Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Malware?


  • This topic is locked This topic is locked
30 replies to this topic

#1 SouthrnSmile40

SouthrnSmile40

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 PM

Posted 26 October 2010 - 12:56 AM

HI. Iam having a problem with what we think is malware in the rootkit that is hidden. I have been recieving GREAT help from BoopMe, here: http://www.bleepingcomputer.com/forums/topic355383.html ~ OB but was informed to come here after I did the last 3 scans. We have ran sooooo many programs but cannot seem to find it. The last 3 I have done were:

Defogger
DDS
and GMer

....as far as the GMer...I was unable to run it because I kept getting an error message that a program has caused a problem and GMER needs to shut down, and windows is looking for a solution. The first time it stopped the program GMer it went to a blue screen, and then restarted the computer. I tried it again and it got the error message as I posted earlier in this paragraph. At this point I am stuck.........I am very computer illiterate, and am in the hopes of not having to format or reformat because I do not have a vista disc...all I have is a recovery disc that I downloaded from online. Any help will be GREATLY appreciated. Ummm I am including a log from the DDS scan as requested....and also have one attached. Thank you so much for any, and all help IAttached File  Attach.txt   11.01KB   1 downloads can get. Have a most Blessed night.

Kimberly:(


DDS (Ver_10-10-21.02) - NTFSx86
Run by iji at 1:08:27.23 on Tue 10/26/2010
Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22

============== Running Processes ===============


============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = Preserve
uWindow Title = Windows Internet Explorer provided by Comcast
uStart Page = hxxp://www.bing.com/?pc=ZUGO&form=ZGAPHP
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mStart Page = hxxp://www.xfinity.com/?cid=xfactiv_eg_self_main
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mWindow Title = Windows Internet Explorer provided by Comcast
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: TBSB01620 Class: {58124a0b-dc32-4180-9bff-e0e21ae34026} - c:\program files\iminent toolbar\tbcore3.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: IMinent WebBooster (BHO): {a09ab6eb-31b5-454c-97ec-9b294d92ee2a} - c:\program files\iminent\imbooster4web\Iminent.WebBooster.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: kikin Plugin: {e601996f-e400-41ca-804b-cd6373a7eee2} - c:\program files\kikin\ie_kikin.dll
BHO: BandooIEPlugin Class: {eb5cee80-030a-4ed8-8e20-454e9c68380f} - c:\program files\bandoo\plugins\ie\ieplugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: IdiomaX Translation ToolBar: {477a7a3c-8b11-4b02-add1-7a01c4d00fa2} - c:\program files\common files\idiomax shared\cat 6.0\TrdIEAddIn.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: IMinent Toolbar: {977ae9cc-af83-45e8-9e03-e2798216e2d5} - c:\program files\iminent toolbar\tbcore3.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [Pando] c:\program files\pando networks\pando\Pando.exe /Minimized
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Add animation to IncrediMail Style Box - c:\program files\incredimail\bin\resources\WebMenuImg.htm
IE: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\icq7.2\ICQ.exe
IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {FE768A8F-9F88-4511-B28B-552ED2F6B500} - {477A7A3C-8B11-4B02-ADD1-7A01C4D00FA2} - c:\program files\common files\idiomax shared\cat 6.0\TrdIEAddIn.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1287323115765
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1287323938957
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {CD9E7125-9FA0-4988-8EDD-3BB9588C646D} = 209.183.35.23 209.183.33.23
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: DfLogon - LogonDll.dll
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll avgrsstx.dll c:\progra~1\bandoo\bndhook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\iji\appdata\roaming\mozilla\firefox\profiles\5b310vvu.default\
FF - prefs.js: browser.startup.homepage - www.igoogle.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/webhp?ie=UTF-8&oe=UTF-8
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\users\iji\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\iji\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\iji\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2010-10-25 21:02:27 -------- d-----w- c:\program files\Sophos
2010-10-25 13:50:13 -------- d-----w- c:\progra~2\PMB Files
2010-10-25 12:22:57 -------- d-----w- c:\program files\YouTube Downloader
2010-10-25 01:38:31 -------- d--h--w- C:\$AVG
2010-10-24 20:56:21 -------- d-----w- c:\users\iji\appdata\roaming\Auslogics
2010-10-24 20:56:12 -------- d-----w- c:\program files\Auslogics
2010-10-24 17:45:07 -------- d-----w- c:\users\iji\appdata\roaming\SUPERAntiSpyware.com
2010-10-24 17:45:07 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com
2010-10-24 17:43:52 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-10-24 17:04:15 -------- d-----w- c:\users\iji\appdata\roaming\kikin
2010-10-24 17:04:04 -------- d-----w- c:\program files\kikin
2010-10-24 17:03:38 -------- d-----w- c:\users\iji\appdata\roaming\mIRC
2010-10-24 17:03:37 -------- d-----w- c:\users\iji\appdata\local\OpenCandy
2010-10-24 17:03:30 -------- d-----w- c:\users\iji\appdata\roaming\OpenCandy
2010-10-24 17:03:23 -------- d-----w- c:\program files\mIRC
2010-10-24 15:35:25 -------- d-----w- c:\users\iji\appdata\local\WeatherBug
2010-10-24 15:34:37 -------- d-----w- c:\users\iji\appdata\roaming\WeatherBug
2010-10-24 15:34:29 18944 ----a-r- c:\users\iji\appdata\roaming\microsoft\installer\{297dcada-86a1-4a42-8a13-66b7d7a09fd2}\IconBB6A16301.exe
2010-10-24 15:34:29 11264 ----a-r- c:\users\iji\appdata\roaming\microsoft\installer\{297dcada-86a1-4a42-8a13-66b7d7a09fd2}\IconBB6A1630.exe
2010-10-24 15:34:22 -------- d-----w- c:\program files\AWS
2010-10-24 04:07:03 -------- d-----w- c:\users\iji\appdata\roaming\Systweak
2010-10-24 03:51:37 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-10-24 03:51:11 -------- d--h--w- c:\program files\Temp
2010-10-23 05:10:18 -------- d-----w- c:\users\iji\DoctorWeb
2010-10-22 17:05:29 -------- d-----w- c:\program files\ESET
2010-10-22 07:53:48 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{2fe0fd78-1962-4073-9924-92bc294c1b9b}\mpengine.dll
2010-10-20 20:55:32 -------- d-----w- c:\users\iji\appdata\roaming\Malwarebytes
2010-10-20 20:55:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-20 20:55:21 -------- d-----w- c:\progra~2\Malwarebytes
2010-10-20 20:55:20 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-20 20:55:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-20 16:53:52 -------- d-----w- c:\program files\uTorrent
2010-10-20 13:27:35 312832 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpfpp70v.dll
2010-10-20 13:27:13 452408 ----a-w- c:\windows\system32\hpzids01.dll
2010-10-20 13:26:45 126976 ----a-w- c:\windows\system32\hpfll70v.dll
2010-10-20 13:21:00 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2010-10-20 13:20:59 309760 ----a-w- c:\windows\system32\difxapi.dll
2010-10-20 08:54:17 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-10-20 08:43:02 553696 ----a-w- c:\program files\mozilla firefox\uninstall\helper.exe
2010-10-19 19:10:24 -------- d-----w- c:\users\iji\appdata\roaming\AVG9
2010-10-19 16:36:36 -------- d-----w- c:\program files\Mozilla Developer Preview 3.7 Alpha 5
2010-10-19 02:43:14 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-10-19 02:43:12 25168 ----a-w- c:\windows\system32\drivers\AVGIDSvx.sys
2010-10-19 02:43:10 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-10-19 02:43:08 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-10-19 02:42:58 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-10-19 02:42:50 -------- d-----w- c:\windows\system32\drivers\Avg
2010-10-19 02:42:41 -------- d-----w- c:\progra~2\AVG Security Toolbar
2010-10-19 02:39:59 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys
2010-10-19 02:39:55 -------- d-----w- c:\progra~2\avg9
2010-10-18 23:26:35 -------- d-----w- c:\users\iji\appdata\local\IM
2010-10-18 23:25:40 -------- d-----w- c:\progra~2\IncrediMail
2010-10-18 23:25:15 -------- d-----w- c:\program files\IncrediMail
2010-10-18 23:25:15 -------- d-----w- c:\progra~2\IM
2010-10-18 18:32:22 -------- d-----w- c:\program files\common files\DivX Shared
2010-10-18 18:31:59 -------- d-----w- c:\program files\DivX
2010-10-18 18:31:35 -------- d-----w- c:\progra~2\DivX
2010-10-18 10:10:09 -------- d-----w- c:\progra~2\MFAData
2010-10-17 21:24:37 -------- d-----w- c:\windows\XSxS
2010-10-17 21:24:37 -------- d-----w- c:\program files\Xenocode
2010-10-17 13:39:46 -------- d-----w- c:\users\iji\appdata\roaming\HpUpdate
2010-10-17 13:38:46 -------- d-----w- c:\windows\Hewlett-Packard
2010-10-17 03:19:33 344064 ----a-w- c:\windows\system32\vphc710.exe
2010-10-17 02:54:27 -------- d-----w- c:\users\iji\appdata\roaming\AOLLifestream.621681294CEC3900A26138A4CB3BC67A344B732C.1
2010-10-17 02:52:51 -------- d-----w- c:\program files\AOL Lifestream
2010-10-17 02:44:09 -------- d-----w- c:\users\iji\appdata\local\AIM
2010-10-17 02:44:08 -------- d-----w- c:\users\iji\appdata\local\AOL
2010-10-17 02:43:48 -------- d-----w- c:\progra~2\AIM
2010-10-17 02:43:32 -------- d-----w- c:\program files\AIM
2010-10-17 02:43:29 -------- d-----w- c:\program files\common files\Software Update Utility
2010-10-17 02:43:23 -------- d-----w- c:\program files\common files\AOL
2010-10-17 02:23:20 -------- d-----w- c:\program files\Unknown Device Identifier
2010-10-17 01:33:30 -------- d-----w- c:\users\iji\appdata\roaming\Bandoo
2010-10-17 01:29:55 -------- d-----w- c:\program files\Driver-Soft
2010-10-15 14:45:32 -------- d-----w- c:\progra~2\Bandoo
2010-10-15 14:43:52 -------- d-----w- c:\program files\Bandoo
2010-10-15 14:35:35 -------- d-----w- c:\users\iji\appdata\roaming\sb_temp
2010-10-15 14:35:22 -------- d-----w- c:\program files\Smile Brush
2010-10-15 14:31:36 -------- d-----w- c:\users\iji\appdata\roaming\nswb
2010-10-15 14:31:33 -------- d-----w- c:\program files\EZ Emoticons
2010-10-15 09:17:11 -------- d-----w- c:\progra~2\Iminent
2010-10-15 09:12:49 -------- d-----w- c:\program files\IMinent Toolbar
2010-10-15 08:18:05 -------- d-----w- c:\progra~2\McAfee Security Scan
2010-10-15 08:17:33 -------- d-----w- c:\program files\McAfee Security Scan
2010-10-15 08:09:50 -------- d-----w- c:\program files\Iminent
2010-10-15 01:42:42 -------- d-----w- c:\users\iji\appdata\roaming\CheeseSoft
2010-10-15 01:42:42 -------- d-----w- C:\FU_Backup
2010-10-15 01:42:31 -------- d-----w- c:\program files\FinalUninstaller
2010-10-14 19:47:21 -------- d--h--w- c:\windows\Icons
2010-10-14 19:21:09 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-10-14 19:21:09 21312 ----a-w- c:\windows\system32\authuitu.dll
2010-10-14 18:42:53 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-10-14 18:39:22 -------- d-----w- c:\users\iji\appdata\roaming\TuneUp Software
2010-10-14 18:38:53 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-10-14 18:36:54 -------- d-----w- c:\progra~2\TuneUp Software
2010-10-14 18:36:24 -------- d-sh--w- c:\progra~2\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-10-13 19:39:01 -------- d-----w- c:\windows\system32\MpEngineStore
2010-10-13 02:57:37 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-10-13 00:19:10 -------- d-----w- c:\users\iji\appdata\local\Apps
2010-10-12 23:04:31 -------- d-----w- c:\program files\MSECache
2010-10-12 18:46:01 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-12 18:45:51 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-12 18:45:50 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-12 18:45:50 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-12 18:45:48 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-12 18:45:47 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-12 18:44:53 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2010-10-12 18:44:47 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-12 18:43:52 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-12 18:43:46 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-10-12 18:41:38 274944 ----a-w- c:\windows\system32\schannel.dll
2010-10-12 18:41:27 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2010-10-12 18:41:27 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-12 18:28:30 -------- d--h--w- C:\$AVG8.VAULT$
2010-10-12 18:26:55 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-10-12 18:26:42 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-12 18:26:42 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-12 18:26:22 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-10-11 09:47:50 158456 ------w- c:\windows\system32\pxwma.dll
2010-10-11 09:21:49 -------- d-----w- c:\program files\common files\xing shared
2010-10-11 07:03:46 165376 ----a-w- c:\windows\system32\unrar.dll
2010-10-11 07:03:40 232448 ----a-w- c:\windows\system32\mp3fhg.acm
2010-10-11 07:03:38 151552 ----a-w- c:\windows\system32\ac3acm.acm
2010-10-11 07:03:37 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-10-11 07:03:36 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-10-11 07:03:36 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-10-11 07:03:25 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-10-11 07:03:10 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-10-11 04:37:52 -------- d-----w- c:\users\iji\appdata\local\Real
2010-10-11 04:33:59 569397 ----a-w- c:\program files\internet explorer\plugins\richfx\player\nprfxins.dll
2010-10-11 04:30:30 -------- d-----w- c:\program files\The Weather Channel FW
2010-10-11 04:30:11 -------- d-----w- c:\users\iji\appdata\local\The Weather Channel
2010-10-11 02:00:07 -------- d-----w- c:\program files\common files\Real
2010-10-10 22:23:32 -------- d-----w- c:\users\iji\appdata\local\Trend Micro
2010-10-10 21:32:25 -------- d-----w- c:\progra~2\Trend Micro
2010-10-10 21:32:18 -------- d-----w- c:\program files\Trend Micro
2010-10-08 19:50:03 -------- d-----w- c:\users\iji\appdata\roaming\Efficient Lady's Organizer
2010-10-08 19:50:00 -------- d-----w- c:\program files\Efficient Lady's Organizer
2010-10-07 21:16:07 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2010-10-07 21:15:05 20480 ----a-w- c:\windows\system32\winrshost.exe
2010-10-07 21:15:05 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2010-10-07 21:15:04 40448 ----a-w- c:\windows\system32\winrs.exe
2010-10-07 17:09:32 -------- d-----w- c:\users\iji\appdata\roaming\Trillian
2010-10-07 16:17:01 -------- d-----w- c:\users\iji\appdata\local\Meebo
2010-10-07 01:19:51 -------- d-----w- c:\users\iji\appdata\roaming\Uniblue
2010-10-05 19:38:20 -------- d-sh--r- C:\_Backup.RC
2010-10-05 19:28:23 -------- d--h--w- C:\_Backup
2010-10-05 19:28:23 -------- d-----w- c:\users\iji\appdata\roaming\Avanquest
2010-10-05 19:28:14 -------- d-----w- c:\progra~2\Avanquest
2010-10-05 19:26:29 -------- d-----w- c:\program files\Avanquest update
2010-10-05 19:25:01 -------- d-----w- c:\program files\common files\AntiVirus
2010-10-05 19:16:55 -------- d-----w- c:\program files\Avanquest
2010-10-05 19:06:01 -------- d-----w- c:\windows\5158974E2D28401893357694C2974746.TMP
2010-10-05 19:04:58 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2010-10-05 16:06:19 -------- d-----w- c:\program files\Firetrust
2010-10-05 15:30:02 -------- d-----w- c:\progra~2\Firetrust
2010-10-05 15:28:32 -------- d-----w- c:\users\iji\appdata\roaming\Firetrust
2010-10-05 15:13:59 -------- d-----w- c:\program files\LostGoggles
2010-10-05 15:07:13 -------- d-----w- c:\users\iji\appdata\roaming\YouSendIt
2010-10-05 15:06:05 -------- d-----w- c:\program files\YouSendIt
2010-10-05 14:58:03 -------- d-----w- c:\program files\Imici
2010-10-05 07:49:46 -------- d-----w- c:\progra~2\Systweak
2010-10-05 07:30:37 -------- d-----w- c:\windows\Repair
2010-10-05 07:28:52 -------- d-----w- c:\progra~2\MyDefrag
2010-10-05 07:28:42 17136 ----a-w- c:\windows\system32\sasnative32.exe
2010-10-05 07:27:37 -------- d-----w- c:\program files\Advanced System Optimizer 3
2010-10-04 18:16:55 -------- d-----w- c:\users\iji\appdata\local\WinZip
2010-10-02 01:35:47 553760 ----a-w- c:\users\iji\Mats_Run.maintenance.exe
2010-10-02 01:33:53 554272 ----a-w- c:\users\iji\Mats_Run.performance.exe
2010-10-01 12:56:03 -------- d-----w- c:\program files\IncrediMail(10)
2010-10-01 08:29:15 -------- d-----w- c:\progra~2\PC Drivers Headquarters
2010-10-01 08:08:11 -------- d-----w- c:\users\iji\appdata\local\Downloaded Installations
2010-10-01 07:41:56 -------- d-----w- c:\windows\system32\Registry Patrol
2010-09-29 01:53:05 -------- d-----w- c:\program files\iPod
2010-09-29 01:52:33 -------- d-----w- c:\program files\iTunes
2010-09-28 23:43:47 -------- d-----w- c:\program files\Windows Portable Devices
2010-09-28 22:58:05 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-09-28 22:57:54 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-09-28 22:57:54 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-09-28 22:54:08 258048 ----a-w- c:\windows\system32\winspool.drv
2010-09-28 22:54:07 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2010-09-28 22:50:04 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-09-28 22:50:03 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2010-09-28 22:50:03 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2010-09-28 22:49:36 134144 ----a-w- c:\program files\windows portable devices\sqmapi.dll
2010-09-28 22:49:26 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2010-09-28 22:43:05 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-09-28 22:42:59 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-09-28 22:42:59 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-09-28 22:11:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-28 22:10:08 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-09-28 22:08:55 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-09-28 20:14:16 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-28 18:56:58 759296 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2010-09-28 18:31:36 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-09-28 18:31:36 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-09-28 18:31:36 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-09-28 18:31:36 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-09-28 18:31:35 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-09-28 18:20:47 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-28 18:20:36 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-09-28 18:20:32 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-09-28 18:20:11 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-09-28 18:19:56 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-09-28 18:19:49 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-09-28 18:19:48 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-09-28 18:19:31 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-28 18:19:17 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2010-09-28 18:19:12 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2010-09-28 18:19:01 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2010-09-28 18:18:10 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-09-28 18:18:01 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-09-28 18:17:55 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-09-28 18:17:41 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-09-28 18:17:31 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-09-28 18:16:54 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-28 18:08:19 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2010-09-28 18:08:10 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-28 18:06:38 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-09-28 16:25:46 -------- d-----w- c:\windows\system32\eu-ES
2010-09-28 16:25:46 -------- d-----w- c:\windows\system32\ca-ES
2010-09-28 16:25:08 -------- d-----w- c:\windows\system32\vi-VN
2010-09-28 15:30:18 -------- d-----w- c:\windows\system32\SPReview
2010-09-28 13:59:39 928768 ----a-w- c:\windows\system32\scavenge.dll
2010-09-28 13:58:07 57856 ----a-w- c:\windows\system32\compcln.exe
2010-09-28 12:52:59 69632 ----a-w- c:\windows\system32\rastapi.dll
2010-09-28 12:51:41 93696 ----a-w- c:\windows\system32\eappgnui.dll
2010-09-28 12:49:59 592896 ----a-w- c:\windows\system32\netlogon.dll
2010-09-28 12:48:59 860160 ----a-w- c:\windows\system32\WerFaultSecure.exe
2010-09-28 12:47:59 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2010-09-28 12:24:24 -------- d-----w- c:\windows\system32\EventProviders
2010-09-28 11:57:04 -------- d-----w- C:\a155a1790176703584e5
2010-09-28 00:58:00 498580680 ----a-w- c:\users\iji\Windows6.0-KB948465-X86.exe
2010-09-27 15:28:11 -------- d-----w- c:\users\iji\appdata\roaming\PCToolsFirewallPlus
2010-09-27 15:28:06 -------- d-----w- c:\users\iji\appdata\roaming\Spam Monitor
2010-09-27 14:27:59 -------- d-----w- c:\program files\common files\PC Tools
2010-09-27 14:27:19 -------- d-----w- c:\users\iji\appdata\roaming\PC Tools
2010-09-27 14:27:19 -------- d-----w- c:\program files\PC Tools Internet Security
2010-09-27 14:27:19 -------- d-----w- c:\progra~2\PC Tools
2010-09-27 14:10:08 -------- d-----w- c:\users\iji\SDAA19
2010-09-27 13:39:53 -------- d-----w- c:\users\iji\appdata\roaming\Geek Squad 24 Hour Computer Support
2010-09-27 12:30:04 -------- d-----w- c:\users\iji\appdata\roaming\Simply Super Software
2010-09-27 06:35:25 -------- d-----w- c:\progra~2\RealHideIP
2010-09-26 22:00:19 -------- dc-h--w- c:\progra~2\{CCE9E666-4D7C-4946-A98B-CFDE0A0C1706}
2010-09-26 21:56:01 -------- dc----w- c:\progra~2\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-09-26 08:16:31 -------- d-----w- c:\users\iji\appdata\local\ElevatedDiagnostics
2010-09-26 07:53:38 -------- d-----w- c:\program files\Microsoft ATS

==================== Find3M ====================

2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-24 01:09:39 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-09-24 01:07:53 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-09-20 18:05:19 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2010-09-08 15:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-08 06:01:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56:53 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04:36 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-08-10 11:46:46 1066176 ----a-w- c:\windows\system32\MSCOMCTL.ocx

============= FINISH: 1:11:11.62 ===============

Who is OrangeBlossom, and they edited my post?

EDIT: OrangeBlossom, like myself, is one of the forum Moderators.

Edited by Budapest, 29 October 2010 - 04:45 PM.

Kimberly

BC AdBot (Login to Remove)

 


#2 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:34 PM

Posted 04 November 2010 - 06:16 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.

Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.

We need to create an OTL report,
  • Please download OTL from this link.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Under the Custom Scan box paste this in:

    netsvcs
    msconfig
    drivers32 /all
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.sys /90
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    CREATERESTOREPOINT

  • Click the Quick Scan button.
  • The scan should take a few minutes.
  • Please copy and paste both logs in your reply.

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new OTL log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


In your reply, please post both OTL logs and the GMER log.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#3 SouthrnSmile40

SouthrnSmile40
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 PM

Posted 06 November 2010 - 11:37 AM

Hi etavares/Bleepin Remover. I hope all finds you well. Thank you in trying to help me with my computer problem. I have enclosed the logs from the OTL scan. As far as the GMer scan...it will not let me run. Everytime I run it - it keeps shutting down my computer. The first run it gave mea blue screen, and then the computer just kept restarting....Below are the OTL scans....Thank you so very much...



