter 'Y' and hit ENTER for more options, or 'N' to exit:


Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 mudcat24

mudcat24
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:06 PM

Posted 10 October 2010 - 01:19 PM

You want me to boot it up to the OS or to OTLPE CD?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users