OTL logfile created on: 11/6/2010 11:45:00 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\iji\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.00 Mb Total Physical Memory | 234.00 Mb Available Physical Memory | 26.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 42.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 15.53 Gb Free Space | 14.08% Space Free | Partition Type: NTFS

Computer Name: ARVPDNXJQS | User Name: iji | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/06 11:37:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\iji\Desktop\OTL.exe
PRC - [2010/10/29 10:29:51 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/29 10:29:48 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/18 23:42:03 | 002,067,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/10/18 23:42:00 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/10/18 23:41:54 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2010/10/18 22:42:12 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/10/18 22:42:12 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/10/18 22:42:12 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/10/18 22:42:05 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/10/18 22:42:05 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/10/18 22:42:00 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/10/18 22:41:43 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/10/18 22:41:30 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/09/28 10:04:57 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/09/20 09:13:48 | 001,940,928 | ---- | M] (Discordia Limited) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2010/09/16 16:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/07/29 03:50:16 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/07/29 03:47:08 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/14 10:14:20 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2007/08/15 18:31:50 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007/08/01 17:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007/01/25 20:50:26 | 000,063,096 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2007/01/25 20:47:50 | 000,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe
PRC - [2006/11/14 23:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (SafeList) ==========

MOD - [2010/11/06 11:37:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\iji\Desktop\OTL.exe
MOD - [2010/10/18 22:43:14 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\PremierOpinion\pmservice.exe -- (PremierOpinion)
SRV - [2010/10/18 23:41:54 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/10/18 22:42:05 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/10/18 22:42:00 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/10/18 22:41:30 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/14 15:20:53 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/10/05 13:59:20 | 000,239,928 | ---- | M] (Systweak Inc., (www.systweak.com)) [Disabled | Stopped] -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe -- (ASO3DiskOptimizer)
SRV - [2010/09/30 11:54:28 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/09/30 11:51:26 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/09/20 09:13:48 | 001,940,928 | ---- | M] (Discordia Limited) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2010/09/09 17:46:47 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/09/01 15:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/07/29 03:50:16 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Disabled | Stopped] -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - [2007/08/01 17:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/03/29 13:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/02/26 00:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/25 20:50:26 | 000,063,096 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/01/25 20:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/11/14 23:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\swumx20.sys -- (SWUMX20) Sierra Wireless USB MUX Driver (UMTS20)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\B0FB.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\SYSPREP\Drivers\ioport.sys -- (IO_Memory)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/10/18 22:43:12 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\AVGIDSvx.sys -- (AVGIDSErHrvtx)
DRV - [2010/10/18 22:43:10 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/10/18 22:43:08 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/10/18 22:42:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/10/18 22:42:55 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/10/18 22:41:56 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys -- (AVGIDSDrivervtx)
DRV - [2010/10/18 22:41:52 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys -- (AVGIDSFiltervtx)
DRV - [2010/10/18 22:41:43 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys -- (AVGIDSShimvtx)
DRV - [2010/10/18 22:39:59 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010/07/30 18:35:50 | 000,006,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Advanced System Optimizer 3\adasprot32.sys -- (ADASPROT)
DRV - [2010/06/13 20:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/28 07:44:02 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010/04/26 22:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/04/26 22:25:20 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2010/04/26 22:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/04/26 22:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/02/24 14:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/06/10 05:52:58 | 000,347,648 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009/05/25 06:50:44 | 000,164,864 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/04/10 21:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/10/16 15:30:54 | 000,026,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/08/14 10:40:40 | 000,203,312 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/03/06 15:57:32 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2007/11/09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/09/08 22:13:24 | 000,032,160 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2007/09/05 17:56:14 | 000,037,120 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtuqbus.sys -- (GTUQBUS)
DRV - [2007/09/05 17:56:14 | 000,021,248 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtscser.sys -- (GTSCSER)
DRV - [2007/09/05 17:56:14 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2007/08/01 17:37:20 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007/07/28 02:36:40 | 002,929,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/06/27 09:42:34 | 000,073,856 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumx56.sys -- (SWUMX56) Sierra Wireless USB MUX Driver (UMTS56)
DRV - [2007/06/27 09:41:48 | 000,101,248 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8u56.sys -- (SWNC8U56) Sierra Wireless MUX NDIS Driver (UMTS56)
DRV - [2007/03/28 10:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007/03/26 13:18:00 | 000,020,352 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swivspnt.sys -- (swivsp)
DRV - [2007/03/22 01:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 17:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 19:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/01/03 04:43:19 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr3npxp.sys -- (KR3NPXP)
DRV - [2006/11/28 18:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 02:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 18:32:28 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 18:31:46 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 05:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 05:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 05:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/10/30 14:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/23 19:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/16 10:36:10 | 000,644,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\phc700.sys -- (phc700) USB PC Camera (SPC700NC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.xfinity.com/?cid=xfactiv_eg_self_main


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0



IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=ZUGO&form=ZGAPHP
IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.2
FF - prefs.js..extensions.enabledItems: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.0.5
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.2
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: quickdrag@mozilla.ktechcomputing.com:2.0.2.1
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.74
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.4
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: linkchecker@vik.josh:0.2d
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: mothersday2010boom@brandthunder.com:1.0.2
FF - prefs.js..extensions.enabledItems: pbupload@photobucket.com:1.3
FF - prefs.js..extensions.enabledItems: CrystalFox_Qute@BigRedBrent:3.7
FF - prefs.js..extensions.enabledItems: Gnome-Wine@Windows:2.3.1
FF - prefs.js..extensions.enabledItems: {9f94fab0-58a2-11dd-ae16-0800200c9a66}:3.0.26
FF - prefs.js..extensions.enabledItems: {31a48160-39fc-11de-8a39-0800200c9a66}:3.6.0.1
FF - prefs.js..extensions.enabledItems: bearbluebaby@loic.com:2.1.14
FF - prefs.js..extensions.enabledItems: {285da7e0-729d-11db-9fe1-0800200c9a66}:2.20091201
FF - prefs.js..extensions.enabledItems: fzamaan@gmail.com:1.25
FF - prefs.js..extensions.enabledItems: springshine@yogurttree.com:0.2.2
FF - prefs.js..keyword.URL: "http://www.bing.com/search?PC=BRTH&FORM=BT004D&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/10/26 09:46:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/29 10:29:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/30 16:29:04 | 000,000,000 | ---D | M]

[2010/10/20 04:44:09 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Extensions
[2010/09/19 19:59:19 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/11/06 11:43:49 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions
[2010/10/20 05:21:52 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/10/29 10:52:27 | 000,000,000 | ---D | M] (Tinseltown) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}
[2010/10/29 10:49:29 | 000,000,000 | ---D | M] (Toy Factory) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{31a48160-39fc-11de-8a39-0800200c9a66}
[2010/10/20 05:21:29 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/10/20 05:21:54 | 000,000,000 | ---D | M] (Google Shortcuts) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
[2010/10/29 18:49:57 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/10/20 05:21:54 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2010/10/29 10:48:32 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2010/10/20 05:21:34 | 000,000,000 | ---D | M] (WOT) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/10/24 16:32:04 | 000,000,000 | ---D | M] (kikin plugin) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010/11/05 23:21:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/10/20 05:21:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/11/04 13:15:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/20 05:21:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/10/20 05:21:52 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2010/10/20 05:21:40 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/10/20 05:21:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/10/20 05:21:43 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/10/20 05:21:51 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010/10/20 05:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2010/10/29 10:50:38 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\bearbluebaby@loic.com
[2010/10/29 10:45:49 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\CrystalFox_Qute@BigRedBrent
[2010/11/03 18:21:40 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\feedly@devhd
[2010/10/20 05:21:39 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\foxmarks@kei.com
[2010/10/29 10:55:25 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\fzamaan@gmail.com
[2010/10/29 10:47:17 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\Gnome-Wine@Windows
[2010/10/20 05:56:15 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\linkchecker@vik.josh
[2010/10/29 11:09:38 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\mothersday2010boom@brandthunder.com
[2010/11/06 11:02:28 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\pbupload@photobucket.com
[2010/10/20 05:21:36 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\quickdrag@mozilla.ktechcomputing.com
[2010/10/24 11:32:36 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\searchtoolbar@zugo.com
[2010/10/20 05:21:32 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\smarterwiki@wikiatic.com
[2010/10/29 10:57:56 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\springshine@yogurttree.com
[2010/11/04 13:15:44 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\webmynd@yourentirelife.com
[2010/10/29 10:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}\chrome\mozapps\extensions
[2010/10/29 10:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}\chrome\mozapps\extensions\CVS
[2010/10/29 10:48:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}\mozapps\extensions
[2010/11/03 18:21:37 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\feedly@devhd\content\app\extension
[2010/11/06 11:34:25 | 000,002,273 | ---- | M] () -- C:\Users\iji\AppData\Roaming\Mozilla\FireFox\Profiles\5b310vvu.default\searchplugins\ask.xml
[2010/11/06 11:34:26 | 000,000,908 | ---- | M] () -- C:\Users\iji\AppData\Roaming\Mozilla\FireFox\Profiles\5b310vvu.default\searchplugins\bing.xml
[2010/10/26 06:35:18 | 000,002,149 | ---- | M] () -- C:\Users\iji\AppData\Roaming\Mozilla\FireFox\Profiles\5b310vvu.default\searchplugins\MyStart Search.xml
[2010/10/23 07:09:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/20 04:54:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\SEARCH TOOLBAR\SEARCHTOOLBAR.DLL ()
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll (kikin)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Discordia Limited)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IdiomaX Translation ToolBar) - {477A7A3C-8B11-4B02-ADD1-7A01C4D00FA2} - C:\Program Files\Common Files\IdiomaX Shared\Cat 6.0\TrdIEAddIn.dll (IdiomaX LLC.)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\SEARCH TOOLBAR\SEARCHTOOLBAR.DLL ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (IdiomaX Translation ToolBar) - {477A7A3C-8B11-4B02-ADD1-7A01C4D00FA2} - C:\Program Files\Common Files\IdiomaX Shared\Cat 6.0\TrdIEAddIn.dll (IdiomaX LLC.)
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\SEARCH TOOLBAR\SEARCHTOOLBAR.DLL ()
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [phc700] C:\Windows\System32\vphc700.exe (Sonix)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\Bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: Download with Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found
O9 - Extra Button: Show/Hide Translation ToolBar - {FE768A8F-9F88-4511-B28B-552ED2F6B500} - C:\Program Files\Common Files\IdiomaX Shared\Cat 6.0\TrdIEAddIn.dll (IdiomaX LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1287323115765 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1287323938957 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.68.166 68.87.74.166
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DfLogon: DllName - LogonDll.dll - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img27.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img27.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7f2307df-9bb8-11dd-9566-00164414364c}\Shell - "" = AutoRun
O33 - MountPoints2\{7f2307df-9bb8-11dd-9566-00164414364c}\Shell\AutoRun\command - "" = E:\WIN\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative32) - C:\Windows\System32\sasnative32.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe - (McAfee, Inc.)
MsConfig - StartUpReg: EZEMO - hkey= - key= - C:\Program Files\EZ Emoticons\EZ.exe (Sherv.net)
MsConfig - StartUpReg: IMBooster - hkey= - key= - C:\Program Files\Iminent\IMBooster\imbooster.exe (Iminent)
MsConfig - StartUpReg: Iminent.Notifier - hkey= - key= - C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe (Iminent)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 0

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2010/11/06 11:39:23 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\iji\Desktop\OTL.exe
[2010/11/04 18:35:11 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Mipony
[2010/11/04 18:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\MiPony
[2010/11/04 18:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Singlesnet
[2010/11/04 13:14:54 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Ringtones
[2010/11/03 23:08:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Silabs
[2010/11/03 21:03:05 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\Samsung
[2010/11/03 20:21:02 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\My Art
[2010/11/03 20:19:52 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\ML
[2010/11/03 20:14:47 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\NPS
[2010/11/03 20:04:40 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdm.sys
[2010/11/03 20:04:40 | 000,110,280 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdserd.sys
[2010/11/03 20:04:40 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdbus.sys
[2010/11/03 20:04:40 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdfl.sys
[2010/11/03 20:04:40 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdcmnt.sys
[2010/11/03 20:04:40 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdcm.sys
[2010/11/03 20:04:40 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdwhnt.sys
[2010/11/03 20:04:40 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdwh.sys
[2010/11/03 19:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2010/11/03 19:32:53 | 000,000,000 | ---D | C] -- C:\Users\iji\{beee9a27-e1a2-4d0a-88ed-ecb38f3e27b0}
[2010/11/03 19:32:22 | 000,000,000 | ---D | C] -- C:\Users\iji\{04d9152f-78f8-4714-8a5e-a3b952c31b40}
[2010/11/03 19:30:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2010/11/03 19:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/11/03 19:29:38 | 000,238,952 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
[2010/11/03 19:28:45 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\My NPS Files
[2010/11/03 19:28:41 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Samsung
[2010/11/03 19:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2010/11/03 19:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2010/11/03 19:16:47 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\Downloaded Installations
[2010/11/03 17:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\SEARCH TOOLBAR
[2010/10/26 18:30:26 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\AVG Security Toolbar
[2010/10/26 04:44:49 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Kimberly's Stuff
[2010/10/25 17:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010/10/25 09:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/10/25 08:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2010/10/24 23:56:25 | 000,472,064 | ---- | C] ( ) -- C:\Users\iji\Desktop\RootRepeal.exe
[2010/10/24 21:38:31 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/10/24 16:56:21 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Auslogics
[2010/10/24 16:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2010/10/24 13:45:07 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\SUPERAntiSpyware.com
[2010/10/24 13:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/10/24 13:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/10/24 13:43:11 | 009,578,056 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\iji\Desktop\SUPERAntiSpyware.exe
[2010/10/24 13:04:15 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\kikin
[2010/10/24 13:04:04 | 000,000,000 | ---D | C] -- C:\Program Files\kikin
[2010/10/24 13:03:38 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\mIRC
[2010/10/24 13:03:37 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\OpenCandy
[2010/10/24 13:03:30 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\OpenCandy
[2010/10/24 13:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
[2010/10/24 11:35:25 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\WeatherBug
[2010/10/24 11:34:37 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\WeatherBug
[2010/10/24 11:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\AWS
[2010/10/24 00:07:03 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Systweak
[2010/10/23 23:51:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010/10/23 01:10:18 | 000,000,000 | ---D | C] -- C:\Users\iji\DoctorWeb
[2010/10/22 13:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/10/20 16:55:32 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Malwarebytes
[2010/10/20 16:55:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/10/20 16:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/20 16:55:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/10/20 16:55:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/20 13:51:39 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Windows Vista Recovery Disc
[2010/10/20 12:53:52 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/10/20 12:21:58 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\ImgBurn
[2010/10/20 12:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010/10/20 04:42:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/10/19 15:10:24 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\AVG9
[2010/10/19 14:52:41 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Desktop Icons
[2010/10/19 12:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Developer Preview 3.7 Alpha 5
[2010/10/18 22:43:14 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/10/18 22:43:12 | 000,025,168 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys
[2010/10/18 22:43:10 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/10/18 22:43:08 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/10/18 22:42:58 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/10/18 22:42:55 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/10/18 22:42:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/10/18 22:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2010/10/18 22:39:59 | 000,024,856 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys
[2010/10/18 22:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/10/18 19:26:35 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\IM
[2010/10/18 19:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\IncrediMail
[2010/10/18 19:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\IncrediMail
[2010/10/18 19:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\IM
[2010/10/18 14:33:53 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\DivX
[2010/10/18 14:32:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/10/18 14:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/10/18 14:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/10/18 06:10:09 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/10/17 17:24:37 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2010/10/17 17:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2010/10/17 09:39:46 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\HpUpdate
[2010/10/17 09:38:46 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2010/10/16 23:19:33 | 000,344,064 | ---- | C] (Sonix) -- C:\Windows\System32\vphc710.exe
[2010/10/16 22:54:27 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\AOLLifestream.621681294CEC3900A26138A4CB3BC67A344B732C.1
[2010/10/16 22:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Lifestream
[2010/10/16 22:44:18 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\acccore
[2010/10/16 22:44:09 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\AIM
[2010/10/16 22:44:08 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\AOL
[2010/10/16 22:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2010/10/16 22:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2010/10/16 22:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/10/16 22:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2010/10/16 22:34:11 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\New Folder
[2010/10/16 22:30:42 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Data
[2010/10/16 22:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\Unknown Device Identifier
[2010/10/16 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Bandoo
[2010/10/16 21:32:26 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\DriverGenius
[2010/10/16 21:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010/10/15 21:18:05 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\New Downloads
[2010/10/15 10:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Bandoo
[2010/10/15 10:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bandoo
[2010/10/15 10:35:35 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\sb_temp
[2010/10/15 10:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\Smile Brush
[2010/10/15 10:31:36 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\nswb
[2010/10/15 10:31:33 | 000,000,000 | ---D | C] -- C:\Program Files\EZ Emoticons
[2010/10/15 05:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2010/10/15 05:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
[2010/10/15 04:18:05 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2010/10/15 04:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/10/15 04:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/10/15 04:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2010/10/15 04:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2010/10/14 21:42:42 | 000,000,000 | ---D | C] -- C:\FU_Backup
[2010/10/14 21:42:42 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\CheeseSoft
[2010/10/14 21:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\FinalUninstaller
[2010/10/14 15:47:21 | 000,000,000 | -H-D | C] -- C:\Windows\Icons
[2010/10/14 15:21:09 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010/10/14 15:21:09 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010/10/14 15:19:01 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/10/14 14:42:53 | 000,030,528 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010/10/14 14:39:22 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\TuneUp Software
[2010/10/14 14:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/10/14 14:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010/10/14 14:36:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/10/13 15:39:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2010/10/13 15:38:31 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\Outlook Files
[2010/10/12 22:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2010/10/12 20:19:10 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\Apps
[2010/10/12 19:04:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/10/12 14:28:30 | 000,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2010/10/12 13:07:15 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Media Player Classic
[2010/10/11 05:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/10/11 05:18:45 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/10/11 03:03:38 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2010/10/11 03:03:37 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010/10/11 03:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010/10/11 00:37:52 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\Real
[2010/10/11 00:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/10/11 00:30:30 | 000,000,000 | ---D | C] -- C:\Program Files\The Weather Channel FW
[2010/10/11 00:30:11 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\The Weather Channel
[2010/10/10 22:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/10/10 21:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/10/10 21:55:41 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Real
[2010/10/10 18:23:32 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\Trend Micro
[2010/10/10 17:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2010/10/10 17:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/10/10 13:19:57 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Keep or Not
[2010/10/08 15:50:46 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\Efficient Organizer AutoBackup
[2010/10/08 15:50:03 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Efficient Lady's Organizer
[2010/10/08 15:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\Efficient Lady's Organizer
[2010/10/07 20:57:55 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\ICQ
[2010/10/07 13:09:32 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Trillian
[2010/10/07 13:07:10 | 000,000,000 | ---D | C] -- C:\Program Files\Trillian
[2010/10/07 12:17:01 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\Meebo
[2010/09/18 17:06:46 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\cphc700.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/06 11:43:23 | 000,050,477 | ---- | M] () -- C:\Users\iji\Desktop\Defogger.exe
[2010/11/06 11:41:44 | 000,038,400 | ---- | M] () -- C:\Users\iji\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/06 11:37:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\iji\Desktop\OTL.exe
[2010/11/06 11:36:12 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/06 11:36:12 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/06 11:26:25 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010/11/06 11:25:34 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010/11/06 11:25:32 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job
[2010/11/06 11:25:28 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/06 11:25:12 | 000,302,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/11/06 11:25:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/06 11:24:29 | 937,476,096 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/06 11:14:07 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1659419934-660851909-4252960256-1000UA.job
[2010/11/06 11:03:11 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/06 11:00:24 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\ASOService.job
[2010/11/06 10:14:24 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1659419934-660851909-4252960256-1000Core.job
[2010/11/06 00:32:17 | 000,000,388 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{37787454-5E3E-4688-A3AB-839DD24D6B8E}.job
[2010/11/05 22:04:21 | 067,277,623 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/11/04 22:10:10 | 000,627,856 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2010/11/04 19:15:41 | 000,030,782 | ---- | M] () -- C:\Users\iji\Desktop\[Demonoid.com]-software_drivers_for_over_70_000_hardware_components_XP_VISTA__6192064.1258.torrent
[2010/11/04 18:34:50 | 000,000,787 | ---- | M] () -- C:\Users\iji\Desktop\MiPony.lnk
[2010/11/04 18:00:45 | 000,000,982 | ---- | M] () -- C:\Users\Public\Desktop\Start Singlesnet.lnk
[2010/11/03 19:59:06 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2010/11/03 19:52:30 | 000,002,898 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010/11/03 18:45:44 | 115,331,072 | ---- | M] () -- C:\Program Files\Samsung New PC Studio.msi
[2010/11/03 18:38:26 | 000,069,632 | ---- | M] () -- C:\Program Files\1033.MST
[2010/11/03 18:37:31 | 000,013,730 | ---- | M] () -- C:\Program Files\0x0409.ini
[2010/11/03 18:33:16 | 007,772,672 | ---- | M] () -- C:\Program Files\Samsung New PC Studio USB Driver Installer.msi
[2010/10/26 06:38:36 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2010/10/26 01:25:06 | 171,771,006 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/10/25 15:37:14 | 000,001,356 | ---- | M] () -- C:\Users\iji\AppData\Local\d3d9caps.dat
[2010/10/25 08:23:04 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk
[2010/10/24 13:43:57 | 000,001,811 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/10/24 13:41:46 | 009,578,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\iji\Desktop\SUPERAntiSpyware.exe
[2010/10/23 00:58:32 | 051,085,768 | ---- | M] () -- C:\Users\iji\Desktop\77gf2qda(2).exe
[2010/10/20 15:32:11 | 000,000,904 | ---- | M] () -- C:\Users\iji\Desktop\cmd - Shortcut.lnk
[2010/10/20 10:40:15 | 000,001,065 | ---- | M] () -- C:\net_save.dna
[2010/10/20 09:51:30 | 000,158,471 | ---- | M] () -- C:\Windows\hphins33.dat
[2010/10/20 09:32:17 | 000,158,453 | ---- | M] () -- C:\Windows\hphins33.dat.temp
[2010/10/20 04:43:15 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/20 02:48:28 | 000,000,230 | ---- | M] () -- C:\Users\iji\Desktop\Run.lnk
[2010/10/19 20:08:01 | 000,629,114 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/19 20:08:01 | 000,112,524 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/19 15:26:45 | 000,000,020 | ---- | M] () -- C:\Windows\System32\SYSTEM
[2010/10/19 14:22:53 | 000,001,636 | ---- | M] () -- C:\Users\iji\Documents\Firefox Sync Key.html
[2010/10/18 22:43:14 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/10/18 22:43:12 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys
[2010/10/18 22:43:10 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/10/18 22:43:08 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/10/18 22:42:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/10/18 22:42:55 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/10/18 22:42:55 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/10/18 22:39:59 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys
[2010/10/18 04:42:20 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/10/17 21:48:01 | 000,000,094 | -H-- | M] () -- C:\Windows\System32\spv1_WCssg.ini
[2010/10/17 17:38:46 | 000,000,040 | ---- | M] () -- C:\Windows\RSoftInfo.dat
[2010/10/17 13:49:00 | 000,000,134 | ---- | M] () -- C:\Users\iji\Desktop\Device Manager - Shortcut.lnk
[2010/10/16 23:19:33 | 000,000,731 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin710.exe.lnk
[2010/10/16 22:44:05 | 000,000,376 | -H-- | M] () -- C:\IPH.PH
[2010/10/13 12:33:24 | 000,015,523 | ---- | M] () -- C:\Users\iji\Kimberly's Resume.docx
[2010/10/12 21:59:25 | 000,000,410 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2010/10/12 06:16:54 | 000,000,000 | ---- | M] () -- C:\Users\iji\AppData\Roaming\chrtmp
[2010/10/11 05:23:51 | 000,000,118 | ---- | M] () -- C:\Windows\cdplayer.ini
[2010/10/11 05:18:45 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/10/08 15:52:41 | 000,577,536 | ---- | M] () -- C:\Users\iji\Documents\My Information.eff
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/06 11:43:55 | 000,050,477 | ---- | C] () -- C:\Users\iji\Desktop\Defogger.exe
[2010/11/04 19:15:36 | 000,030,782 | ---- | C] () -- C:\Users\iji\Desktop\[Demonoid.com]-software_drivers_for_over_70_000_hardware_components_XP_VISTA__6192064.1258.torrent
[2010/11/04 18:34:50 | 000,000,787 | ---- | C] () -- C:\Users\iji\Desktop\MiPony.lnk
[2010/11/04 18:00:45 | 000,000,982 | ---- | C] () -- C:\Users\Public\Desktop\Start Singlesnet.lnk
[2010/11/03 19:52:30 | 000,002,898 | ---- | C] () -- C:\aqua_bitmap.cpp
[2010/11/03 19:29:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/11/03 19:29:38 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/11/03 19:26:13 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2010/11/03 18:47:11 | 115,331,072 | ---- | C] () -- C:\Program Files\Samsung New PC Studio.msi
[2010/11/03 18:41:20 | 000,013,730 | ---- | C] () -- C:\Program Files\0x0409.ini
[2010/11/03 18:41:19 | 000,069,632 | ---- | C] () -- C:\Program Files\1033.MST
[2010/11/03 18:40:59 | 007,772,672 | ---- | C] () -- C:\Program Files\Samsung New PC Studio USB Driver Installer.msi
[2010/10/26 04:51:42 | 000,000,731 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin710.exe.lnk
[2010/10/26 01:25:06 | 171,771,006 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/10/25 12:14:27 | 937,476,096 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/25 08:23:04 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk
[2010/10/24 13:43:57 | 000,001,811 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/10/23 00:53:56 | 051,085,768 | ---- | C] () -- C:\Users\iji\Desktop\77gf2qda(2).exe
[2010/10/20 15:29:29 | 000,000,904 | ---- | C] () -- C:\Users\iji\Desktop\cmd - Shortcut.lnk
[2010/10/20 09:46:20 | 000,158,453 | ---- | C] () -- C:\Windows\hphins33.dat.temp
[2010/10/20 09:46:20 | 000,000,586 | ---- | C] () -- C:\Windows\hphmdl33.dat.temp
[2010/10/20 09:29:27 | 000,158,471 | ---- | C] () -- C:\Windows\hphins33.dat
[2010/10/20 04:43:15 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/20 02:48:28 | 000,000,230 | ---- | C] () -- C:\Users\iji\Desktop\Run.lnk
[2010/10/19 15:26:45 | 000,000,020 | ---- | C] () -- C:\Windows\System32\SYSTEM
[2010/10/19 14:22:46 | 000,001,636 | ---- | C] () -- C:\Users\iji\Documents\Firefox Sync Key.html
[2010/10/18 22:42:55 | 000,627,856 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2010/10/18 22:42:55 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/10/18 22:42:50 | 067,277,623 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/10/18 19:26:02 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2010/10/18 04:42:20 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/10/17 21:48:01 | 000,000,094 | -H-- | C] () -- C:\Windows\System32\spv1_WCssg.ini
[2010/10/17 17:38:46 | 000,000,040 | ---- | C] () -- C:\Windows\RSoftInfo.dat
[2010/10/17 13:49:00 | 000,000,134 | ---- | C] () -- C:\Users\iji\Desktop\Device Manager - Shortcut.lnk
[2010/10/16 22:42:47 | 000,000,376 | -H-- | C] () -- C:\IPH.PH
[2010/10/14 07:26:55 | 000,000,000 | ---- | C] () -- C:\Users\iji\AppData\Roaming\chrtmp
[2010/10/13 12:33:15 | 000,015,523 | ---- | C] () -- C:\Users\iji\Kimberly's Resume.docx
[2010/10/12 21:59:24 | 000,000,410 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/10/11 05:23:51 | 000,000,118 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/10/11 03:03:46 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/10/11 03:03:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/10/11 03:03:36 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/10/11 03:03:36 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/10/11 03:03:25 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/10/08 15:50:20 | 000,577,536 | ---- | C] () -- C:\Users\iji\Documents\My Information.eff
[2010/10/07 17:14:20 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010/10/07 17:14:20 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010/10/07 17:14:19 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010/10/05 03:51:27 | 000,000,026 | ---- | C] () -- C:\Windows\System32\defragboot.ini
[2010/09/28 08:51:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/09/20 14:52:35 | 000,000,110 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2010/09/18 17:06:46 | 000,015,488 | ---- | C] () -- C:\Windows\phc700.ini
[2010/09/18 17:06:43 | 000,644,864 | ---- | C] () -- C:\Windows\System32\drivers\phc700.sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/08 15:13:53 | 000,001,356 | ---- | C] () -- C:\Users\iji\AppData\Local\d3d9caps.dat
[2009/04/12 09:50:44 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2009/03/31 21:02:58 | 000,003,741 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/03/05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2008/10/16 15:43:50 | 000,026,504 | ---- | C] () -- C:\Windows\System32\drivers\swmsflt.sys
[2008/05/04 17:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll_rename
[2008/01/12 23:06:33 | 000,005,024 | ---- | C] () -- C:\Users\iji\AppData\Roaming\wklnhst.dat
[2008/01/08 21:46:51 | 000,024,206 | ---- | C] () -- C:\Users\iji\AppData\Roaming\UserTile.png
[2007/12/31 14:53:51 | 000,000,067 | ---- | C] () -- C:\Windows\swupdate.INI
[2007/12/30 17:31:54 | 000,038,400 | ---- | C] () -- C:\Users\iji\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/08/22 16:33:11 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/08/22 16:18:54 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/08/22 16:18:54 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/08/22 16:18:54 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/08/22 16:18:54 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/08/22 16:18:54 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/08/22 16:18:54 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/08/22 15:49:10 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/08/22 15:49:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/08/22 15:49:10 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/08/22 15:49:10 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007/08/22 15:45:08 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/07/28 02:26:30 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/12/05 16:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:46:17 | 000,006,656 | ---- | C] () -- C:\Windows\System32\shunimpl.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 13:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/07/23 00:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2010/10/16 22:45:43 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\acccore
[2010/01/23 16:33:17 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Amazon
[2010/10/24 16:56:21 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Auslogics
[2010/10/05 16:56:06 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Avanquest
[2010/10/19 15:10:24 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\AVG9
[2010/10/26 04:29:39 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Bandoo
[2010/10/14 21:42:42 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\CheeseSoft
[2009/11/15 16:09:42 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\com.drwicked.writeordie.WriteorDieDesktop.6612D25620E961818EB6367A60EAB552BE4CD874.1
[2010/09/27 13:51:33 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\DMCache
[2010/09/24 04:35:10 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\EA
[2010/09/21 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\EasyMP3Downloader
[2010/10/14 07:41:49 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Efficient Lady's Organizer
[2010/10/05 12:08:54 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Firetrust
[2010/10/14 09:37:41 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\FreeFileViewer
[2010/09/27 17:04:05 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\funkitron
[2010/10/01 15:15:21 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Geek Squad 24 Hour Computer Support
[2010/09/24 02:25:00 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\GlarySoft
[2010/10/09 18:10:10 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\ICQ
[2010/10/20 14:08:14 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\ImgBurn
[2009/04/12 21:58:57 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\KeyingTool
[2010/10/24 17:26:37 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\kikin
[2010/10/23 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\LimeWire
[2010/11/04 18:35:43 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Mipony
[2010/11/03 20:19:52 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\ML
[2010/10/15 10:31:36 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\nswb
[2010/10/24 13:03:30 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\OpenCandy
[2010/09/27 14:04:40 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\PCToolsFirewallPlus
[2008/01/08 21:46:50 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\PeerNetworking
[2009/01/02 00:12:14 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\PlayFirst
[2010/11/03 21:10:45 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Samsung
[2010/10/15 10:35:35 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\sb_temp
[2008/01/09 21:50:13 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Sierra Wireless
[2010/09/27 08:30:04 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Simply Super Software
[2010/09/22 03:53:18 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Sofrayt
[2010/09/27 11:28:06 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Spam Monitor
[2010/10/24 00:07:03 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Systweak
[2008/01/12 23:06:56 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Template
[2010/10/10 20:59:06 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Thinstall
[2010/10/06 12:18:32 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\TOSHIBA
[2010/10/07 13:23:43 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Trillian
[2010/10/14 14:39:22 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\TuneUp Software
[2010/10/06 21:21:19 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Uniblue
[2010/11/06 11:32:35 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\uTorrent
[2010/10/24 11:34:37 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\WeatherBug
[2010/09/11 12:30:16 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Wildfire
[2008/01/08 21:07:15 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\WildTangent
[2008/01/08 21:06:20 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\WinBatch
[2010/10/05 11:07:13 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\YouSendIt
[2010/09/07 18:23:49 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\Zylom
[2010/11/06 11:00:24 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\ASOService.job
[2010/11/06 11:25:32 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\Free File Viewer Update Checker.job
[2010/11/06 11:25:34 | 000,000,308 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2010/09/19 22:42:05 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\IdiomaX Product Update.job
[2010/11/06 11:22:39 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/11/06 00:32:17 | 000,000,388 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{37787454-5E3E-4688-A3AB-839DD24D6B8E}.job

========== Purity Check ==========



========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2009/04/10 23:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/10 23:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\system32\*.sys /90 >
[2010/08/31 09:27:38 | 002,038,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007/08/22 15:24:17 | 006,602,752 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007/08/22 15:24:15 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007/08/22 15:24:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007/08/22 15:24:27 | 015,556,608 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007/08/22 15:24:29 | 006,012,928 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %SYSTEMDRIVE%\*.* >
[2009/01/01 23:07:03 | 000,004,632 | ---- | M] () -- C:\0x0409.ini
[2009/01/01 23:07:07 | 009,662,464 | ---- | M] () -- C:\AirPort.msi
[2010/11/03 19:52:30 | 000,002,898 | ---- | M] () -- C:\aqua_bitmap.cpp
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/10 23:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/11/06 11:24:29 | 937,476,096 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/16 14:59:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/10/16 22:44:05 | 000,000,376 | -H-- | M] () -- C:\IPH.PH
[2010/09/16 14:59:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/10/20 10:40:15 | 000,001,065 | ---- | M] () -- C:\net_save.dna
[2010/11/06 11:24:31 | 1251,282,944 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2009/04/16 14:08:20 | 000,312,832 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpfpp70v.dll
[2008/07/01 12:00:16 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5jy.dll
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 22:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
"NoAutoUpdate" = 0

========== Alternate Data Streams ==========

@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:182D85B1
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:435657D8
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:0A051701
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:73828A71
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:80B291A7
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:5160F090

< End of report >


--------------------
OTL Extras logfile created on: 11/6/2010 11:45:00 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\iji\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.00 Mb Total Physical Memory | 234.00 Mb Available Physical Memory | 26.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 42.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 15.53 Gb Free Space | 14.08% Space Free | Partition Type: NTFS

Computer Name: ARVPDNXJQS | User Name: iji | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1659419934-660851909-4252960256-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1659419934-660851909-4252960256-1001]
"EnableNotifications" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- ()
"C:\Users\iji\AppData\Local\Temp\SFX6680.tmp\SwiApiMux.exe" = C:\Users\iji\AppData\Local\Temp\SFX6680.tmp\SwiApiMux.exe:*:Enabled:SwiApiMux -- File not found
"C:\Users\iji\AppData\Local\Temp\SFX760.tmp\SwiApiMux.exe" = C:\Users\iji\AppData\Local\Temp\SFX760.tmp\SwiApiMux.exe:*:Enabled:SwiApiMux -- File not found
"C:\Users\iji\AppData\Local\Temp\SFXA757.tmp\SwiApiMux.exe" = C:\Users\iji\AppData\Local\Temp\SFXA757.tmp\SwiApiMux.exe:*:Enabled:SwiApiMux -- File not found
"C:\Users\iji\AppData\Local\Temp\SFXF142.tmp\SwiApiMux.exe" = C:\Users\iji\AppData\Local\Temp\SFXF142.tmp\SwiApiMux.exe:*:Enabled:SwiApiMux -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20D77239-1A4B-4375-B18A-7A442B894C8B}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{22BE696F-03F1-4517-BFB6-6901F83F259D}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{3370C6E1-27C8-4804-8925-0BB1F58EB56C}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{5AF37C8A-8F01-490E-986E-278FDB79C195}" = protocol=17 | dir=in | app=c:\program files\pando networks\pando\pando.exe |
"{7CF2712B-77F6-4232-B2E1-D0A290E81CDD}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7DC9BAF0-F459-4D14-B6D0-6FDB091E8933}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{86131916-0856-4B28-9E43-BEBC2458277F}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8B57FB66-D816-4760-936E-481968D92B76}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{91D68A73-B367-415F-B490-38CC2451BE96}" = protocol=17 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"{9365AF5D-D6FF-44CA-AEEF-3A0356517D75}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{9D6B0182-2CCD-4444-BC8A-895459DF6271}" = protocol=6 | dir=in | app=c:\users\iji\appdata\local\temp\~os316c.tmp\pmropn.exe |
"{A5D74ACD-DC05-4648-9C01-2175EE47D74B}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B4116070-C80E-40D7-B1E6-9D062A187AC3}" = protocol=6 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"{C13268F4-7A18-42E0-8778-84FA91672D52}" = protocol=6 | dir=in | app=c:\program files\pando networks\pando\pando.exe |
"{C2A7C162-3A3E-4F8D-9E9E-BECB790A38E6}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{CCB0D1D9-80BE-410A-8696-D7B16CD59007}" = dir=in | app=c:\program files\pando networks\pando\pando.exe |
"{D5CB1CF1-13EF-45FE-A4F4-4EA3CDA27156}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{6EF01EF0-5F2D-4055-987C-81DFCFBB8AC2}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{E8D8CAA8-0842-4883-A6F6-E9E7C657D218}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0221A397-962E-6D84-F786-64E445617999}" = CCC Help English
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{07F3CAD2-B849-4B1D-A800-DF9D0B3AAE98}" = IMBooster
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08CB1B3E-D42C-3ED5-7896-F8BC31839315}" = Catalyst Control Center Localization Czech
"{0C9B3E29-3B8B-295E-773B-82F3516F17DD}" = CCC Help Thai
"{0D99E1E9-D28C-6806-0820-13E10082CE7B}" = CCC Help Italian
"{0DC5B855-1CE2-9EA3-AA12-78C8939F68EF}" = Catalyst Control Center Core Implementation
"{0E2C948E-44D6-9A1C-54E7-05217E7DCC13}" = CCC Help Dutch
"{116F449B-FF13-F0E4-ECEB-0832257C2AC4}" = AOL Lifestream
"{121C477C-5B7B-44E3-B621-BDDB542AE8FD}" = TuneUp Utilities Language Pack (en-GB)
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.2
"{1B5AB0D6-4F7C-9B93-5323-9037F1E61142}" = CCC Help Chinese Standard
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21EA2A28-3146-E63D-16EE-0BF9FA3D6F5E}" = Catalyst Control Center Localization German
"{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{269A4095-DB55-4D35-8FD0-39957D26BEEC}" = Philips VLounge
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 22
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{2BDF38E0-1A7F-4220-B4B7-118DD45E5E13}" = TOSHIBA Supervisor Password
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31C97472-E522-A760-F46D-FC0648F77E9C}" = CCC Help French
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{39DB116F-E088-486F-B13C-8925ECE7A6E5}" = 3D Sound Back Beta0.1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{40E3BE50-51A6-F8A0-DB5F-7C2698FA5E1F}" = CCC Help Spanish
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{432DC370-01EF-F2D8-34C3-27DCC9B13083}" = CCC Help Norwegian
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44151656-ECAC-99DC-1AC5-1F06A1A62939}" = Catalyst Control Center Graphics Light
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{454AB369-FABF-EB84-FBC1-CA4E8FBD3926}" = Catalyst Control Center Localization Hungarian
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{497268C1-AE62-4A1D-1129-1D03183538B0}" = Catalyst Control Center Localization Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CE6623E-C867-81B3-8B94-A4FE021782BF}" = CCC Help Portuguese
"{4F535C04-86BE-47D1-98C6-8AB26D28482B}" = Singlesnet
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{55FE1E6B-4E8A-0F2B-5B36-8F4363A0AEBC}" = Catalyst Control Center Localization Chinese Traditional
"{5727583F-3530-45FD-B09E-7E1CB6C135AD}" = DJ_SF_06_D1600_SW_Min
"{58F58158-8DFE-31DA-AC1F-7E5D89A0F74F}" = Google Talk Plugin
"{59DC42FB-13A7-45E1-BCC3-37CE5977951E}" = CCC Help Japanese
"{59DF97C6-3144-FA5A-4380-6B891BB44812}" = CCC Help German
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5BBE3EAB-D749-0560-2C39-53DC8531CB01}" = Catalyst Control Center Localization Korean
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608738F2-51B4-CD53-C1CC-220363513ED7}" = CCC Help Czech
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{649C3B52-AA90-1F36-3D36-CE7F2BB1CB8C}" = Catalyst Control Center Localization Chinese Standard
"{654CABFA-4289-9EC0-F088-34BFCC84A798}" = Catalyst Control Center Localization Turkish
"{65CC9CE1-AAF1-866B-B07E-FECC0B53277E}" = Catalyst Control Center Localization Danish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9DF7EE-E7B9-E4F1-204A-FE72F47231CB}" = CCC Help Finnish
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{7095FD27-37F0-4750-9DE8-D37DC0043706}" = REALTEK RTL8187B Wireless LAN Driver
"{7163A2F1-2DED-9EF4-24FC-06D607D2A9C9}" = Catalyst Control Center Graphics Full New
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{731341F3-55AA-8488-A3F1-3D4C43412C87}" = CCC Help Russian
"{744DA166-F189-4ED4-92EA-E06F3347DD44}" = Philips SPC710NC Webcam
"{753D852A-D86D-42C9-9978-40AE66FB8985}" = Driver Installer
"{755F77D1-717E-4D7D-BF21-D3EB63906365}" = Winbond CIR Device Drivers
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7A929336-7D2E-C4E3-2AC9-CA80FBEB5701}" = Catalyst Control Center Localization Spanish
"{83475EE2-08BD-4134-B4F9-F3FA46EDC508}" = Geek Squad 24 Hour Computer Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84C7D852-CDF6-7006-91C7-E6A54519E5D5}" = Catalyst Control Center Graphics Full Existing
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5
"{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E850D2A-F5E9-C322-ABFF-683C69686C13}" = Catalyst Control Center Localization Russian
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91AA2D88-58B2-423C-9ED7-3CA0B53087E9}" = Treasures of the Ancient Cavern
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{93FE0FBE-23F5-7BF4-9085-6E046D609F22}" = CCC Help Chinese Traditional
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9C5B9ED6-0344-4550-A4AB-C4499EB36053}" = SPC 700NC PC Camera
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1" = Advanced System Optimizer
"{A74BE9F1-1129-FB71-DA7B-96F5D99CA330}" = Catalyst Control Center Localization Finnish
"{A762A897-3E65-E264-5188-CBAD303064C2}" = Skins
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A7D90F91-C87D-4F4F-8FF8-09C132CED940}" = MailWasherPro
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando
"{AB79C30D-A920-D219-B4FD-C9552A0419D3}" = CCC Help Polish
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AD6A78C4-AD77-448D-4F9D-43AD80C8D8FF}" = Catalyst Control Center Localization French
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEE482BA-1731-499C-346D-B5F498B7DBF8}" = CCC Help Turkish
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3E356C8-CEB3-467C-EA92-8FC2CA15AD51}" = Catalyst Control Center Localization Polish
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BBD408BC-486B-9857-C805-945F8F083877}" = CCC Help Swedish
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE044C42-908B-4952-5140-E2B8FD67F267}" = CCC Help Danish
"{BFC85CDC-BD7C-4FDD-9507-8D74B5A79404}" = TOSHIBA Hardware Setup
"{C29D1033-0247-FFC6-7895-204ABABA0F20}" = ccc-utility
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C643EEE3-A55A-58D1-D543-ED46726288CB}" = CCC Help Greek
"{C70BF2F2-2B54-4303-ABE6-82A20038A2EA}" = SPC 700NC PC Camera
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0B87CB2-8599-4975-0E50-DB2F8E6B9AE6}" = Catalyst Control Center Localization Thai
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DA401137-8791-F77A-591C-F0BC3E7ED04E}" = Catalyst Control Center Localization Greek
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DC754D8F-1D06-4016-BF57-8D21F97E1F0A}" = JunkFilterPlus
"{DC9B7572-50C6-180D-916D-3E2CBD00C0C7}" = Catalyst Control Center Localization Japanese
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DFCFF0F1-005D-E317-733D-8D19D54FBF08}" = Catalyst Control Center Localization Swedish
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin 2.4
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E748D6A5-D03D-BDE1-C094-DAE3F5BCEEF6}" = Catalyst Control Center Graphics Previews Vista
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E8316038-8C38-52A8-9014-FD35536567E8}" = Catalyst Control Center Localization Dutch
"{E96A0335-C6EA-D11A-3A49-8586A8FED544}" = ccc-core-static
"{E9E6642B-0714-37B4-0248-D036B60F8F12}" = CCC Help Korean
"{EAE8CF06-28CA-4213-839C-A32817A47E00}" = D1600
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F05A5232-CE5E-4274-AB27-44EB8105898D}" = CA Pest Patrol Realtime Protection
"{F05E0039-D2A7-198B-B79E-285395EBB5BB}" = Catalyst Control Center Localization Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F58E86C0-75E2-4D40-A5F7-14D7B2772DC7}" = SearchTheWeb
"{F734CA55-0939-1F1A-A8B5-19B91B3D4B1F}" = Catalyst Control Center Localization Norwegian
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FE4C0830-A0F3-B67E-93BC-21C4B0BB0267}" = CCC Help Hungarian
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adventure Inlay" = GameHouse Games Collection: Adventure Inlay
"Adventure Inlay - Safari Edition" = GameHouse Games Collection: Adventure Inlay - Safari Edition
"AIM_7" = AIM 7
"Aloha Solitaire" = GameHouse Games Collection: Aloha Solitaire
"Aloha TriPeaks" = GameHouse Games Collection: Aloha TriPeaks
"AOLLifestream.621681294CEC3900A26138A4CB3BC67A344B732C.1" = AOL Lifestream
"AVG9Uninstall" = AVG 9.0
"Bandoo" = Bandoo
"Bejeweled 2" = GameHouse Games Collection: Bejeweled 2
"Boggle Supreme" = GameHouse Games Collection: Boggle Supreme
"Bounce Out Blitz" = GameHouse Games Collection: Bounce Out Blitz
"Casino Island To Go" = GameHouse Games Collection: Casino Island To Go
"Chainz" = GameHouse Games Collection: Chainz
"Chainz 2: Relinked" = GameHouse Games Collection: Chainz 2 - Relinked
"Chicktionary" = GameHouse Games Collection: Chicktionary
"Chuzzle Deluxe" = GameHouse Games Collection: Chuzzle Deluxe
"CleanUp!" = CleanUp!
"Collapse! Crunch" = GameHouse Games Collection: Collapse! Crunch
"Combo Chaos!" = GameHouse Games Collection: Combo Chaos!
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"Crystal Path" = GameHouse Games Collection: Crystal Path
"Cubis Gold 2" = GameHouse Games Collection: Cubis Gold 2
"Digby's Donuts" = GameHouse Games Collection: Digby's Donuts
"DivX Setup.divx.com" = DivX Setup
"Efficient Lady's Organizer_is1" = Efficient Lady's Organizer 1.02
"ESET Online Scanner" = ESET Online Scanner v3
"EZ Emoticons 3.0 for Messenger" = EZ Emoticons 3.0 for Messenger
"Feeding Frenzy" = GameHouse Games Collection: Feeding Frenzy
"Fiber Twig" = GameHouse Games Collection: Fiber Twig
"Final Uninstaller_is1" = Final Uninstaller
"Flip Words" = GameHouse Games Collection: Flip Words
"Flying Leo" = GameHouse Games Collection: Flying Leo
"Fortune Tiles Gold" = GameHouse Games Collection: Fortune Tiles Gold
"FreeFileViewer_is1" = Free File Viewer 2010
"Gearz" = GameHouse Games Collection: Gearz
"GetSmile0903_is1" = GetSmile v1.952
"Glary Utilities_is1" = Glary Utilities Pro 2.28.0.1011
"Google Desktop" = Google Desktop
"Gutterball" = GameHouse Games Collection: Gutterball
"Gutterball 2" = GameHouse Games Collection: Gutterball 2
"Hamsterball" = GameHouse Games Collection: Hamsterball
"Hello!" = GameHouse Games Collection: Hello!
"Holiday Express" = GameHouse Games Collection: Holiday Express
"HPOCR" = OCR Software by I.R.I.S. 10.0
"Iggle Pop!" = GameHouse Games Collection: Iggle Pop!
"IMBoosterARP" = IMBooster
"ImgBurn" = ImgBurn
"Imici Messenger_is1" = Imici 3.0.2-5
"Incadia" = GameHouse Games Collection: Incadia
"Incredible Ink" = GameHouse Games Collection: Incredible Ink
"IncrediMail" = IncrediMail 2.0
"Insaniquarium Deluxe" = GameHouse Games Collection: Insaniquarium Deluxe
"Inspector Parker" = GameHouse Games Collection: Inspector Parker
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Invadazoid" = GameHouse Games Collection: Invadazoid
"Jewel Quest" = GameHouse Games Collection: Jewel Quest
"JunkFilterPlus" = IncrediMail JunkFilter Plus
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.2.0
"LimeWire" = LimeWire 5.5.8
"LostGoggles_is1" = LostGoggles 1.0b2
"Luxor" = GameHouse Games Collection: Luxor
"Mad Caps" = GameHouse Games Collection: Mad Caps
"Magic Ball 2" = GameHouse Games Collection: Magic Ball 2
"Magic Ball 2 - New Worlds" = GameHouse Games Collection: Magic Ball 2 - New Worlds
"Magic Ball Deluxe" = GameHouse Games Collection: Magic Ball
"Magic Inlay" = GameHouse Games Collection: Magic Inlay
"Magic Vines" = GameHouse Games Collection: Magic Vines
"Mah Jong Adventures" = GameHouse Games Collection: Mah Jong Adventures
"Mah Jong Medley" = GameHouse Games Collection: Mah Jong Medley
"Mah Jong Quest" = GameHouse Games Collection: Mah Jong Quest
"Mahjong Towers Eternity" = GameHouse Games Collection: Mahjong Towers Eternity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maui Wowee" = GameHouse Games Collection: Maui Wowee
"McAfee Security Scan" = McAfee Security Scan Plus
"MetaProducts Picture Downloader" = MetaProducts Picture Downloader
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MiPony" = MiPony 1.1.2
"mIRC" = mIRC
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Phlinx To Go" = GameHouse Games Collection: Phlinx To Go
"Picasa 3" = Picasa 3
"Platypus" = GameHouse Games Collection: Platypus
"Poker Superstars" = GameHouse Games Collection: Poker Superstars
"PostSmile_is1" = Masterra PostSmile 6.7
"Puzzle Express" = GameHouse Games Collection: Puzzle Express
"Puzzle Inlay" = GameHouse Games Collection: Puzzle Inlay
"Puzzle Solitaire" = GameHouse Games Collection: Puzzle Solitaire
"QBz" = GameHouse Games Collection: QBz
"RealPlayer 6.0" = RealPlayer
"Ricochet" = GameHouse Games Collection: Ricochet
"Ricochet Lost Worlds" = GameHouse Games Collection: Ricochet Lost Worlds
"Ricochet Lost Worlds: Recharged" = GameHouse Games Collection: Ricochet Lost Worlds - Recharged
"Roller Rush" = GameHouse Games Collection: Roller Rush
"Saints & Sinners Bingo" = GameHouse Games Collection: Saints & Sinners Bingo
"SCRABBLE" = GameHouse Games Collection: SCRABBLE
"SearchTheWebARP" = SearchTheWeb
"Shape Shifter" = GameHouse Games Collection: Shape Shifter
"Slingo Deluxe" = GameHouse Games Collection: Slingo Deluxe
"Smile Brush" = Smile Brush
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"Spelvin" = GameHouse Games Collection: Spelvin
"Splash" = GameHouse Games Collection: Splash
"Spring Sprang Sprung" = GameHouse Games Collection: Spring Sprang Sprung
"Super 5-Line Slots" = GameHouse Games Collection: Super 5-Line Slots
"Super Bounce Out!" = GameHouse Games Collection: Super Bounce Out!
"Super Candy Cruncher" = GameHouse Games Collection: Super Candy Cruncher
"Super Collapse! II Platinum" = GameHouse Games Collection: Super Collapse! II Platinum
"Super Fruit Frolic" = GameHouse Games Collection: Super Fruit Frolic
"Super GameHouse Solitaire Vol. 1" = GameHouse Games Collection: Super GameHouse Solitaire Vol. 1
"Super GameHouse Solitaire Vol. 2" = GameHouse Games Collection: Super GameHouse Solitaire Vol. 2
"Super GameHouse Solitaire Vol. 3" = GameHouse Games Collection: Super GameHouse Solitaire Vol. 3
"Super Gem Drop" = GameHouse Games Collection: Super Gem Drop
"Super Glinx!" = GameHouse Games Collection: Super Glinx!
"Super Letter Linker" = GameHouse Games Collection: Super Letter Linker
"Super Nisqually" = GameHouse Games Collection: Super Nisqually
"Super PileUp!" = GameHouse Games Collection: Super PileUp!
"Super Pool" = GameHouse Games Collection: Super Pool
"Super Pop & Drop!" = GameHouse Games Collection: Super Pop & Drop!
"Super Rumble Cube" = GameHouse Games Collection: Super Rumble Cube
"Super SpongeBob Collapse!" = GameHouse Games Collection: Super SpongeBob Collapse!
"Super TextTwist" = GameHouse Games Collection: Super TextTwist
"Super WHATword" = GameHouse Games Collection: Super WHATword
"Super Wild Wild Words" = GameHouse Games Collection: Super Wild Wild Words
"Tap a Jam" = GameHouse Games Collection: Tap a Jam
"Tennis Titans" = GameHouse Games Collection: Tennis Titans
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Trillian" = Trillian
"Trivia Machine" = GameHouse Games Collection: Trivia Machine
"Tropical Swaps" = GameHouse Games Collection: Tropical Swaps
"Tumblebugs" = GameHouse Games Collection: Tumblebugs
"TuneUp Utilities" = TuneUp Utilities
"Turtle Bay" = GameHouse Games Collection: Turtle Bay
"Twistingo" = GameHouse Games Collection: Twistingo
"Ultimate Dominoes" = GameHouse Games Collection: Ultimate Dominoes
"Unknown Device Identifier_is1" = Unknown Device Identifier 7.00
"uTorrent" = µTorrent
"Varmintz Deluxe" = GameHouse Games Collection: Varmintz Deluxe
"Walls of Jericho, The" = GameHouse Games Collection: Walls of Jericho, The
"Wheel of Fortune" = GameHouse Games Collection: Wheel of Fortune
"WildTangent toshiba Master Uninstall" = TOSHIBA Games
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"Word Jolt" = GameHouse Games Collection: Word Jolt
"Word Slinger" = GameHouse Games Collection: Word Slinger
"WordJong To Go" = GameHouse Games Collection: WordJong To Go
"xfinitytb" = Xfinity.com Toolbar 3.5
"Yahoo! Friend" = Yahoo! Friend
"Zuma Deluxe" = GameHouse Games Collection: Zuma Deluxe

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1659419934-660851909-4252960256-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle For PC" = Amazon Kindle For PC v1.0
"FamilySearch Indexing (www.familysearchindexing.org)" = FamilySearch Indexing (www.familysearchindexing.org)
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/4/2010 2:30:00 AM | Computer Name = ARVPDNXJQS | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/4/2010 2:30:02 AM | Computer Name = ARVPDNXJQS | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 9/4/2010 2:32:21 AM | Computer Name = ARVPDNXJQS | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6000.16771 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 170 Start Time: 01cb4bf7916f73e7 Termination Time: 639

Error - 9/4/2010 2:37:13 AM | Computer Name = ARVPDNXJQS | Source = McLogEvent | ID = 5051
Description =

Error - 9/4/2010 2:42:21 AM | Computer Name = ARVPDNXJQS | Source = McLogEvent | ID = 5051
Description =

Error - 9/4/2010 2:54:56 AM | Computer Name = ARVPDNXJQS | Source = Google Update | ID = 20
Description =

Error - 9/4/2010 3:08:15 AM | Computer Name = ARVPDNXJQS | Source = WerSvc | ID = 5007
Description =

Error - 9/4/2010 3:15:33 AM | Computer Name = ARVPDNXJQS | Source = Google Update | ID = 20
Description =

Error - 9/4/2010 3:54:09 AM | Computer Name = ARVPDNXJQS | Source = Google Update | ID = 20
Description =

Error - 9/4/2010 4:15:36 AM | Computer Name = ARVPDNXJQS | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 11/6/2010 11:27:27 AM | Computer Name = ARVPDNXJQS | Source = Service Control Manager | ID = 7000
Description =

Error - 11/6/2010 11:27:27 AM | Computer Name = ARVPDNXJQS | Source = Service Control Manager | ID = 7009
Description =

Error - 11/6/2010 11:27:27 AM | Computer Name = ARVPDNXJQS | Source = Service Control Manager | ID = 7000
Description =

Error - 11/6/2010 11:27:27 AM | Computer Name = ARVPDNXJQS | Source = Service Control Manager | ID = 7009
Description =

Error - 11/6/2010 11:27:27 AM | Computer Name = ARVPDNXJQS | Source = Service Control Manager | ID = 7000
Description =

Error - 11/6/2010 11:27:42 AM | Computer Name = ARVPDNXJQS | Source = Print | ID = 23
Description = Printer Microsoft XPS Document Writer failed to initialize because
a suitable Microsoft XPS Document Writer driver could not be found. The new printer
settings that you specified have not taken effect. Install or reinstall the printer
driver. You might need to contact the vendor for an updated driver.

Error - 11/6/2010 11:28:59 AM | Computer Name = ARVPDNXJQS | Source = Service Control Manager | ID = 7022
Description =

Error - 11/6/2010 11:36:45 AM | Computer Name = ARVPDNXJQS | Source = DCOM | ID = 10016
Description =

Error - 11/6/2010 11:36:45 AM | Computer Name = ARVPDNXJQS | Source = DCOM | ID = 10016
Description =

Error - 11/6/2010 11:36:45 AM | Computer Name = ARVPDNXJQS | Source = DCOM | ID = 10016
Description =


< End of report >
Kimberly

#4 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:34 PM

Posted 06 November 2010 - 06:13 PM

Hello, SouthrnSmile40.
I read your older thread and you did/do have a backdoor, so I need to provide this warning.

Backdoor Warning
One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you do decide to proceed, please continue with the fix below.
P2P Warning and Request
The log shows that you have been using so called peer-to-peer or file-sharing programmes (in your case uTorrent, LimeWire). These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come a long way and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of their malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. I recommend that you uninstall this program. That is optional, however. If you decide to not uninstall, please refrain from using it until I let you know your computer is clean.

Registry Cleaner Warning


I also see that you have a registry cleaner installed (in your case TuneUp Utilities). Here at BC, we do not recommend using registry cleaners. If you do use it, make sure to use a tool like ERUNT to back up your registry first. Merely backing it up yourself via regedit wont' help you if you can't boot up as a result!

See here for more information:
http://www.bleepingcomputer.com/forums/index.php?showtopic=238799&st=0&p=1326578&#entry1326578












Step 1

Next, please download ComboFix from one of these locations:
* IMPORTANT !!! Save ComboFix.exe to your Desktop as etavaresCF.exe
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on etavaresCF.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply, along with any symptoms that are present after it runs.

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#5 SouthrnSmile40

SouthrnSmile40
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 PM

Posted 06 November 2010 - 08:20 PM

Hi. I did decide to go ahead and run the combofix tool...which is enclosed below. I do have a question though....This computer I bought from a friend, and it did not come with a Vista Home Premium Disc. However, I did manage to borrow a disc from my sister-in-law that is a Vista Home Premium Disc but she has a Dell Computer. I am unsure if that disc will run on my computer if I decide to reformat because I have a Toshiba. I dont know enough about computers to know if that would make a differance or not. The disc I borrowed is very dark blue with white, and has Operating System at the very top, and underneath that it says Already ainstalled On Your Computer, and then underneath that it says Reinstallation DVD-Windows Vista Home Premium 32BIT. It also says on the disc " For Distribution Only With a New Dell PC.".( I wish I had a scanner I could get a picture of the disc)...So even though it says that do you know if it is still a regular Vista dvd and if it will work on my computer? That is why I have chosen not to reformat along with the fact that I simply dont know how to reformat either...Lol....Any answer will be appreciated. Thank you so much for your time. You guys are great.
Kimberly :P

ComboFix Log

ComboFix 10-11-07.01 - iji 11/06/2010 20:07:43.1.2 - x86
Running from: c:\users\iji\Desktop\etavaresCF.exe.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Search Toolbar
c:\program files\Search Toolbar\SEARCHTOOLBAR.DLL
c:\users\iji\AppData\Roaming\chrtmp
c:\windows\system32\system

.
((((((((((((((((((((((((( Files Created from 2010-10-07 to 2010-11-07 )))))))))))))))))))))))))))))))
.

2010-11-07 00:25 . 2010-11-07 00:25 -------- d-----w- c:\users\Experience\AppData\Local\temp
2010-11-07 00:25 . 2010-11-07 00:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-05 07:51 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7C5C8D7-9152-4302-AB98-D39D1E3C177E}\mpengine.dll
2010-11-04 22:35 . 2010-11-04 22:35 -------- d-----w- c:\users\iji\AppData\Roaming\Mipony
2010-11-04 22:34 . 2010-11-04 22:34 -------- d-----w- c:\program files\MiPony
2010-11-04 22:00 . 2010-11-04 22:00 -------- d-----w- c:\program files\Singlesnet
2010-11-04 03:08 . 2010-11-04 03:08 -------- d-----w- c:\windows\system32\Silabs
2010-11-04 00:19 . 2010-11-04 00:19 -------- d-----w- c:\users\iji\AppData\Roaming\ML
2010-11-04 00:04 . 2010-04-27 02:25 14920 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2010-11-04 00:04 . 2010-04-27 02:25 132424 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2010-11-04 00:04 . 2010-04-27 02:25 12616 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2010-11-04 00:04 . 2010-04-27 02:25 12616 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2010-11-04 00:04 . 2010-04-27 02:25 12488 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2010-11-04 00:04 . 2010-04-27 02:25 12488 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2010-11-04 00:04 . 2010-04-27 02:25 110280 ----a-w- c:\windows\system32\drivers\sscdserd.sys
2010-11-04 00:04 . 2010-04-27 02:25 104648 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2010-11-03 23:59 . 2010-11-03 23:59 -------- d-----w- c:\programdata\Samsung
2010-11-03 23:32 . 2010-11-03 23:32 -------- d-----w- c:\users\iji\{beee9a27-e1a2-4d0a-88ed-ecb38f3e27b0}
2010-11-03 23:32 . 2010-11-03 23:32 -------- d-----w- c:\users\iji\{04d9152f-78f8-4714-8a5e-a3b952c31b40}
2010-11-03 23:30 . 2010-11-04 00:30 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2010-11-03 23:30 . 2010-11-03 23:30 -------- d-----w- c:\program files\DIFX
2010-11-03 23:29 . 2010-07-29 07:50 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe
2010-11-03 23:29 . 2010-06-14 00:32 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2010-11-03 23:29 . 2009-11-02 13:39 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2010-11-03 23:28 . 2010-11-04 01:10 -------- d-----w- c:\users\iji\AppData\Roaming\Samsung
2010-11-03 23:25 . 2010-11-03 23:25 -------- d-----w- c:\program files\MarkAny
2010-11-03 23:24 . 2010-11-04 00:45 -------- d-----w- c:\program files\Samsung
2010-11-03 23:16 . 2010-11-03 23:16 -------- d-----w- c:\users\iji\AppData\Local\Downloaded Installations
2010-11-03 22:47 . 2010-11-03 22:45 115331072 ----a-w- c:\program files\Samsung New PC Studio.msi
2010-11-03 22:40 . 2010-11-03 22:33 7772672 ----a-w- c:\program files\Samsung New PC Studio USB Driver Installer.msi
2010-10-26 22:30 . 2010-10-26 22:30 -------- d-----w- c:\users\iji\AppData\Local\AVG Security Toolbar
2010-10-25 21:02 . 2010-10-25 21:02 -------- d-----w- c:\program files\Sophos
2010-10-25 13:50 . 2010-10-25 13:50 -------- d-----w- c:\programdata\PMB Files
2010-10-25 12:22 . 2010-10-25 12:23 -------- d-----w- c:\program files\YouTube Downloader
2010-10-25 01:38 . 2010-10-25 01:38 -------- d-----w- C:\$AVG
2010-10-24 20:56 . 2010-10-24 20:56 -------- d-----w- c:\users\iji\AppData\Roaming\Auslogics
2010-10-24 20:56 . 2010-10-24 20:56 -------- d-----w- c:\program files\Auslogics
2010-10-24 17:45 . 2010-10-24 17:45 -------- d-----w- c:\users\iji\AppData\Roaming\SUPERAntiSpyware.com
2010-10-24 17:45 . 2010-10-24 17:45 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-10-24 17:43 . 2010-10-24 17:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-10-24 17:04 . 2010-10-24 21:26 -------- d-----w- c:\users\iji\AppData\Roaming\kikin
2010-10-24 17:04 . 2010-10-24 17:04 -------- d-----w- c:\program files\kikin
2010-10-24 17:03 . 2010-11-05 09:50 -------- d-----w- c:\users\iji\AppData\Roaming\mIRC
2010-10-24 17:03 . 2010-10-24 17:04 -------- d-----w- c:\users\iji\AppData\Local\OpenCandy
2010-10-24 17:03 . 2010-10-24 17:03 -------- d-----w- c:\users\iji\AppData\Roaming\OpenCandy
2010-10-24 17:03 . 2010-10-24 17:03 -------- d-----w- c:\program files\mIRC
2010-10-24 15:35 . 2010-10-24 15:35 -------- d-----w- c:\users\iji\AppData\Local\WeatherBug
2010-10-24 15:34 . 2010-10-24 15:34 -------- d-----w- c:\users\iji\AppData\Roaming\WeatherBug
2010-10-24 15:34 . 2010-10-24 15:34 18944 ----a-r- c:\users\iji\AppData\Roaming\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A16301.exe
2010-10-24 15:34 . 2010-10-24 15:34 11264 ----a-r- c:\users\iji\AppData\Roaming\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A1630.exe
2010-10-24 15:34 . 2010-10-24 15:34 -------- d-----w- c:\program files\AWS
2010-10-24 04:07 . 2010-10-24 04:07 -------- d-----w- c:\users\iji\AppData\Roaming\Systweak
2010-10-24 03:51 . 2010-10-24 03:51 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-10-24 03:51 . 2010-10-24 03:54 -------- d--h--w- c:\program files\Temp
2010-10-23 05:10 . 2010-10-25 19:51 -------- d-----w- c:\users\iji\DoctorWeb
2010-10-22 17:05 . 2010-10-22 17:05 -------- d-----w- c:\program files\ESET
2010-10-20 20:55 . 2010-10-20 20:55 -------- d-----w- c:\users\iji\AppData\Roaming\Malwarebytes
2010-10-20 20:55 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-20 20:55 . 2010-10-20 20:55 -------- d-----w- c:\programdata\Malwarebytes
2010-10-20 20:55 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-20 20:55 . 2010-10-20 20:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-20 16:53 . 2010-10-20 16:53 -------- d-----w- c:\program files\uTorrent
2010-10-20 16:21 . 2010-10-20 18:08 -------- d-----w- c:\users\iji\AppData\Roaming\ImgBurn
2010-10-20 16:20 . 2010-10-20 16:20 -------- d-----w- c:\program files\ImgBurn
2010-10-20 13:27 . 2009-04-16 18:08 312832 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp70v.dll
2010-10-20 13:27 . 2009-04-15 21:53 452408 ----a-w- c:\windows\system32\hpzids01.dll
2010-10-20 13:26 . 2009-04-16 18:08 126976 ----a-w- c:\windows\system32\hpfll70v.dll
2010-10-20 13:21 . 2008-10-28 10:27 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2010-10-20 13:20 . 2008-10-28 10:27 309760 ----a-w- c:\windows\system32\difxapi.dll
2010-10-19 19:10 . 2010-10-19 19:10 -------- d-----w- c:\users\iji\AppData\Roaming\AVG9
2010-10-19 16:36 . 2010-10-20 08:29 -------- d-----w- c:\program files\Mozilla Developer Preview 3.7 Alpha 5
2010-10-19 02:43 . 2010-10-19 02:43 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-10-19 02:43 . 2010-10-19 02:43 25168 ----a-w- c:\windows\system32\drivers\AVGIDSvx.sys
2010-10-19 02:43 . 2010-10-19 02:43 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-10-19 02:43 . 2010-10-19 02:43 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-10-19 02:42 . 2010-10-19 02:42 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-10-19 02:42 . 2010-10-19 02:42 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-10-19 02:42 . 2010-11-06 02:04 -------- d-----w- c:\windows\system32\drivers\Avg
2010-10-19 02:42 . 2010-10-22 16:53 -------- d-----w- c:\programdata\AVG Security Toolbar
2010-10-19 02:39 . 2010-10-19 02:39 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys
2010-10-19 02:39 . 2010-10-30 20:38 -------- d-----w- c:\programdata\avg9
2010-10-18 23:26 . 2010-10-18 23:39 -------- d-----w- c:\users\iji\AppData\Local\IM
2010-10-18 23:25 . 2010-10-18 23:25 -------- d-----w- c:\programdata\IncrediMail
2010-10-18 23:25 . 2010-10-18 23:37 -------- d-----w- c:\programdata\IM
2010-10-18 23:25 . 2010-10-18 23:25 -------- d-----w- c:\program files\IncrediMail
2010-10-18 18:33 . 2010-10-18 18:44 -------- d-----w- c:\users\iji\AppData\Roaming\DivX
2010-10-18 18:32 . 2010-10-18 18:32 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-10-18 18:31 . 2010-10-18 19:21 -------- d-----w- c:\program files\DivX
2010-10-18 18:31 . 2010-10-18 19:21 -------- d-----w- c:\programdata\DivX
2010-10-18 10:10 . 2010-10-18 10:31 -------- d-----w- c:\programdata\MFAData
2010-10-17 21:24 . 2010-10-17 21:24 -------- d-----w- c:\windows\XSxS
2010-10-17 21:24 . 2010-10-17 21:24 -------- d-----w- c:\program files\Xenocode
2010-10-17 13:39 . 2010-11-03 03:15 -------- d-----w- c:\users\iji\AppData\Roaming\HpUpdate
2010-10-17 13:38 . 2010-10-17 13:38 -------- d-----w- c:\windows\Hewlett-Packard
2010-10-17 03:19 . 2006-10-16 14:18 344064 ----a-w- c:\windows\system32\vphc710.exe
2010-10-17 02:54 . 2010-10-17 02:54 -------- d-----w- c:\users\iji\AppData\Roaming\AOLLifestream.621681294CEC3900A26138A4CB3BC67A344B732C.1
2010-10-17 02:52 . 2010-10-17 02:52 -------- d-----w- c:\program files\AOL Lifestream
2010-10-17 02:44 . 2010-10-17 02:45 -------- d-----w- c:\users\iji\AppData\Roaming\acccore
2010-10-17 02:44 . 2010-10-17 02:44 -------- d-----w- c:\users\iji\AppData\Local\AIM
2010-10-17 02:44 . 2010-10-17 02:44 -------- d-----w- c:\users\iji\AppData\Local\AOL
2010-10-17 02:43 . 2010-10-17 02:43 -------- d-----w- c:\programdata\AIM
2010-10-17 02:43 . 2010-10-17 02:43 -------- d-----w- c:\program files\AIM
2010-10-17 02:43 . 2010-10-17 02:43 -------- d-----w- c:\program files\Common Files\Software Update Utility
2010-10-17 02:43 . 2010-10-17 02:43 -------- d-----w- c:\program files\Common Files\AOL
2010-10-17 02:23 . 2010-10-17 02:23 -------- d-----w- c:\program files\Unknown Device Identifier
2010-10-17 01:33 . 2010-10-26 08:29 -------- d-----w- c:\users\iji\AppData\Roaming\Bandoo
2010-10-17 01:29 . 2010-10-17 01:29 -------- d-----w- c:\program files\Driver-Soft
2010-10-15 14:45 . 2010-10-26 07:52 -------- d-----w- c:\programdata\Bandoo
2010-10-15 14:43 . 2010-10-15 14:46 -------- d-----w- c:\program files\Bandoo
2010-10-15 14:35 . 2010-10-15 14:35 -------- d-----w- c:\users\iji\AppData\Roaming\sb_temp
2010-10-15 14:35 . 2010-10-15 14:35 -------- d-----w- c:\program files\Smile Brush
2010-10-15 14:31 . 2010-10-15 14:31 -------- d-----w- c:\users\iji\AppData\Roaming\nswb
2010-10-15 14:31 . 2010-10-15 14:31 -------- d-----w- c:\program files\EZ Emoticons
2010-10-15 09:17 . 2010-10-15 09:17 -------- d-----w- c:\programdata\Iminent
2010-10-15 09:12 . 2010-10-15 09:12 -------- d-----w- c:\program files\IMinent Toolbar
2010-10-15 08:18 . 2010-10-15 08:18 -------- d-----w- c:\programdata\McAfee Security Scan
2010-10-15 08:17 . 2010-10-15 08:28 -------- d-----w- c:\program files\McAfee Security Scan
2010-10-15 08:16 . 2010-10-17 13:35 -------- d-----w- c:\program files\NOS
2010-10-15 08:16 . 2010-10-15 09:52 -------- d-----w- c:\programdata\NOS
2010-10-15 08:09 . 2010-10-15 09:12 -------- d-----w- c:\program files\Iminent
2010-10-15 01:42 . 2010-10-18 23:08 -------- d-----w- C:\FU_Backup
2010-10-15 01:42 . 2010-10-15 01:42 -------- d-----w- c:\users\iji\AppData\Roaming\CheeseSoft
2010-10-15 01:42 . 2010-10-15 01:47 -------- d-----w- c:\program files\FinalUninstaller
2010-10-14 19:47 . 2010-10-14 19:47 -------- d--h--w- c:\windows\Icons
2010-10-14 19:21 . 2010-09-30 15:51 21312 ----a-w- c:\windows\system32\authuitu.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-22 05:24 . 2010-09-28 12:50 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2010-10-19 15:41 . 2010-09-22 20:04 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-02 01:35 . 2010-10-02 01:35 553760 ----a-w- c:\users\iji\Mats_Run.maintenance.exe
2010-10-02 01:34 . 2010-10-02 01:33 554272 ----a-w- c:\users\iji\Mats_Run.performance.exe
2010-09-28 01:45 . 2010-09-28 00:58 498580680 ----a-w- c:\users\iji\Windows6.0-KB948465-X86.exe
2010-09-24 01:09 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-09-24 01:07 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-09-20 18:05 . 2010-09-20 18:05 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2010-09-15 08:50 . 2010-09-28 20:14 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-08 15:17 . 2010-09-08 15:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17 . 2010-09-08 15:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-08-17 14:11 . 2010-09-28 18:20 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-10 11:46 . 2010-08-10 11:46 1066176 ----a-w- c:\windows\system32\MSCOMCTL.ocx
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-10-06 2475336]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
2010-07-02 13:54 2607872 ----a-w- c:\program files\IMinent Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-10-06 15:31 2475336 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2010-09-09 18:02 799472 ----a-w- c:\program files\kikin\ie_kikin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
2010-09-20 13:05 2194944 ----a-w- c:\program files\Bandoo\Plugins\IE\ieplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-10-06 2475336]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-10-06 2475336]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TrayMin710.exe.lnk - c:\program files\Philips\Philips SPC710NC Webcam\TrayMin710.exe [2010-10-16 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\windows\System32\avgrsstx.dll c:\progra~1\Bandoo\BndHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEMO]
2008-09-02 18:43 344064 ----a-w- c:\program files\EZ Emoticons\EZ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMBooster]
2010-08-16 20:07 1631736 ----a-w- c:\program files\Iminent\IMBooster\IMBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iminent.Notifier]
2010-07-09 20:21 536056 ----a-w- c:\program files\Iminent\SearchTheWeb\Iminent.Notifier.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\iji\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"PowerSuite"="c:\program files\Uniblue\PowerSuite\launcher.exe" delay 20000 -m

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"EfficientLadysOrganizer"=

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"AirPort Base Station Agent"="c:\program files\AirPort\APAgent.exe"
"phc700"=c:\windows\vphc700.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"IdiomaX Office"=c:\program files\IdiomaX\Translation Suite 5.0\IdxOffice.exe
"IdiomaX Product Update"=c:\program files\Common Files\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe /AUTOSTART
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"mcagent_exe"=c:\program files\McAfee.com\Agent\mcagent.exe /runkey

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 135664]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R3 ADASPROT;SYSTWEAKASO;c:\program files\Advanced System Optimizer 3\adasprot32.sys [2010-07-30 6656]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-09 30192]
R3 GTUQBUS;GT UQ BUS;c:\windows\system32\DRIVERS\gtuqbus.sys [2007-09-05 37120]
R3 IO_Memory;IO_Memory;c:\windows\SYSTEM32\SYSPREP\Drivers\ioport.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\B0FB.tmp [x]
R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2008-01-19 21504]
R3 phc700;USB PC Camera (SPC700NC);c:\windows\system32\DRIVERS\phc700.sys [2006-10-16 644864]
R3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\DRIVERS\swivspnt.sys [2007-03-26 20352]
R3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);c:\windows\system32\DRIVERS\swnc8u56.sys [2007-06-27 101248]
R3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);c:\windows\system32\DRIVERS\swumx56.sys [2007-06-27 73856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\Advanced System Optimizer 3\ASO3DefragSrv.exe [2010-10-05 239928]
R4 PremierOpinion;PremierOpinion;c:\program files\PremierOpinion\pmservice.exe [x]
S0 AVGIDSErHrvtx;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSvx.sys [2010-10-19 25168]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-10-19 52872]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-10-19 24856]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-10-19 216400]
S1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-10-19 243024]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-06-17 616408]
S2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-10-19 921952]
S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-10-19 308136]
S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [2010-10-19 2331544]
S2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-29 238952]
S3 AVGIDSDrivervtx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys [2010-10-19 122448]
S3 AVGIDSFiltervtx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys [2010-10-19 30288]
S3 AVGIDSShimvtx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys [2010-10-19 27216]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-06-10 347648]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-11-06 c:\windows\Tasks\ASOService.job
- c:\program files\Advanced System Optimizer 3\ASO3.exe [2010-10-05 17:59]

2010-11-06 c:\windows\Tasks\Free File Viewer Update Checker.job
- c:\program files\FreeFileViewer\FFVCheckForUpdates.exe [2010-09-19 17:37]

2010-11-06 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-09-20 14:32]

2010-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 18:52]

2010-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 18:52]

2010-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659419934-660851909-4252960256-1000Core.job
- c:\users\iji\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 12:21]

2010-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659419934-660851909-4252960256-1000UA.job
- c:\users\iji\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 12:21]

2010-09-20 c:\windows\Tasks\IdiomaX Product Update.job
- c:\program files\Common Files\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe [2007-07-16 03:40]

2010-11-06 c:\windows\Tasks\User_Feed_Synchronization-{37787454-5E3E-4688-A3AB-839DD24D6B8E}.job
- c:\windows\system32\msfeedssync.exe [2010-10-12 04:25]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.xfinity.com/?cid=xfactiv_eg_self_main
mWindow Title = Windows Internet Explorer provided by Comcast
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Add animation to IncrediMail Style Box - c:\program files\IncrediMail\bin\resources\WebMenuImg.htm
IE: Download with Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
TCP: {CD9E7125-9FA0-4988-8EDD-3BB9588C646D} = 209.183.35.23 209.183.33.23
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
FF - ProfilePath - c:\users\iji\AppData\Roaming\Mozilla\Firefox\Profiles\5b310vvu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?PC=BRTH&FORM=BT004D&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\NOS\bin\np_gp.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\users\iji\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\iji\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\iji\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
Notify-DfLogon - LogonDll.dll
SafeBoot-klmdb.sys
AddRemove-LimeWire - c:\program files\LimeWire\uninstall.exe
AddRemove-MetaProducts Picture Downloader - c:\program files\MetaProducts Picture Downloader\pd.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-06 20:26
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\B0FB.tmp"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET CLR Data]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET CLR Networking]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET CLR Networking 4.0.0.0]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET Data Provider for Oracle]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET Data Provider for SqlServer]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NETFramework]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ACPI]
"ImagePath"="system32\drivers\acpi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ADASPROT]
"ImagePath"="\??\c:\program files\Advanced System Optimizer 3\adasprot32.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adp94xx]
"ImagePath"="\SystemRoot\system32\drivers\adp94xx.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpahci]
"ImagePath"="\SystemRoot\system32\drivers\adpahci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpu160m]
"ImagePath"="\SystemRoot\system32\drivers\adpu160m.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpu320]
"ImagePath"="\SystemRoot\system32\drivers\adpu320.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adsi]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AeLookupSvc]
"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\system32\drivers\afd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AgereModemAudio]
"ImagePath"="c:\windows\system32\agrsmsvc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AgereSoftModem]
"ImagePath"="system32\DRIVERS\AGRSM.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\agp440]
"ImagePath"="\SystemRoot\system32\drivers\agp440.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\aic78xx]
"ImagePath"="\SystemRoot\system32\drivers\djsvs.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\aliide]
"ImagePath"="\SystemRoot\system32\drivers\aliide.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\amdagp]
"ImagePath"="\SystemRoot\system32\drivers\amdagp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\amdide]
"ImagePath"="\SystemRoot\system32\drivers\amdide.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AmdK7]
"ImagePath"="\SystemRoot\system32\drivers\amdk7.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AmdK8]
"ImagePath"="system32\DRIVERS\amdk8.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AntiSpywareService]
"ImagePath"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Appinfo]
"ServiceDll"="%SystemRoot%\System32\appinfo.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\arc]
"ImagePath"="\SystemRoot\system32\drivers\arc.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\arcsas]
"ImagePath"="\SystemRoot\system32\drivers\arcsas.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ASO3DiskOptimizer]
"ImagePath"="c:\program files\Advanced System Optimizer 3\ASO3DefragSrv.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\atapi]
"ImagePath"="system32\drivers\atapi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ati External Event Utility]
"ImagePath"="%SystemRoot%\system32\Ati2evxx.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Atierecord]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\atikmdag]
"ImagePath"="system32\DRIVERS\atikmdag.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AtiPcie]
"ImagePath"="system32\DRIVERS\AtiPcie.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AudioEndpointBuilder]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Audiosrv]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avg]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVG Security Toolbar Service]
"ImagePath"="c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\avg9emc]
"ImagePath"="\"c:\program files\AVG\AVG9\avgemc.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\avg9wd]
"ImagePath"="\"c:\program files\AVG\AVG9\avgwdsvc.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avgfwfd]
"ImagePath"="system32\DRIVERS\avgfwd6x.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\avgfws9]
"ImagePath"="\"c:\program files\AVG\AVG9\avgfws9.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSAgent]
"ImagePath"="\"c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe\" AVGIDSAgent"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSDrivervtx]
"ImagePath"="\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSErHrvtx]
"ImagePath"="System32\Drivers\AVGIDSvx.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSFiltervtx]
"ImagePath"="\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSShimvtx]
"ImagePath"="\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AvgLdx86]
"ImagePath"="System32\Drivers\avgldx86.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AvgMfx86]
"ImagePath"="System32\Drivers\avgmfx86.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AvgRkx86]
"ImagePath"="System32\Drivers\avgrkx86.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AvgTdiX]
"ImagePath"="System32\Drivers\avgtdix.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Bandoo Coordinator]
"ImagePath"="\"c:\progra~1\Bandoo\Bandoo.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BattC]
"MofImagePath"="system32\drivers\battc.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Beep]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BFE]
"ServiceDll"="%SystemRoot%\System32\bfe.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\blbdrive]
"ImagePath"="\SystemRoot\system32\drivers\blbdrive.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bowser]
"ImagePath"="system32\DRIVERS\bowser.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrFiltLo]
"ImagePath"="\SystemRoot\system32\drivers\brfiltlo.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrFiltUp]
"ImagePath"="\SystemRoot\system32\drivers\brfiltup.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Brserid]
"ImagePath"="\SystemRoot\system32\drivers\brserid.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrSerWdm]
"ImagePath"="\SystemRoot\system32\drivers\brserwdm.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrUsbMdm]
"ImagePath"="\SystemRoot\system32\drivers\brusbmdm.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrUsbSer]
"ImagePath"="\SystemRoot\system32\drivers\brusbser.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHMODEM]
"ImagePath"="\SystemRoot\system32\drivers\bthmodem.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHPORT]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\users\iji\AppData\Local\Temp\catchme.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\cdfs]
"ImagePath"="system32\DRIVERS\cdfs.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CertPropSvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CFSvcs]
"ImagePath"="c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\circlass]
"ImagePath"="system32\DRIVERS\circlass.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CLFS]
"ImagePath"="System32\CLFS.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\clr_optimization_v4.0.30319_32]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CmBatt]
"ImagePath"="system32\DRIVERS\CmBatt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\cmdide]
"ImagePath"="\SystemRoot\system32\drivers\cmdide.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Compbatt]
"ImagePath"="system32\DRIVERS\compbatt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\crcdisk]
"ImagePath"="system32\drivers\crcdisk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Crusoe]
"ImagePath"="\SystemRoot\system32\drivers\crusoe.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\crypt32]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DCLocator]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DfsC]
"ImagePath"="System32\Drivers\dfsc.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DFSR]
"ImagePath"="%SystemRoot%\system32\DFSR.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\system32\dhcpcsvc.dll"
--

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\disk]
"ImagePath"="system32\drivers\disk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dot4]
"ImagePath"="system32\DRIVERS\Dot4.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dot4Print]
"ImagePath"="system32\DRIVERS\Dot4Prt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\dot4usb]
"ImagePath"="system32\DRIVERS\dot4usb.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DPS]
"ServiceDll"="%SystemRoot%\system32\dps.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DXGKrnl]
"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\E1G60]
"ImagePath"="system32\DRIVERS\E1G60I32.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ecache]
"ImagePath"="System32\drivers\ecache.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ehRecvr]
"ImagePath"="%systemroot%\ehome\ehRecvr.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ehSched]
"ImagePath"="%systemroot%\ehome\ehsched.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ehstart]
"ServiceDll"="%SystemRoot%\ehome\ehstart.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\elxstor]
"ImagePath"="\SystemRoot\system32\drivers\elxstor.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EmdCache]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EMDMgmt]
"ServiceDll"="%systemroot%\system32\emdmgmt.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ESENT]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Eventlog]
"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EventSystem]
"ServiceDll"="%systemroot%\system32\es.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\exfat]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fastfat]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fdc]
"ImagePath"="system32\DRIVERS\fdc.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fdPHost]
"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FDResPub]
"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FileInfo]
"ImagePath"="system32\drivers\fileinfo.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Filetrace]
"ImagePath"="system32\drivers\filetrace.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\flpydisk]
"ImagePath"="system32\DRIVERS\flpydisk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FontCache]
"ServiceDll"="%SystemRoot%\system32\FntCache.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FontCache3.0.0.0]
"ImagePath"="%systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fssfltr]
"ImagePath"="system32\DRIVERS\fssfltr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fsssvc]
"ImagePath"="\"c:\program files\Windows Live\Family Safety\fsssvc.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FsUsbExDisk]
"ImagePath"="\??\c:\windows\system32\FsUsbExDisk.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FsUsbExService]
"ImagePath"="c:\windows\system32\FsUsbExService.Exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Fs_Rec]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FwLnk]
"ImagePath"="system32\DRIVERS\FwLnk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gagp30kx]
"ImagePath"="\SystemRoot\system32\drivers\gagp30kx.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\GEARAspiWDM]
"ImagePath"="System32\Drivers\GEARAspiWDM.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\GoogleDesktopManager-051210-111108]
"ImagePath"="\"c:\program files\Google\Google Desktop Search\GoogleDesktop.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gpsvc]
"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\GTPTSER]
"ImagePath"="system32\DRIVERS\gtptser.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\GTSCSER]
"ImagePath"="system32\DRIVERS\gtscser.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\GTUQBUS]
"ImagePath"="system32\DRIVERS\gtuqbus.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gupdate]
"ImagePath"="\"c:\program files\Google\Update\GoogleUpdate.exe\" /svc"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gusvc]
"ImagePath"="\"c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HdAudAddService]
"ImagePath"="system32\drivers\HdAudio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HidBth]
"ImagePath"="\SystemRoot\system32\drivers\hidbth.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HidIr]
"ImagePath"="system32\DRIVERS\hidir.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hidserv]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hkmsvc]
"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HpCISSs]
"ImagePath"="\SystemRoot\system32\drivers\hpcisss.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HTTP]
"ImagePath"="system32\drivers\HTTP.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\i2omp]
"ImagePath"="\SystemRoot\system32\drivers\i2omp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iaStorV]
"ImagePath"="\SystemRoot\system32\drivers\iastorv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\idsvc]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iirsp]
"ImagePath"="\SystemRoot\system32\drivers\iirsp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IKEEXT]
"ServiceDll"="%SystemRoot%\System32\ikeext.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\inetaccs]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RTKVHDA.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\intelide]
"ImagePath"="\SystemRoot\system32\drivers\intelide.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IO_Memory]
"ImagePath"="\??\c:\windows\SYSTEM32\SYSPREP\Drivers\ioport.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IPBusEnum]
"ServiceDll"="%SystemRoot%\system32\ipbusenum.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iphlpsvc]
"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IPMIDRV]
"ImagePath"="\SystemRoot\system32\drivers\ipmidrv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IPNAT]
"ImagePath"="system32\DRIVERS\ipnat.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iPod Service]
"ImagePath"="\"c:\program files\iPod\bin\iPodService.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IRENUM]
"ImagePath"="system32\drivers\irenum.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\isapnp]
"ImagePath"="\SystemRoot\system32\drivers\isapnp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iScsiPrt]
"ImagePath"="system32\DRIVERS\msiscsi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iteatapi]
"ImagePath"="\SystemRoot\system32\drivers\iteatapi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iteraid]
"ImagePath"="\SystemRoot\system32\drivers\iteraid.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ITMRTSVC]
"ImagePath"="\"c:\program files\CA\PPRT\bin\ITMRTSVC.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KeyIso]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KR10I]
"ImagePath"="\SystemRoot\system32\drivers\kr10i.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KR10N]
"ImagePath"="\SystemRoot\system32\drivers\kr10n.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KR3NPXP]
"ImagePath"="\SystemRoot\system32\drivers\kr3npxp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KSecDD]
"ImagePath"="System32\Drivers\ksecdd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KtmRm]
"ServiceDll"="%systemroot%\system32\msdtckrm.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LanmanWorkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ldap]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lltdio]
"ImagePath"="system32\DRIVERS\lltdio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lltdsvc]
"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lmhosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Lsa]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LSI_FC]
"ImagePath"="\SystemRoot\system32\drivers\lsi_fc.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LSI_SAS]
"ImagePath"="\SystemRoot\system32\drivers\lsi_sas.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LSI_SCSI]
"ImagePath"="\SystemRoot\system32\drivers\lsi_scsi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\luafv]
"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\McComponentHostService]
"ImagePath"="\"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Mcx2Svc]
"ServiceDll"="%SystemRoot%\system32\Mcx2Svc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\megasas]
"ImagePath"="\SystemRoot\system32\drivers\megasas.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\B0FB.tmp"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MMCSS]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Modem]
"ImagePath"="system32\drivers\modem.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\monitor]
"ImagePath"="system32\DRIVERS\monitor.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MountMgr]
"ImagePath"="System32\drivers\mountmgr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mpio]
"ImagePath"="\SystemRoot\system32\drivers\mpio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mpsdrv]
"ImagePath"="System32\drivers\mpsdrv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MpsSvc]
"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Mraid35x]
"ImagePath"="\SystemRoot\system32\drivers\mraid35x.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MRxDAV]
"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mrxsmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mrxsmb10]
"ImagePath"="system32\DRIVERS\mrxsmb10.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mrxsmb20]
"ImagePath"="system32\DRIVERS\mrxsmb20.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msahci]
"ImagePath"="\SystemRoot\system32\drivers\msahci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msdsm]
"ImagePath"="\SystemRoot\system32\drivers\msdsm.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDTC]
"ImagePath"="%SystemRoot%\System32\msdtc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDTC Bridge 3.0.0.0]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDTC Bridge 4.0.0.0]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Msfs]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msisadrv]
"ImagePath"="system32\drivers\msisadrv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSiSCSI]
"ServiceDll"="%systemroot%\system32\iscsiexe.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MsRPC]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSSCNTRS]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Mup]
"ImagePath"="System32\Drivers\mup.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\napagent]
"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NativeWifiP]
"ImagePath"="system32\DRIVERS\nwifi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NDIS]
"ImagePath"="system32\drivers\ndis.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NDProxy]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Net Driver HPZ12]
"ServiceDll"="c:\windows\system32\HPZinw12.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\netbt]
"ImagePath"="System32\DRIVERS\netbt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\netprofm]
"ServiceDll"="%SystemRoot%\System32\netprofm.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NetTcpPortSharing]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nfrd960]
"ImagePath"="\SystemRoot\system32\drivers\nfrd960.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NlaSvc]
"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nosGetPlusHelper]
"ServiceDll"="c:\program files\NOS\bin\getPlus_Helper_3004.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Npfs]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nsi]
"ServiceDll"="%systemroot%\system32\nsisvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nsiproxy]
"ImagePath"="system32\drivers\nsiproxy.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NTDS]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ntfs]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ntrigdigi]
"ImagePath"="\SystemRoot\system32\drivers\ntrigdigi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Null]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvraid]
"ImagePath"="\SystemRoot\system32\drivers\nvraid.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvstor]
"ImagePath"="\SystemRoot\system32\drivers\nvstor.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nv_agp]
"ImagePath"="\SystemRoot\system32\drivers\nv_agp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ohci1394]
"ImagePath"="system32\DRIVERS\ohci1394.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Parport]
"ImagePath"="\SystemRoot\system32\drivers\parport.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\partmgr]
"ImagePath"="System32\drivers\partmgr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Parvdm]
"ImagePath"="\SystemRoot\system32\drivers\parvdm.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCASp50]
"ImagePath"="System32\Drivers\PCASp50.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PcaSvc]
"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pci]
"ImagePath"="system32\drivers\pci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pciide]
"ImagePath"="system32\drivers\pciide.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pcmcia]
"ImagePath"="\SystemRoot\system32\drivers\pcmcia.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCTINDIS5]
"ImagePath"="\??\c:\windows\system32\PCTINDIS5.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PEAUTH]
"ImagePath"="system32\drivers\peauth.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfDisk]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfNet]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfOS]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfProc]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Perf_iCrcPerfMonMgr]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\phc700]
"ImagePath"="system32\DRIVERS\phc700.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pinger]
"ImagePath"="c:\toshiba\IVP\ISM\pinger.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pla]
"ServiceDll"="%systemroot%\system32\pla.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PlugPlay]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Pml Driver HPZ12]
"ServiceDll"="c:\windows\system32\HPZipm12.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PNRPAutoReg]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PNRPsvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PolicyAgent]
"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PortProxy]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PremierOpinion]
"ImagePath"="c:\program files\PremierOpinion\pmservice.exe /service"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Processor]
"ImagePath"="\SystemRoot\system32\drivers\processr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ProfSvc]
"ServiceDll"="%systemroot%\system32\profsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PSched]
"ImagePath"="system32\DRIVERS\pacer.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ql2300]
"ImagePath"="\SystemRoot\system32\drivers\ql2300.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ql40xx]
"ImagePath"="\SystemRoot\system32\drivers\ql40xx.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\QWAVE]
"ServiceDll"="%windir%\system32\qwave.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\QWAVEdrv]
"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasSstp]
"ImagePath"="system32\DRIVERS\rassstp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPDD]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rdpdr]
"ImagePath"="\SystemRoot\system32\drivers\rdpdr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPENCDD]
"ImagePath"="system32\drivers\rdpencdd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPNP]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPWD]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RemoteAccess]
"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rimmptsk]
"ImagePath"="system32\DRIVERS\rimmptsk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rimsptsk]
"ImagePath"="system32\DRIVERS\rimsptsk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rismxdp]
"ImagePath"="system32\DRIVERS\rixdptsk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ROOTMODEM]
"ImagePath"="System32\Drivers\RootMdm.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rspndr]
"ImagePath"="system32\DRIVERS\rspndr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RTL8169]
"ImagePath"="system32\DRIVERS\Rtlh86.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RTL8187B]
"ImagePath"="system32\DRIVERS\RTL8187B.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SASDIFSV]
"ImagePath"="\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SASKUTIL]
"ImagePath"="\??\c:\program files\SUPERAntiSpyware\SASKUTIL.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sbp2port]
"ImagePath"="\SystemRoot\system32\drivers\sbp2port.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SCardSvr]
"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Schedule]
"ServiceDll"="%systemroot%\system32\schedsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SCPolicySvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sdbus]
"ImagePath"="system32\DRIVERS\sdbus.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SDRSVC]
"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SeaPort]
"ImagePath"="\"c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\secdrv]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\seclogon]
"ServiceDll"="%windir%\system32\seclogon.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Serenum]
"ImagePath"="\SystemRoot\system32\drivers\serenum.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Serial]
"ImagePath"="\SystemRoot\system32\drivers\serial.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sermouse]
"ImagePath"="\SystemRoot\system32\drivers\sermouse.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ServiceModelOperation 3.0.0.0]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ServiceModelService 3.0.0.0]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SessionEnv]
"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sffdisk]
"ImagePath"="system32\DRIVERS\sffdisk.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sffp_mmc]
"ImagePath"="\SystemRoot\system32\drivers\sffp_mmc.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sffp_sd]
"ImagePath"="system32\DRIVERS\sffp_sd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sfloppy]
"ImagePath"="\SystemRoot\system32\drivers\sfloppy.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sisagp]
"ImagePath"="\SystemRoot\system32\drivers\sisagp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SiSRaid2]
"ImagePath"="\SystemRoot\system32\drivers\sisraid2.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SiSRaid4]
"ImagePath"="\SystemRoot\system32\drivers\sisraid4.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\slsvc]
"ImagePath"="%SystemRoot%\system32\SLsvc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SLUINotify]
"ServiceDll"="%SystemRoot%\system32\SLUINotify.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Smb]
"ImagePath"="system32\DRIVERS\smb.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SMSvcHost 3.0.0.0]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SMSvcHost 4.0.0.0]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SNMPTRAP]
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\spldr]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sprtsvc_ddoctorv2]
"ImagePath"="\"c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe\" /service /P ddoctorv2"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srv]
"ImagePath"="System32\DRIVERS\srv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srv2]
"ImagePath"="System32\DRIVERS\srv2.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srvnet]
"ImagePath"="System32\DRIVERS\srvnet.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sscdbus]
"ImagePath"="system32\DRIVERS\sscdbus.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sscdmdfl]
"ImagePath"="system32\DRIVERS\sscdmdfl.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sscdmdm]
"ImagePath"="system32\DRIVERS\sscdmdm.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sscdserd]
"ImagePath"="system32\DRIVERS\sscdserd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SstpSvc]
"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWINSTST]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\swivsp]
"ImagePath"="system32\DRIVERS\swivspnt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\swmsflt]
"ImagePath"="\SystemRoot\System32\drivers\swmsflt.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWNC8U56]
"ImagePath"="system32\DRIVERS\swnc8u56.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\swprv]
"ServiceDll"="%Systemroot%\System32\swprv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWUMX00]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWUMX01]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWUMX20]
"ImagePath"="system32\DRIVERS\swumx20.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWUMX32]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWUMX33]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWUMX50]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWUMX51]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SWUMX56]
"ImagePath"="system32\DRIVERS\swumx56.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Swupdtmr]
"ImagePath"="c:\toshiba\IVP\swupdate\swupdtmr.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Symc8xx]
"ImagePath"="\SystemRoot\system32\drivers\symc8xx.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Sym_hi]
"ImagePath"="\SystemRoot\system32\drivers\sym_hi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Sym_u3]
"ImagePath"="\SystemRoot\system32\drivers\sym_u3.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SynTP]
"ImagePath"="system32\DRIVERS\SynTP.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SysMain]
"ServiceDll"="%systemroot%\system32\sysmain.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TabletInputService]
"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TBS]
"ServiceDll"="%SystemRoot%\System32\tbssvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip]
"ImagePath"="System32\drivers\tcpip.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6]
"ImagePath"="system32\DRIVERS\tcpip.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tcpipreg]
"ImagePath"="System32\drivers\tcpipreg.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tdcmdpst]
"ImagePath"="system32\DRIVERS\tdcmdpst.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TDPIPE]
"ImagePath"="system32\drivers\tdpipe.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TDTCP]
"ImagePath"="system32\drivers\tdtcp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tdx]
"ImagePath"="system32\DRIVERS\tdx.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\system32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\THREADORDER]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TNaviSrv]
"ImagePath"="c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TODDSrv]
"ImagePath"="c:\windows\system32\TODDSrv.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TosCoSrv]
"ImagePath"="\"c:\program files\Toshiba\Power Saver\TosCoSrv.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TOSHIBA Bluetooth Service]
"ImagePath"="c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tosrfcom]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tosrfec]
"ImagePath"="system32\DRIVERS\tosrfec.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tosrfusb]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tos_sps32]
"ImagePath"="system32\DRIVERS\tos_sps32.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\System32\trkwks.dll"
--

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TrustedInstaller]
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TSDDD]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tssecsrv]
"ImagePath"="System32\DRIVERS\tssecsrv.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TuneUp.Defrag]
"ImagePath"="c:\program files\TuneUp Utilities 2010\TuneUpDefragService.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TuneUp.UtilitiesSvc]
"ImagePath"="\"c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TuneUpUtilitiesDrv]
"ImagePath"="\??\c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tunmp]
"ImagePath"="system32\DRIVERS\tunmp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tunnel]
"ImagePath"="system32\DRIVERS\tunnel.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TVALZ]
"ImagePath"="system32\DRIVERS\TVALZ_O.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\uagp35]
"ImagePath"="\SystemRoot\system32\drivers\uagp35.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\udfs]
"ImagePath"="system32\DRIVERS\udfs.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UGatherer]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UGTHRSVC]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UI0Detect]
"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UleadBurningHelper]
"ImagePath"="c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\uliagpkx]
"ImagePath"="\SystemRoot\system32\drivers\uliagpkx.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\uliahci]
"ImagePath"="\SystemRoot\system32\drivers\uliahci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UlSata]
"ImagePath"="\SystemRoot\system32\drivers\ulsata.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ulsata2]
"ImagePath"="\SystemRoot\system32\drivers\ulsata2.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\umbus]
"ImagePath"="system32\DRIVERS\umbus.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usb]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\USBAAPL]
"ImagePath"="System32\Drivers\usbaapl.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbaudio]
"ImagePath"="system32\drivers\usbaudio.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbcir]
"ImagePath"="\SystemRoot\system32\drivers\usbcir.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbuhci]
"ImagePath"="system32\DRIVERS\usbuhci.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbvideo]
"ImagePath"="System32\Drivers\usbvideo.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UxSms]
"ServiceDll"="%SystemRoot%\System32\uxsms.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UxTuneUp]
"ServiceDll"="%SystemRoot%\System32\uxtuneup.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vds]
"ImagePath"="%SystemRoot%\System32\vds.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vga]
"ImagePath"="system32\DRIVERS\vgapnp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\viaagp]
"ImagePath"="\SystemRoot\system32\drivers\viaagp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ViaC7]
"ImagePath"="\SystemRoot\system32\drivers\viac7.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\viaide]
"ImagePath"="\SystemRoot\system32\drivers\viaide.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\volmgr]
"ImagePath"="system32\drivers\volmgr.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\volmgrx]
"ImagePath"="System32\drivers\volmgrx.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\volsnap]
"ImagePath"="system32\drivers\volsnap.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vsmraid]
"ImagePath"="\SystemRoot\system32\drivers\vsmraid.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\VSS]
"ImagePath"="%systemroot%\system32\vssvc.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\W3SVC]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WacomPen]
"ImagePath"="\SystemRoot\system32\drivers\wacompen.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wanarpv6]
"ImagePath"="system32\DRIVERS\wanarp.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wcncsvc]
"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WcsPlugInService]
"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wd]
"ImagePath"="\SystemRoot\system32\drivers\wd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wdf01000]
"ImagePath"="system32\drivers\Wdf01000.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WdiServiceHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WdiSystemHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wecsvc]
"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wercplsupport]
"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WerSvc]
"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\winbondcir]
"ImagePath"="system32\DRIVERS\winbondcir.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WinDefend]
"ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WinHttpAutoProxySvc]
"ServiceDll"="winhttp.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Winsock]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WinSock2]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Wlansvc]
"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wlidsvc]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WmiAcpi]
"ImagePath"="\SystemRoot\system32\drivers\wmiacpi.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WmiApRpl]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wmiApSrv]
"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WMPNetworkSvc]
"ImagePath"="\"%ProgramFiles%\Windows Media Player\wmpnetwk.exe\""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WPCSvc]
"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WPDBusEnum]
"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WpdUsb]
"ImagePath"="system32\DRIVERS\wpdusb.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WPFFontCache_v0400]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ws2ifsl]
"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WSearch]
"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WSearchIdxPi]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuaueng.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WUDFRd]
"ImagePath"="system32\DRIVERS\WUDFRd.sys"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\wudfsvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\xmlprov]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{A3E2FD3B-FEA8-4216-B204-E19724F35CDF}]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{B12331E9-E70F-4271-AA46-B14979166D72}]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{C1CB7CA7-04A0-44AE-BCF8-C0CB485996EA}]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{FEF97860-F75A-4667-BB28-A66C780B88EC}]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{GT07DOT2-11ED-4329-B92E-3ADA2FCFCDD0}]

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{GT5E3DA4-11ED-4329-B92E-3ADA2FCFCDD0}]
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-11-06 20:40:15
ComboFix-quarantined-files.txt 2010-11-07 00:40

Pre-Run: 16,789,676,032 bytes free
Post-Run: 16,646,033,408 bytes free

- - End Of File - - CB2E7662670AAB7AAFE29294ED961DFC
Kimberly

#6 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:34 PM

Posted 07 November 2010 - 06:45 AM

Hello, SouthrnSmile40.

That's an image for a Dell computer, so you can't reformat your computer with that. We might be able to pull of files if we need to, but it won't be able to reformat your computer unfortunately.



Step 1

  • Download TDSSKiller.exe and save it to your desktop.
  • Double-click TDSSKiller.exe to run it.
  • Under "Objects to scan" ensure both "Services and Drivers" and "Boot Sectors" are checked.
  • Click Start scan and allow it to scan for Malicious objects.
  • If malicious objects are found, the default action will be Cure, ensure Cure is selected then click Continue.
  • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected then click Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  • A log will be created on your root (usually C:) drive. The log is like UtilityName.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt
  • If no reboot is required, click on Report. A log file should appear.
  • Please post the contents of the logfile in your next reply

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#7 SouthrnSmile40

SouthrnSmile40
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 PM

Posted 07 November 2010 - 11:30 AM

Hi etavares. Thank you for your response. Then I certainly will not be running the Dell dvd on the computer...Lol....Thank you for straightening that out for me before I did something crazy..Lol.....Below is the TDSSKILLER Log as you requested :

Kimberly :P

2010/11/07 10:56:27.0777 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59
2010/11/07 10:56:27.0777 ================================================================================
2010/11/07 10:56:27.0777 SystemInfo:
2010/11/07 10:56:27.0777
2010/11/07 10:56:27.0777 OS Version: 6.0.6002 ServicePack: 2.0
2010/11/07 10:56:27.0777 Product type: Workstation
2010/11/07 10:56:27.0777 ComputerName: ARVPDNXJQS
2010/11/07 10:56:27.0777 UserName: iji
2010/11/07 10:56:27.0777 Windows directory: C:\Windows
2010/11/07 10:56:27.0777 System windows directory: C:\Windows
2010/11/07 10:56:27.0777 Processor architecture: Intel x86
2010/11/07 10:56:27.0777 Number of processors: 2
2010/11/07 10:56:27.0777 Page size: 0x1000
2010/11/07 10:56:27.0777 Boot type: Normal boot
2010/11/07 10:56:27.0777 ================================================================================
2010/11/07 10:56:31.0240 Initialize success
2010/11/07 10:57:01.0129 ================================================================================
2010/11/07 10:57:01.0129 Scan started
2010/11/07 10:57:01.0129 Mode: Manual;
2010/11/07 10:57:01.0129 ================================================================================
2010/11/07 10:57:05.0279 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/11/07 10:57:06.0090 ADASPROT (e9b047e166480f67fb6d50b3eec8bd35) C:\Program Files\Advanced System Optimizer 3\adasprot32.sys
2010/11/07 10:57:06.0449 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2010/11/07 10:57:06.0511 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2010/11/07 10:57:06.0699 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2010/11/07 10:57:06.0777 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2010/11/07 10:57:06.0979 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2010/11/07 10:57:07.0416 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
2010/11/07 10:57:08.0727 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2010/11/07 10:57:09.0865 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/11/07 10:57:10.0770 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2010/11/07 10:57:11.0410 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2010/11/07 10:57:11.0457 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2010/11/07 10:57:11.0519 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2010/11/07 10:57:11.0613 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2010/11/07 10:57:11.0784 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2010/11/07 10:57:11.0893 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2010/11/07 10:57:12.0081 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/07 10:57:12.0127 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/11/07 10:57:12.0330 atikmdag (22d300f835600c9c634860cf2912f9cf) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/11/07 10:57:12.0673 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
2010/11/07 10:57:12.0970 Avgfwfd (26a4640a8f16f8ce39b93329c83bb15a) C:\Windows\system32\DRIVERS\avgfwd6x.sys
2010/11/07 10:57:13.0126 AVGIDSDrivervtx (1bf5706111544aefe29f64783c22d8fb) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys
2010/11/07 10:57:13.0422 AVGIDSErHrvtx (3efc8f7eae54b780d1e0730da23dad25) C:\Windows\system32\Drivers\AVGIDSvx.sys
2010/11/07 10:57:14.0155 AVGIDSFiltervtx (a19902063d7368864cc5708f4d1b1c97) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys
2010/11/07 10:57:14.0514 AVGIDSShimvtx (034df5434a092e3bb963d1febff7aabf) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys
2010/11/07 10:57:14.0826 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\system32\Drivers\avgldx86.sys
2010/11/07 10:57:14.0951 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\system32\Drivers\avgmfx86.sys
2010/11/07 10:57:15.0045 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\Windows\system32\Drivers\avgrkx86.sys
2010/11/07 10:57:15.0216 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\Windows\system32\Drivers\avgtdix.sys
2010/11/07 10:57:15.0325 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/11/07 10:57:15.0825 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/07 10:57:16.0074 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/11/07 10:57:16.0105 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/11/07 10:57:16.0480 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/11/07 10:57:16.0667 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/11/07 10:57:16.0745 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/11/07 10:57:16.0807 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/11/07 10:57:17.0026 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/11/07 10:57:17.0307 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/07 10:57:17.0525 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/07 10:57:17.0868 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2010/11/07 10:57:18.0321 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/11/07 10:57:19.0381 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/07 10:57:19.0569 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2010/11/07 10:57:19.0787 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/07 10:57:20.0286 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2010/11/07 10:57:20.0411 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2010/11/07 10:57:20.0629 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/11/07 10:57:20.0723 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/11/07 10:57:21.0051 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2010/11/07 10:57:21.0113 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2010/11/07 10:57:21.0222 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2010/11/07 10:57:21.0487 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/11/07 10:57:21.0597 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/07 10:57:21.0784 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/11/07 10:57:21.0862 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/11/07 10:57:22.0080 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2010/11/07 10:57:22.0174 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/11/07 10:57:22.0377 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/11/07 10:57:22.0439 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/07 10:57:22.0564 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/11/07 10:57:22.0720 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/11/07 10:57:23.0016 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/07 10:57:23.0188 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/11/07 10:57:23.0422 fssfltr (491e9d9a26a745f6ae7d570849f4bd87) C:\Windows\system32\DRIVERS\fssfltr.sys
2010/11/07 10:57:23.0547 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
2010/11/07 10:57:24.0373 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/07 10:57:24.0670 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
2010/11/07 10:57:24.0795 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2010/11/07 10:57:25.0029 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2010/11/07 10:57:25.0372 GTPTSER (b7d480186f433a08ad31f19a4afea888) C:\Windows\system32\DRIVERS\gtptser.sys
2010/11/07 10:57:25.0606 GTSCSER (e28cf2f7e9bf9a3b42986848ee6f6fcc) C:\Windows\system32\DRIVERS\gtscser.sys
2010/11/07 10:57:25.0809 GTUQBUS (ad4c38fe124cbd62ba9ccb1e4dfe7b3c) C:\Windows\system32\DRIVERS\gtuqbus.sys
2010/11/07 10:57:26.0074 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2010/11/07 10:57:26.0245 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/07 10:57:26.0526 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/11/07 10:57:26.0589 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\DRIVERS\hidir.sys
2010/11/07 10:57:26.0698 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/07 10:57:26.0854 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2010/11/07 10:57:26.0916 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2010/11/07 10:57:27.0119 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2010/11/07 10:57:27.0181 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/07 10:57:27.0228 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2010/11/07 10:57:27.0337 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/11/07 10:57:27.0509 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2010/11/07 10:57:28.0258 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/07 10:57:28.0461 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/07 10:57:29.0428 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2010/11/07 10:57:29.0787 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/11/07 10:57:30.0738 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/11/07 10:57:30.0910 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2010/11/07 10:57:31.0066 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/07 10:57:31.0097 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/11/07 10:57:31.0659 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/11/07 10:57:31.0830 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/07 10:57:32.0127 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/07 10:57:32.0345 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys
2010/11/07 10:57:32.0532 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys
2010/11/07 10:57:32.0626 KR3NPXP (485e005cd51ff502fb16483eb4b69c17) C:\Windows\system32\drivers\kr3npxp.sys
2010/11/07 10:57:33.0203 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/07 10:57:33.0765 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/07 10:57:33.0967 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2010/11/07 10:57:34.0061 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2010/11/07 10:57:34.0123 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2010/11/07 10:57:34.0326 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/11/07 10:57:34.0794 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2010/11/07 10:57:36.0167 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/11/07 10:57:36.0339 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/07 10:57:36.0432 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/07 10:57:36.0604 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/07 10:57:36.0791 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/11/07 10:57:36.0947 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2010/11/07 10:57:36.0994 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/07 10:57:37.0056 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/11/07 10:57:37.0134 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/11/07 10:57:37.0243 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/07 10:57:37.0306 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/07 10:57:37.0665 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/07 10:57:37.0789 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2010/11/07 10:57:37.0821 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2010/11/07 10:57:38.0039 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/11/07 10:57:38.0148 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/11/07 10:57:38.0304 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/07 10:57:38.0398 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/07 10:57:38.0476 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/11/07 10:57:38.0850 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/11/07 10:57:39.0084 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/07 10:57:39.0131 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/11/07 10:57:39.0271 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/11/07 10:57:39.0381 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/07 10:57:39.0817 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/11/07 10:57:40.0114 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/07 10:57:40.0285 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/07 10:57:40.0629 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/07 10:57:40.0707 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/11/07 10:57:40.0878 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/07 10:57:40.0972 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/07 10:57:41.0658 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/11/07 10:57:41.0845 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/11/07 10:57:41.0923 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/07 10:57:42.0157 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/11/07 10:57:42.0594 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/11/07 10:57:42.0859 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/11/07 10:57:43.0031 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2010/11/07 10:57:43.0078 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2010/11/07 10:57:43.0140 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2010/11/07 10:57:43.0546 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/07 10:57:43.0733 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/11/07 10:57:43.0795 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/11/07 10:57:43.0842 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/11/07 10:57:43.0920 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
2010/11/07 10:57:44.0061 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/11/07 10:57:44.0139 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2010/11/07 10:57:44.0482 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/11/07 10:57:44.0591 PCTINDIS5 (351bd8c80b2c411ea5a122fcfed4d7c8) C:\Windows\system32\PCTINDIS5.SYS
2010/11/07 10:57:44.0934 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/11/07 10:57:45.0199 phc700 (4b7dfadb6df748894597d1e54d84a23a) C:\Windows\system32\DRIVERS\phc700.sys
2010/11/07 10:57:45.0527 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/07 10:57:45.0589 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2010/11/07 10:57:45.0964 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/07 10:57:46.0151 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2010/11/07 10:57:46.0213 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/11/07 10:57:46.0541 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/07 10:57:46.0713 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/07 10:57:47.0290 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/07 10:57:47.0461 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/07 10:57:47.0493 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/11/07 10:57:47.0539 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/07 10:57:47.0586 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/07 10:57:47.0695 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2010/11/07 10:57:47.0805 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/07 10:57:47.0898 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/11/07 10:57:47.0976 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/11/07 10:57:48.0148 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/11/07 10:57:48.0741 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/11/07 10:57:49.0209 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
2010/11/07 10:57:49.0474 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/07 10:57:50.0457 RTL8169 (d6fae13afacef23a6471d23284b8a164) C:\Windows\system32\DRIVERS\Rtlh86.sys
2010/11/07 10:57:50.0675 RTL8187B (7fe5089eb5f624899de08c30db4377fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
2010/11/07 10:57:51.0065 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2010/11/07 10:57:51.0112 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2010/11/07 10:57:51.0252 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/11/07 10:57:51.0346 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/07 10:57:51.0783 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/11/07 10:57:51.0892 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/11/07 10:57:51.0954 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/11/07 10:57:52.0110 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/11/07 10:57:52.0188 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/11/07 10:57:52.0843 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2010/11/07 10:57:52.0921 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/11/07 10:57:52.0968 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/11/07 10:57:53.0171 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2010/11/07 10:57:53.0218 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2010/11/07 10:57:53.0296 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2010/11/07 10:57:53.0421 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/11/07 10:57:53.0577 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/11/07 10:57:53.0748 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2010/11/07 10:57:53.0826 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/07 10:57:53.0904 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/07 10:57:54.0060 sscdbus (ffe42941e0326c322f40b0b79a46493c) C:\Windows\system32\DRIVERS\sscdbus.sys
2010/11/07 10:57:54.0247 sscdmdfl (a68e7d87adfbb8c50d88cd58230c6819) C:\Windows\system32\DRIVERS\sscdmdfl.sys
2010/11/07 10:57:54.0575 sscdmdm (b534b24151281856ec2f69ed3d6d60dd) C:\Windows\system32\DRIVERS\sscdmdm.sys
2010/11/07 10:57:54.0653 sscdserd (d04bd59f28c78e2e66632092cafc0a2b) C:\Windows\system32\DRIVERS\sscdserd.sys
2010/11/07 10:57:54.0747 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/07 10:57:54.0840 swivsp (5230aab3a00b0a1b89580d8ed85b5bfa) C:\Windows\system32\DRIVERS\swivspnt.sys
2010/11/07 10:57:55.0074 swmsflt (851681f7d3200e2a646c5ee4d4e9883d) C:\Windows\System32\drivers\swmsflt.sys
2010/11/07 10:57:55.0121 SWNC8U56 (2f6f8b7f821c994de3d1caf399bf9cd3) C:\Windows\system32\DRIVERS\swnc8u56.sys
2010/11/07 10:57:55.0417 SWUMX56 (903a5e596a3910cebfa33f3bd7d9c174) C:\Windows\system32\DRIVERS\swumx56.sys
2010/11/07 10:57:55.0495 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/11/07 10:57:55.0527 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/11/07 10:57:55.0683 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/11/07 10:57:55.0729 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
2010/11/07 10:57:55.0854 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2010/11/07 10:57:56.0041 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/07 10:57:56.0166 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/07 10:57:56.0260 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
2010/11/07 10:57:56.0494 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/11/07 10:57:56.0587 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/11/07 10:57:56.0665 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/07 10:57:56.0821 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/07 10:57:56.0977 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
2010/11/07 10:57:57.0211 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
2010/11/07 10:57:57.0321 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/07 10:57:57.0461 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
2010/11/07 10:57:57.0804 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/11/07 10:57:57.0898 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/07 10:57:57.0976 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
2010/11/07 10:57:58.0023 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2010/11/07 10:57:58.0225 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/07 10:57:58.0319 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2010/11/07 10:57:58.0366 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2010/11/07 10:57:58.0506 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/11/07 10:57:58.0553 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/11/07 10:57:58.0600 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/07 10:57:58.0787 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2010/11/07 10:57:58.0881 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/07 10:57:59.0083 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/11/07 10:57:59.0177 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/07 10:57:59.0239 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/07 10:57:59.0411 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2010/11/07 10:57:59.0473 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2010/11/07 10:57:59.0520 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2010/11/07 10:57:59.0661 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/07 10:57:59.0754 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/07 10:57:59.0926 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
2010/11/07 10:58:00.0004 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/07 10:58:00.0066 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/11/07 10:58:00.0144 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2010/11/07 10:58:00.0253 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2010/11/07 10:58:00.0300 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2010/11/07 10:58:00.0394 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/11/07 10:58:00.0441 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/11/07 10:58:00.0597 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/11/07 10:58:00.0675 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2010/11/07 10:58:00.0737 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/11/07 10:58:00.0862 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/07 10:58:00.0877 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/07 10:58:00.0924 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2010/11/07 10:58:01.0018 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/07 10:58:01.0205 winbondcir (3fa87d56769838aac82fafc3e78fc732) C:\Windows\system32\DRIVERS\winbondcir.sys
2010/11/07 10:58:01.0564 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2010/11/07 10:58:01.0751 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/11/07 10:58:01.0845 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/07 10:58:01.0923 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/07 10:58:02.0047 ================================================================================
2010/11/07 10:58:02.0047 Scan finished
2010/11/07 10:58:02.0047 ================================================================================
Kimberly

#8 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:34 PM

Posted 08 November 2010 - 07:15 PM

Hello, SouthrnSmile40.

Please let me know how your computer is running after this.


Step 1

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
Registry::
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\iji\AppData\Local\Temp\SFX6680.tmp\SwiApiMux.exe"=-
"C:\Users\iji\AppData\Local\Temp\SFX760.tmp\SwiApiMux.exe"=-
"C:\Users\iji\AppData\Local\Temp\SFXA757.tmp\SwiApiMux.exe"=-
"C:\Users\iji\AppData\Local\Temp\SFXF142.tmp\SwiApiMux.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{9D6B0182-2CCD-4444-BC8A-895459DF6271}"=-


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.



Step 2

Download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • A blank Windows shall open with the title "SystemLook v1.0-by Jpshortstuff".
  • Copy and Paste the content of the following codebox into the main textfield under "File":
    :dir
    C:\Users\iji\{beee9a27-e1a2-4d0a-88ed-ecb38f3e27b0}
    C:\Users\iji\{04d9152f-78f8-4714-8a5e-a3b952c31b40}
    
  • Please Confirm everything is copied and Pasted as I have provided above
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan.
  • Please post this log in your next reply.


Note: The log can also be found on your Desktop entitled SystemLook.txt
2nd Note: The scan may take a while from several seconds to a minute or more depending on the number of files you have and how fast your computer can perform the task


etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#9 SouthrnSmile40

SouthrnSmile40
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 PM

Posted 08 November 2010 - 10:08 PM

Hi etavares. Enclosed is the log from the combofix run. However--when I tried to run the systemlook file this is what I got " The application failed to initialize properly (0xc0000022). Click OK to terminate the application". when I click OK...I get a message that Windows is searching for a solution...and then another windows that says " SystemLook.exe has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available-close program."......Also I have tried to uninstall the programs that you suggested to be uninstalled along with many others and it tells me that they have already been uninstalled and ask me if I want to remove them from the Add/Remove programs list...as well as I keep getting this error code when I check for Windows Updates--" Windows could not search for new updates. An error occured while checking for new updates for your computer. Error(s) found: Code 80040154. Windows update encountered an unknown error. Thank you so much with all your help.
Kimberly

ComboFix 10-11-07.01 - iji 11/08/2010 20:33:08.2.2 - x86
Running from: c:\users\iji\Desktop\etavaresCF.exe.exe
Command switches used :: c:\users\iji\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\etavaresCF.exe
c:\users\iji\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 . . . . Failed to delete

.
((((((((((((((((((((((((( Files Created from 2010-10-09 to 2010-11-09 )))))))))))))))))))))))))))))))
.

2010-11-09 01:58 . 2010-11-09 01:58 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-11-09 01:58 . 2010-11-09 01:58 -------- d-----w- c:\users\Experience\AppData\Local\temp
2010-11-09 01:58 . 2010-11-09 01:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-08 22:31 . 2010-11-08 22:31 -------- d-----w- c:\users\iji\{4bf6b5a3-14d7-4430-ba2a-c9e2eaa5a34c}
2010-11-08 22:24 . 2010-11-08 22:24 -------- d-----w- c:\program files\MarkAny
2010-11-08 19:48 . 2010-11-08 19:48 -------- d-----w- C:\found.000
2010-11-08 13:09 . 2010-04-27 02:25 14920 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2010-11-08 13:09 . 2010-04-27 02:25 132424 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2010-11-08 13:09 . 2010-04-27 02:25 12488 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2010-11-08 13:09 . 2010-04-27 02:25 12488 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2010-11-08 13:09 . 2010-04-27 02:25 110280 ----a-w- c:\windows\system32\drivers\sscdserd.sys
2010-11-08 13:09 . 2010-04-27 02:25 12616 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2010-11-08 13:09 . 2010-04-27 02:25 12616 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2010-11-08 13:09 . 2010-04-27 02:25 104648 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2010-11-08 12:37 . 2010-11-08 12:37 -------- d-----w- c:\users\iji\{c3720061-68cc-4074-a4ff-d36492a70c3e}
2010-11-08 07:13 . 2010-11-08 07:13 -------- d-----w- c:\users\iji\AppData\Local\mfmanager
2010-11-08 07:10 . 2010-11-08 07:10 -------- d-----w- c:\program files\Virtual-Protect
2010-11-07 08:48 . 2010-11-08 14:27 -------- d-----w- c:\windows\system32\catroot2
2010-11-05 07:51 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7C5C8D7-9152-4302-AB98-D39D1E3C177E}\mpengine.dll
2010-11-04 22:35 . 2010-11-04 22:35 -------- d-----w- c:\users\iji\AppData\Roaming\Mipony
2010-11-04 22:34 . 2010-11-04 22:34 -------- d-----w- c:\program files\MiPony
2010-11-04 22:00 . 2010-11-04 22:00 -------- d-----w- c:\program files\Singlesnet
2010-11-04 03:08 . 2010-11-04 03:08 -------- d-----w- c:\windows\system32\Silabs
2010-11-04 00:19 . 2010-11-04 00:19 -------- d-----w- c:\users\iji\AppData\Roaming\ML
2010-11-03 23:59 . 2010-11-03 23:59 -------- d-----w- c:\programdata\Samsung
2010-11-03 23:32 . 2010-11-03 23:32 -------- d-----w- c:\users\iji\{beee9a27-e1a2-4d0a-88ed-ecb38f3e27b0}
2010-11-03 23:32 . 2010-11-03 23:32 -------- d-----w- c:\users\iji\{04d9152f-78f8-4714-8a5e-a3b952c31b40}
2010-11-03 23:30 . 2010-11-08 22:31 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2010-11-03 23:30 . 2010-11-03 23:30 -------- d-----w- c:\program files\DIFX
2010-11-03 23:29 . 2010-07-29 07:50 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe
2010-11-03 23:29 . 2010-06-14 00:32 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2010-11-03 23:29 . 2009-11-02 14:39 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2010-11-03 23:28 . 2010-11-04 01:10 -------- d-----w- c:\users\iji\AppData\Roaming\Samsung
2010-11-03 23:24 . 2010-11-08 22:32 -------- d-----w- c:\program files\Samsung
2010-11-03 23:16 . 2010-11-08 22:33 -------- d-----w- c:\users\iji\AppData\Local\Downloaded Installations
2010-11-03 22:47 . 2010-11-03 22:45 115331072 ----a-w- c:\program files\Samsung New PC Studio.msi
2010-11-03 22:40 . 2010-11-03 22:33 7772672 ----a-w- c:\program files\Samsung New PC Studio USB Driver Installer.msi
2010-10-26 22:30 . 2010-10-26 22:30 -------- d-----w- c:\users\iji\AppData\Local\AVG Security Toolbar
2010-10-25 21:02 . 2010-10-25 21:02 -------- d-----w- c:\program files\Sophos
2010-10-25 13:50 . 2010-10-25 13:50 -------- d-----w- c:\programdata\PMB Files
2010-10-25 12:22 . 2010-10-25 12:23 -------- d-----w- c:\program files\YouTube Downloader
2010-10-25 01:38 . 2010-10-25 01:38 -------- d-----w- C:\$AVG
2010-10-24 20:56 . 2010-10-24 20:56 -------- d-----w- c:\users\iji\AppData\Roaming\Auslogics
2010-10-24 20:56 . 2010-10-24 20:56 -------- d-----w- c:\program files\Auslogics
2010-10-24 17:45 . 2010-10-24 17:45 -------- d-----w- c:\users\iji\AppData\Roaming\SUPERAntiSpyware.com
2010-10-24 17:45 . 2010-10-24 17:45 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-10-24 17:43 . 2010-10-24 17:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-10-24 17:04 . 2010-10-24 21:26 -------- d-----w- c:\users\iji\AppData\Roaming\kikin
2010-10-24 17:04 . 2010-10-24 17:04 -------- d-----w- c:\program files\kikin
2010-10-24 17:03 . 2010-11-05 09:50 -------- d-----w- c:\users\iji\AppData\Roaming\mIRC
2010-10-24 17:03 . 2010-10-24 17:04 -------- d-----w- c:\users\iji\AppData\Local\OpenCandy
2010-10-24 17:03 . 2010-10-24 17:03 -------- d-----w- c:\users\iji\AppData\Roaming\OpenCandy
2010-10-24 17:03 . 2010-10-24 17:03 -------- d-----w- c:\program files\mIRC
2010-10-24 15:35 . 2010-10-24 15:35 -------- d-----w- c:\users\iji\AppData\Local\WeatherBug
2010-10-24 15:34 . 2010-10-24 15:34 -------- d-----w- c:\users\iji\AppData\Roaming\WeatherBug
2010-10-24 15:34 . 2010-10-24 15:34 18944 ----a-r- c:\users\iji\AppData\Roaming\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A16301.exe
2010-10-24 15:34 . 2010-10-24 15:34 11264 ----a-r- c:\users\iji\AppData\Roaming\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A1630.exe
2010-10-24 15:34 . 2010-10-24 15:34 -------- d-----w- c:\program files\AWS
2010-10-24 04:07 . 2010-10-24 04:07 -------- d-----w- c:\users\iji\AppData\Roaming\Systweak
2010-10-24 03:51 . 2010-10-24 03:51 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-10-24 03:51 . 2010-10-24 03:54 -------- d--h--w- c:\program files\Temp
2010-10-23 05:10 . 2010-10-25 19:51 -------- d-----w- c:\users\iji\DoctorWeb
2010-10-22 17:05 . 2010-10-22 17:05 -------- d-----w- c:\program files\ESET
2010-10-20 20:55 . 2010-10-20 20:55 -------- d-----w- c:\users\iji\AppData\Roaming\Malwarebytes
2010-10-20 20:55 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-20 20:55 . 2010-10-20 20:55 -------- d-----w- c:\programdata\Malwarebytes
2010-10-20 20:55 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-20 20:55 . 2010-10-20 20:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-20 16:53 . 2010-10-20 16:53 -------- d-----w- c:\program files\uTorrent
2010-10-20 16:21 . 2010-10-20 18:08 -------- d-----w- c:\users\iji\AppData\Roaming\ImgBurn
2010-10-20 16:20 . 2010-10-20 16:20 -------- d-----w- c:\program files\ImgBurn
2010-10-20 13:27 . 2009-04-16 18:08 312832 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp70v.dll
2010-10-20 13:27 . 2009-04-15 21:53 452408 ----a-w- c:\windows\system32\hpzids01.dll
2010-10-20 13:26 . 2009-04-16 18:08 126976 ----a-w- c:\windows\system32\hpfll70v.dll
2010-10-20 13:21 . 2008-10-28 10:27 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2010-10-20 13:20 . 2008-10-28 10:27 309760 ----a-w- c:\windows\system32\difxapi.dll
2010-10-19 19:10 . 2010-10-19 19:10 -------- d-----w- c:\users\iji\AppData\Roaming\AVG9
2010-10-19 16:36 . 2010-10-20 08:29 -------- d-----w- c:\program files\Mozilla Developer Preview 3.7 Alpha 5
2010-10-19 02:43 . 2010-10-19 02:43 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-10-19 02:43 . 2010-10-19 02:43 25168 ----a-w- c:\windows\system32\drivers\AVGIDSvx.sys
2010-10-19 02:43 . 2010-10-19 02:43 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-10-19 02:43 . 2010-10-19 02:43 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-10-19 02:42 . 2010-10-19 02:42 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-10-19 02:42 . 2010-10-19 02:42 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-10-19 02:42 . 2010-11-08 23:05 -------- d-----w- c:\windows\system32\drivers\Avg
2010-10-19 02:42 . 2010-10-22 16:53 -------- d-----w- c:\programdata\AVG Security Toolbar
2010-10-19 02:39 . 2010-10-19 02:39 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys
2010-10-19 02:39 . 2010-11-07 09:04 -------- d-----w- c:\programdata\avg9
2010-10-18 23:26 . 2010-10-18 23:39 -------- d-----w- c:\users\iji\AppData\Local\IM
2010-10-18 23:25 . 2010-10-18 23:25 -------- d-----w- c:\programdata\IncrediMail
2010-10-18 23:25 . 2010-10-18 23:37 -------- d-----w- c:\programdata\IM
2010-10-18 23:25 . 2010-10-18 23:25 -------- d-----w- c:\program files\IncrediMail
2010-10-18 18:33 . 2010-10-18 18:44 -------- d-----w- c:\users\iji\AppData\Roaming\DivX
2010-10-18 18:32 . 2010-10-18 18:32 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-10-18 18:31 . 2010-10-18 19:21 -------- d-----w- c:\program files\DivX
2010-10-18 18:31 . 2010-10-18 19:21 -------- d-----w- c:\programdata\DivX
2010-10-18 10:10 . 2010-10-18 10:31 -------- d-----w- c:\programdata\MFAData
2010-10-17 21:24 . 2010-10-17 21:24 -------- d-----w- c:\windows\XSxS
2010-10-17 21:24 . 2010-10-17 21:24 -------- d-----w- c:\program files\Xenocode
2010-10-17 13:39 . 2010-11-07 15:06 -------- d-----w- c:\users\iji\AppData\Roaming\HpUpdate
2010-10-17 13:38 . 2010-10-17 13:38 -------- d-----w- c:\windows\Hewlett-Packard
2010-10-17 03:19 . 2006-10-16 14:18 344064 ----a-w- c:\windows\system32\vphc710.exe
2010-10-17 02:54 . 2010-10-17 02:54 -------- d-----w- c:\users\iji\AppData\Roaming\AOLLifestream.621681294CEC3900A26138A4CB3BC67A344B732C.1
2010-10-17 02:52 . 2010-10-17 02:52 -------- d-----w- c:\program files\AOL Lifestream
2010-10-17 02:44 . 2010-10-17 02:45 -------- d-----w- c:\users\iji\AppData\Roaming\acccore
2010-10-17 02:44 . 2010-10-17 02:44 -------- d-----w- c:\users\iji\AppData\Local\AIM
2010-10-17 02:44 . 2010-10-17 02:44 -------- d-----w- c:\users\iji\AppData\Local\AOL
2010-10-17 02:43 . 2010-10-17 02:43 -------- d-----w- c:\programdata\AIM
2010-10-17 02:43 . 2010-10-17 02:43 -------- d-----w- c:\program files\AIM
2010-10-17 02:43 . 2010-10-17 02:43 -------- d-----w- c:\program files\Common Files\Software Update Utility
2010-10-17 02:43 . 2010-10-17 02:43 -------- d-----w- c:\program files\Common Files\AOL
2010-10-17 02:23 . 2010-10-17 02:23 -------- d-----w- c:\program files\Unknown Device Identifier
2010-10-17 01:33 . 2010-10-26 08:29 -------- d-----w- c:\users\iji\AppData\Roaming\Bandoo
2010-10-17 01:29 . 2010-10-17 01:29 -------- d-----w- c:\program files\Driver-Soft
2010-10-15 14:45 . 2010-10-26 07:52 -------- d-----w- c:\programdata\Bandoo
2010-10-15 14:43 . 2010-10-15 14:46 -------- d-----w- c:\program files\Bandoo
2010-10-15 14:35 . 2010-10-15 14:35 -------- d-----w- c:\users\iji\AppData\Roaming\sb_temp
2010-10-15 14:35 . 2010-10-15 14:35 -------- d-----w- c:\program files\Smile Brush
2010-10-15 14:31 . 2010-10-15 14:31 -------- d-----w- c:\users\iji\AppData\Roaming\nswb
2010-10-15 14:31 . 2010-10-15 14:31 -------- d-----w- c:\program files\EZ Emoticons
2010-10-15 09:17 . 2010-10-15 09:17 -------- d-----w- c:\programdata\Iminent
2010-10-15 09:12 . 2010-10-15 09:12 -------- d-----w- c:\program files\IMinent Toolbar
2010-10-15 08:18 . 2010-10-15 08:18 -------- d-----w- c:\programdata\McAfee Security Scan
2010-10-15 08:17 . 2010-10-15 08:28 -------- d-----w- c:\program files\McAfee Security Scan
2010-10-15 08:16 . 2010-10-17 13:35 -------- d-----w- c:\program files\NOS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-22 05:24 . 2010-09-28 12:50 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2010-10-19 15:41 . 2010-09-22 20:04 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-02 01:35 . 2010-10-02 01:35 553760 ----a-w- c:\users\iji\Mats_Run.maintenance.exe
2010-10-02 01:34 . 2010-10-02 01:33 554272 ----a-w- c:\users\iji\Mats_Run.performance.exe
2010-09-28 01:45 . 2010-09-28 00:58 498580680 ----a-w- c:\users\iji\Windows6.0-KB948465-X86.exe
2010-09-24 01:09 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-09-24 01:07 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-09-20 18:05 . 2010-09-20 18:05 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2010-09-15 08:50 . 2010-09-28 20:14 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-08 15:17 . 2010-09-08 15:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17 . 2010-09-08 15:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-08-17 14:11 . 2010-09-28 18:20 128000 ----a-w- c:\windows\system32\spoolsv.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-10-06 2475336]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
2010-07-02 13:54 2607872 ----a-w- c:\program files\IMinent Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-10-06 15:31 2475336 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2010-09-09 18:02 799472 ----a-w- c:\program files\kikin\ie_kikin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
2010-09-20 13:05 2194944 ----a-w- c:\program files\Bandoo\Plugins\IE\ieplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-10-06 2475336]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-10-06 2475336]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-31 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-10-26 353736]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-09-28 2424560]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-29 95576]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-10-20 328568]
"Pando"="c:\program files\Pando Networks\Pando\Pando.exe" [2010-10-24 4954008]
"AutoStart PC Studio"="c:\program files\Samsung\Samsung New PC Studio\NewPCStudio.exe" [2010-07-29 2598240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="realsched.exe -osboot" [X]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-15 102400]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-10-19 2067808]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
"phc700"="c:\windows\system32\vphc700.exe" [2005-07-20 339968]
"mfmanager"="c:\program files\Virtual-Protect\MyFolder2.5\mfmanager.exe" [2010-11-03 1348608]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TrayMin710.exe.lnk - c:\program files\Philips\Philips SPC710NC Webcam\TrayMin710.exe [2010-10-16 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\windows\System32\avgrsstx.dll c:\progra~1\Bandoo\BndHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEMO]
2008-09-02 18:43 344064 ----a-w- c:\program files\EZ Emoticons\EZ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMBooster]
2010-08-16 20:07 1631736 ----a-w- c:\program files\Iminent\IMBooster\IMBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iminent.Notifier]
2010-07-09 20:21 536056 ----a-w- c:\program files\Iminent\SearchTheWeb\Iminent.Notifier.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\iji\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"PowerSuite"="c:\program files\Uniblue\PowerSuite\launcher.exe" delay 20000 -m

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"EfficientLadysOrganizer"=

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"AirPort Base Station Agent"="c:\program files\AirPort\APAgent.exe"
"phc700"=c:\windows\vphc700.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"IdiomaX Office"=c:\program files\IdiomaX\Translation Suite 5.0\IdxOffice.exe
"IdiomaX Product Update"=c:\program files\Common Files\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe /AUTOSTART
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"mcagent_exe"=c:\program files\McAfee.com\Agent\mcagent.exe /runkey

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 135664]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R3 ADASPROT;SYSTWEAKASO;c:\program files\Advanced System Optimizer 3\adasprot32.sys [2010-07-30 6656]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
R3 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]
R3 AVGIDSDrivervtx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys [2010-10-19 122448]
R3 AVGIDSFiltervtx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys [2010-10-19 30288]
R3 AVGIDSShimvtx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys [2010-10-19 27216]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-09 30192]
R3 GTUQBUS;GT UQ BUS;c:\windows\system32\DRIVERS\gtuqbus.sys [2007-09-05 37120]
R3 IO_Memory;IO_Memory;c:\windows\SYSTEM32\SYSPREP\Drivers\ioport.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\B0FB.tmp [x]
R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2008-01-19 21504]
R3 phc700;USB PC Camera (SPC700NC);c:\windows\system32\DRIVERS\phc700.sys [2006-10-16 644864]
R3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\DRIVERS\swivspnt.sys [2007-03-26 20352]
R3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);c:\windows\system32\DRIVERS\swnc8u56.sys [2007-06-27 101248]
R3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);c:\windows\system32\DRIVERS\swumx56.sys [2007-06-27 73856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\Advanced System Optimizer 3\ASO3DefragSrv.exe [2010-10-05 239928]
R4 PremierOpinion;PremierOpinion;c:\program files\PremierOpinion\pmservice.exe [x]
S0 AVGIDSErHrvtx;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSvx.sys [2010-10-19 25168]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-10-19 52872]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-10-19 24856]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-10-19 216400]
S1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-10-19 243024]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-06-17 616408]
S2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-10-19 921952]
S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-10-19 308136]
S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [2010-10-19 2331544]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-29 238952]
S2 mfservice;mfservice;c:\program files\Virtual-Protect\MyFolder2.5\mfservice.exe [2010-11-03 89600]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
S3 mfkrnl2;mfkrnl2;c:\program files\Virtual-Protect\MyFolder2.5\mfkrnl.sys [2010-11-03 112128]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-06-10 347648]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - FSUSBEXDISK

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-11-09 c:\windows\Tasks\ASOService.job
- c:\program files\Advanced System Optimizer 3\ASO3.exe [2010-10-05 17:59]

2010-11-09 c:\windows\Tasks\Free File Viewer Update Checker.job
- c:\program files\FreeFileViewer\FFVCheckForUpdates.exe [2010-09-19 17:37]

2010-11-09 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-09-20 14:32]

2010-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 18:52]

2010-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 18:52]

2010-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659419934-660851909-4252960256-1000Core.job
- c:\users\iji\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 12:21]

2010-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659419934-660851909-4252960256-1000UA.job
- c:\users\iji\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 12:21]

2010-09-20 c:\windows\Tasks\IdiomaX Product Update.job
- c:\program files\Common Files\IdiomaX Shared\Cat 6.0\IdxLUpdate.exe [2007-07-16 03:40]

2010-11-08 c:\windows\Tasks\User_Feed_Synchronization-{37787454-5E3E-4688-A3AB-839DD24D6B8E}.job
- c:\windows\system32\msfeedssync.exe [2010-10-12 04:25]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.xfinity.com/?cid=xfactiv_eg_self_main
mWindow Title = Windows Internet Explorer provided by Comcast
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Add animation to IncrediMail Style Box - c:\program files\IncrediMail\bin\resources\WebMenuImg.htm
IE: Download with Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
TCP: {CD9E7125-9FA0-4988-8EDD-3BB9588C646D} = 209.183.35.23 209.183.33.23
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
FF - ProfilePath - c:\users\iji\AppData\Roaming\Mozilla\Firefox\Profiles\5b310vvu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\NOS\bin\np_gp.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\users\iji\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\iji\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\iji\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-NPSStartup - (no file)
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-08 21:10
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\B0FB.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\toshiba\IVP\ISM\pinger.exe
c:\program files\AVG\AVG9\avgam.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\toshiba\IVP\swupdate\swupdtmr.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\progra~1\Bandoo\Bandoo.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Advanced System Optimizer 3\CheckUpdate.exe
c:\windows\system32\RacAgent.exe
.
**************************************************************************
.
Completion time: 2010-11-08 21:25:03 - machine was rebooted
ComboFix-quarantined-files.txt 2010-11-09 02:24
ComboFix2.txt 2010-11-07 00:40

Pre-Run: 7,861,899,264 bytes free
Post-Run: 7,606,468,608 bytes free

- - End Of File - - 4659398E2BBBC3428C68A50A7EEAE1E9
Kimberly

#10 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:34 PM

Posted 09 November 2010 - 07:29 PM

Hello, SouthrnSmile40.


Step 1

We need run an OTL Script
  • Please download OTL from one of the following mirrors if you do not still have it.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Paste the following code under the Custom Scans/Fixes box at the bottom. Do not include the word "Code".
    :files
    c:\users\iji\{c3720061-68cc-4074-a4ff-d36492a70c3e}
    c:\users\iji\{4bf6b5a3-14d7-4430-ba2a-c9e2eaa5a34c}
    
  • Click the Run Fix button at the top.
  • let the program run unhindered and reboot when it is done.
  • You will get a log when it is done, please post that in your reply.
  • Please then create a new OTL report....
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • A report will open, copy and paste it in a reply here.



Step 2

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Please click this link-->Jotti

When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.

c:\users\iji\AppData\Roaming\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A16301.exe

Please post back the results of the scan in your next post.

If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/



Step 3


Please redownload and run SystemLook as before. Sometimes a corrupted download can impact that. If it doesn't work, please rename to syslook.exe and try again.



etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#11 SouthrnSmile40

SouthrnSmile40
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 PM

Posted 09 November 2010 - 11:40 PM

Hi etavares. I still cannot run the systenlook file even after renaming it. However enclosed are the OTL scans you have requested, and the Jotti scan. Sorry it took so long to get them back to you. Thank you so much, and have a blessed night.

Kimberly

========== FILES ==========
c:\users\iji\{c3720061-68cc-4074-a4ff-d36492a70c3e}\i386 folder moved successfully.
c:\users\iji\{c3720061-68cc-4074-a4ff-d36492a70c3e} folder moved successfully.
c:\users\iji\{4bf6b5a3-14d7-4430-ba2a-c9e2eaa5a34c}\i386 folder moved successfully.
c:\users\iji\{4bf6b5a3-14d7-4430-ba2a-c9e2eaa5a34c} folder moved successfully.

OTL by OldTimer - Version 3.2.17.3 log created on 11092010_230218

----------------------------
OTL logfile created on: 11/9/2010 11:04:19 PM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\iji\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.00 Mb Total Physical Memory | 167.00 Mb Available Physical Memory | 19.00% Memory free
2.00 Gb Paging File | 0.00 Gb Available in Paging File | 23.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 5.77 Gb Free Space | 5.23% Space Free | Partition Type: NTFS

Computer Name: ARVPDNXJQS | User Name: iji | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/09 09:40:38 | 002,069,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/09 09:40:34 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/11/06 10:37:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\iji\Desktop\OTL.exe
PRC - [2010/11/03 00:17:22 | 000,089,600 | ---- | M] () -- C:\Program Files\Virtual-Protect\MyFolder2.5\mfservice.exe
PRC - [2010/10/29 09:29:48 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/26 05:37:35 | 000,353,736 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\IncMail.exe
PRC - [2010/10/26 05:37:35 | 000,255,432 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe
PRC - [2010/10/20 11:53:52 | 000,328,568 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2010/10/18 22:42:00 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/10/18 22:41:54 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2010/10/18 21:42:12 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/10/18 21:42:12 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/10/18 21:42:05 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/10/18 21:42:05 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010/10/18 21:42:00 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/10/18 21:41:43 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/10/18 21:41:30 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/09/28 09:04:57 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/09/20 08:13:48 | 001,940,928 | ---- | M] (Discordia Limited) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2010/09/16 15:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/07/29 02:50:16 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/07/29 02:47:08 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2009/04/10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/14 09:14:20 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2007/08/15 17:31:50 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007/01/25 19:50:26 | 000,063,096 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2007/01/25 19:47:50 | 000,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe
PRC - [2006/11/14 22:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2006/10/05 14:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 18:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/25 20:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (SafeList) ==========

MOD - [2010/11/06 10:37:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\iji\Desktop\OTL.exe
MOD - [2010/10/18 21:43:14 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009/04/10 22:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
MOD - [2009/04/10 22:28:24 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009/04/10 22:28:20 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2009/04/10 22:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\PremierOpinion\pmservice.exe -- (PremierOpinion)
SRV - [2010/11/03 00:17:22 | 000,089,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Virtual-Protect\MyFolder2.5\mfservice.exe -- (mfservice)
SRV - [2010/10/18 22:41:54 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/10/18 21:42:05 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/10/18 21:42:00 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/10/18 21:41:30 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/14 14:20:53 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/10/06 10:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/10/05 12:59:20 | 000,239,928 | ---- | M] (Systweak Inc., (www.systweak.com)) [Disabled | Stopped] -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe -- (ASO3DiskOptimizer)
SRV - [2010/09/30 10:54:28 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/09/30 10:51:26 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/09/20 08:13:48 | 001,940,928 | ---- | M] (Discordia Limited) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2010/09/09 16:46:47 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/09/01 14:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/07/29 02:50:16 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/04/28 06:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/01/14 16:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/26 12:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Disabled | Stopped] -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - [2007/08/01 16:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/03/29 12:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/02/25 23:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/25 19:50:26 | 000,063,096 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/01/25 19:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/11/14 22:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/10/05 14:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 18:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 20:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\swumx20.sys -- (SWUMX20) Sierra Wireless USB MUX Driver (UMTS20)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\B0FB.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\SYSPREP\Drivers\ioport.sys -- (IO_Memory)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\iji\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/11/03 00:17:14 | 000,112,128 | ---- | M] () [File_System | On_Demand | Running] -- C:\Program Files\Virtual-Protect\MyFolder2.5\mfkrnl.sys -- (mfkrnl2)
DRV - [2010/10/18 21:43:12 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\AVGIDSvx.sys -- (AVGIDSErHrvtx)
DRV - [2010/10/18 21:43:10 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/10/18 21:43:08 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/10/18 21:42:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/10/18 21:42:55 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/10/18 21:41:56 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys -- (AVGIDSDrivervtx)
DRV - [2010/10/18 21:41:52 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys -- (AVGIDSFiltervtx)
DRV - [2010/10/18 21:41:43 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys -- (AVGIDSShimvtx)
DRV - [2010/10/18 21:39:59 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010/07/30 17:35:50 | 000,006,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Advanced System Optimizer 3\adasprot32.sys -- (ADASPROT)
DRV - [2010/06/13 19:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/28 06:44:02 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010/04/26 21:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/04/26 21:25:20 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2010/04/26 21:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/04/26 21:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/02/24 13:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/06/10 04:52:58 | 000,347,648 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009/05/25 05:50:44 | 000,164,864 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/04/10 20:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/10/16 14:30:54 | 000,026,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/08/14 09:40:40 | 000,203,312 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/03/06 14:57:32 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2007/11/09 04:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/09/08 21:13:24 | 000,032,160 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2007/09/05 16:56:14 | 000,037,120 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtuqbus.sys -- (GTUQBUS)
DRV - [2007/09/05 16:56:14 | 000,021,248 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtscser.sys -- (GTSCSER)
DRV - [2007/09/05 16:56:14 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2007/08/01 16:37:20 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007/07/28 01:36:40 | 002,929,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/06/27 08:42:34 | 000,073,856 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumx56.sys -- (SWUMX56) Sierra Wireless USB MUX Driver (UMTS56)
DRV - [2007/06/27 08:41:48 | 000,101,248 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8u56.sys -- (SWNC8U56) Sierra Wireless MUX NDIS Driver (UMTS56)
DRV - [2007/03/28 09:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007/03/26 12:18:00 | 000,020,352 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swivspnt.sys -- (swivsp)
DRV - [2007/03/22 00:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 16:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 18:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/01/03 03:43:19 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr3npxp.sys -- (KR3NPXP)
DRV - [2006/11/28 17:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 01:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 17:32:28 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 17:31:46 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/10/30 13:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/23 18:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 13:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/16 09:36:10 | 000,644,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\phc700.sys -- (phc700) USB PC Camera (SPC700NC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.xfinity.com/?cid=xfactiv_eg_self_main


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0



IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.2
FF - prefs.js..extensions.enabledItems: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.0.5
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.2
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.1.0625
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: quickdrag@mozilla.ktechcomputing.com:2.0.2.1
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.76
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.4
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: linkchecker@vik.josh:0.2d
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: mothersday2010boom@brandthunder.com:1.0.2
FF - prefs.js..extensions.enabledItems: pbupload@photobucket.com:1.3
FF - prefs.js..extensions.enabledItems: CrystalFox_Qute@BigRedBrent:3.7
FF - prefs.js..extensions.enabledItems: Gnome-Wine@Windows:2.3.1
FF - prefs.js..extensions.enabledItems: {9f94fab0-58a2-11dd-ae16-0800200c9a66}:3.0.26
FF - prefs.js..extensions.enabledItems: {31a48160-39fc-11de-8a39-0800200c9a66}:3.6.0.1
FF - prefs.js..extensions.enabledItems: bearbluebaby@loic.com:2.1.14
FF - prefs.js..extensions.enabledItems: {285da7e0-729d-11db-9fe1-0800200c9a66}:2.20091201
FF - prefs.js..extensions.enabledItems: fzamaan@gmail.com:1.25
FF - prefs.js..extensions.enabledItems: springshine@yogurttree.com:0.2.2
FF - prefs.js..keyword.URL: "http://www.bing.com/search?PC=BRTH&FORM=BT004D&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/10/26 08:46:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/29 09:29:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/30 15:29:04 | 000,000,000 | ---D | M]

[2010/10/20 03:44:09 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Extensions
[2010/09/19 18:59:19 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/11/09 22:55:51 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions
[2010/11/09 22:55:51 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/10/29 09:52:27 | 000,000,000 | ---D | M] (Tinseltown) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}
[2010/10/29 09:49:29 | 000,000,000 | ---D | M] (Toy Factory) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{31a48160-39fc-11de-8a39-0800200c9a66}
[2010/10/20 04:21:29 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/10/20 04:21:54 | 000,000,000 | ---D | M] (Google Shortcuts) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
[2010/10/29 17:49:57 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/10/20 04:21:54 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2010/10/29 09:48:32 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2010/10/20 04:21:34 | 000,000,000 | ---D | M] (WOT) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/10/24 15:32:04 | 000,000,000 | ---D | M] (kikin plugin) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010/11/07 13:04:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/10/20 04:21:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010/11/04 12:15:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/20 04:21:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/10/20 04:21:52 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2010/10/20 04:21:40 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/10/20 04:21:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/10/20 04:21:43 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/10/20 04:21:51 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010/10/20 04:21:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2010/10/29 09:50:38 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\bearbluebaby@loic.com
[2010/10/29 09:45:49 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\CrystalFox_Qute@BigRedBrent
[2010/11/03 17:21:40 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\feedly@devhd
[2010/10/20 04:21:39 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\foxmarks@kei.com
[2010/10/29 09:55:25 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\fzamaan@gmail.com
[2010/10/29 09:47:17 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\Gnome-Wine@Windows
[2010/10/20 04:56:15 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\linkchecker@vik.josh
[2010/10/29 10:09:38 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\mothersday2010boom@brandthunder.com
[2010/11/06 10:02:28 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\pbupload@photobucket.com
[2010/10/20 04:21:36 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\quickdrag@mozilla.ktechcomputing.com
[2010/10/24 10:32:36 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\searchtoolbar@zugo.com
[2010/10/20 04:21:32 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\smarterwiki@wikiatic.com
[2010/10/29 09:57:56 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\springshine@yogurttree.com
[2010/11/04 12:15:44 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\webmynd@yourentirelife.com
[2010/10/29 09:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}\chrome\mozapps\extensions
[2010/10/29 09:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}\chrome\mozapps\extensions\CVS
[2010/10/29 09:48:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}\mozapps\extensions
[2010/11/03 17:21:37 | 000,000,000 | ---D | M] -- C:\Users\iji\AppData\Roaming\mozilla\Firefox\Profiles\5b310vvu.default\extensions\feedly@devhd\content\app\extension
[2010/11/09 22:56:27 | 000,002,273 | ---- | M] () -- C:\Users\iji\AppData\Roaming\Mozilla\FireFox\Profiles\5b310vvu.default\searchplugins\ask.xml
[2010/11/09 22:56:28 | 000,000,908 | ---- | M] () -- C:\Users\iji\AppData\Roaming\Mozilla\FireFox\Profiles\5b310vvu.default\searchplugins\bing.xml
[2010/10/26 05:35:18 | 000,002,149 | ---- | M] () -- C:\Users\iji\AppData\Roaming\Mozilla\FireFox\Profiles\5b310vvu.default\searchplugins\MyStart Search.xml
[2010/10/23 06:09:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/20 03:54:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/11/08 21:10:07 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll (kikin)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Discordia Limited)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IdiomaX Translation ToolBar) - {477A7A3C-8B11-4B02-ADD1-7A01C4D00FA2} - C:\Program Files\Common Files\IdiomaX Shared\Cat 6.0\TrdIEAddIn.dll (IdiomaX LLC.)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (IdiomaX Translation ToolBar) - {477A7A3C-8B11-4B02-ADD1-7A01C4D00FA2} - C:\Program Files\Common Files\IdiomaX Shared\Cat 6.0\TrdIEAddIn.dll (IdiomaX LLC.)
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mfmanager] C:\Program Files\Virtual-Protect\MyFolder2.5\mfmanager.exe ()
O4 - HKLM..\Run: [phc700] C:\Windows\System32\vphc700.exe (Sonix)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] File not found
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [AutoStart PC Studio] C:\Program Files\Samsung\Samsung New PC Studio\NewPCStudio.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [Pando] C:\Program Files\Pando Networks\Pando\Pando.exe (Pando Networks)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000..\RunOnce: [CleanUp!] C:\Program Files\CleanUp!\Cleanup.exe (Steven R. Gould)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\Bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: Download with Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found
O9 - Extra Button: Show/Hide Translation ToolBar - {FE768A8F-9F88-4511-B28B-552ED2F6B500} - C:\Program Files\Common Files\IdiomaX Shared\Cat 6.0\TrdIEAddIn.dll (IdiomaX LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1659419934-660851909-4252960256-1000\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1287323115765 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1287323938957 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.68.166 68.87.74.166
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\googledesktopnetwork3.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (c:\windows\system32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Program Files\Bandoo\BndHook.dll (Discordia Limited)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative32) - C:\Windows\System32\sasnative32.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/09 23:02:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/08 21:41:57 | 000,000,000 | -HSD | C] -- C:\found.001
[2010/11/08 21:10:37 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/11/08 20:28:59 | 000,000,000 | ---D | C] -- C:\etavaresCF.exe2439e
[2010/11/08 20:27:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/11/08 17:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2010/11/08 14:48:15 | 000,000,000 | ---D | C] -- C:\found.000
[2010/11/08 08:09:01 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdm.sys
[2010/11/08 08:09:01 | 000,110,280 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdserd.sys
[2010/11/08 08:09:01 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdmdfl.sys
[2010/11/08 08:09:01 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdwhnt.sys
[2010/11/08 08:09:01 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdwh.sys
[2010/11/08 08:09:00 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdbus.sys
[2010/11/08 08:09:00 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdcmnt.sys
[2010/11/08 08:09:00 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sscdcm.sys
[2010/11/08 02:14:30 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\Friends
[2010/11/08 02:13:03 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\mfmanager
[2010/11/08 02:10:40 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual-Protect
[2010/11/07 10:53:23 | 001,325,656 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\iji\Desktop\TDSSKiller.exe
[2010/11/07 03:48:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2010/11/07 03:45:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/11/06 19:00:28 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/11/06 19:00:28 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/11/06 19:00:28 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/11/06 18:59:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/11/06 18:58:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/06 10:39:23 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\iji\Desktop\OTL.exe
[2010/11/04 17:35:11 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Mipony
[2010/11/04 17:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\MiPony
[2010/11/04 17:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Singlesnet
[2010/11/04 12:14:54 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Ringtones
[2010/11/03 22:08:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Silabs
[2010/11/03 20:03:05 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\Samsung
[2010/11/03 19:21:02 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\My Art
[2010/11/03 19:19:52 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\ML
[2010/11/03 19:14:47 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\NPS
[2010/11/03 18:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2010/11/03 18:32:53 | 000,000,000 | ---D | C] -- C:\Users\iji\{beee9a27-e1a2-4d0a-88ed-ecb38f3e27b0}
[2010/11/03 18:32:22 | 000,000,000 | ---D | C] -- C:\Users\iji\{04d9152f-78f8-4714-8a5e-a3b952c31b40}
[2010/11/03 18:30:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2010/11/03 18:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/11/03 18:29:38 | 000,238,952 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
[2010/11/03 18:28:45 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\My NPS Files
[2010/11/03 18:28:41 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Samsung
[2010/11/03 18:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2010/11/03 18:16:47 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\Downloaded Installations
[2010/10/26 17:30:26 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\AVG Security Toolbar
[2010/10/26 03:44:49 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Kimberly's Stuff
[2010/10/25 16:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010/10/25 08:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/10/25 07:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[2010/10/24 22:56:25 | 000,472,064 | ---- | C] ( ) -- C:\Users\iji\Desktop\RootRepeal.exe
[2010/10/24 20:38:31 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/10/24 15:56:21 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Auslogics
[2010/10/24 15:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2010/10/24 12:45:07 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\SUPERAntiSpyware.com
[2010/10/24 12:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/10/24 12:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/10/24 12:40:25 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\iji\Desktop\ATF-Cleaner.exe
[2010/10/24 12:04:15 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\kikin
[2010/10/24 12:04:04 | 000,000,000 | ---D | C] -- C:\Program Files\kikin
[2010/10/24 12:03:38 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\mIRC
[2010/10/24 12:03:37 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\OpenCandy
[2010/10/24 12:03:30 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\OpenCandy
[2010/10/24 12:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
[2010/10/24 10:35:25 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\WeatherBug
[2010/10/24 10:34:37 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\WeatherBug
[2010/10/24 10:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\AWS
[2010/10/23 23:07:03 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Systweak
[2010/10/23 22:51:37 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/10/23 22:51:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010/10/23 00:10:18 | 000,000,000 | ---D | C] -- C:\Users\iji\DoctorWeb
[2010/10/22 12:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/10/20 15:55:32 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Malwarebytes
[2010/10/20 15:55:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/10/20 15:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/20 15:55:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/10/20 15:55:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/20 12:51:39 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Windows Vista Recovery Disc
[2010/10/20 11:53:52 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/10/20 11:21:58 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\ImgBurn
[2010/10/20 11:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010/10/20 08:27:13 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
[2010/10/20 08:26:45 | 000,126,976 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpfll70v.dll
[2010/10/20 08:21:00 | 000,372,736 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hppldcoi.dll
[2010/10/20 08:20:59 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2010/10/20 03:54:17 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/20 03:54:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/20 03:54:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/10/20 03:42:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/10/19 14:10:24 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\AVG9
[2010/10/19 13:52:41 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Desktop Icons
[2010/10/19 11:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Developer Preview 3.7 Alpha 5
[2010/10/18 21:43:14 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/10/18 21:43:12 | 000,025,168 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys
[2010/10/18 21:43:10 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/10/18 21:43:08 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/10/18 21:42:58 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/10/18 21:42:55 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/10/18 21:42:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/10/18 21:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2010/10/18 21:39:59 | 000,024,856 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys
[2010/10/18 21:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/10/18 18:26:35 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\IM
[2010/10/18 18:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\IncrediMail
[2010/10/18 18:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\IncrediMail
[2010/10/18 18:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\IM
[2010/10/18 13:33:53 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\DivX
[2010/10/18 13:32:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/10/18 13:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/10/18 13:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/10/18 05:10:09 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/10/17 16:24:37 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2010/10/17 16:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2010/10/17 08:39:46 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\HpUpdate
[2010/10/17 08:38:46 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2010/10/16 22:19:33 | 000,344,064 | ---- | C] (Sonix) -- C:\Windows\System32\vphc710.exe
[2010/10/16 21:54:27 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\AOLLifestream.621681294CEC3900A26138A4CB3BC67A344B732C.1
[2010/10/16 21:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Lifestream
[2010/10/16 21:44:18 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\acccore
[2010/10/16 21:44:09 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\AIM
[2010/10/16 21:44:08 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\AOL
[2010/10/16 21:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2010/10/16 21:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2010/10/16 21:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/10/16 21:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2010/10/16 21:34:11 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\New Folder
[2010/10/16 21:30:42 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\Data
[2010/10/16 21:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\Unknown Device Identifier
[2010/10/16 20:33:30 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Bandoo
[2010/10/16 20:32:26 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\DriverGenius
[2010/10/16 20:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010/10/15 20:18:05 | 000,000,000 | ---D | C] -- C:\Users\iji\Desktop\New Downloads
[2010/10/15 09:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Bandoo
[2010/10/15 09:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bandoo
[2010/10/15 09:35:35 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\sb_temp
[2010/10/15 09:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\Smile Brush
[2010/10/15 09:31:36 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\nswb
[2010/10/15 09:31:33 | 000,000,000 | ---D | C] -- C:\Program Files\EZ Emoticons
[2010/10/15 04:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2010/10/15 04:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
[2010/10/15 03:18:05 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2010/10/15 03:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/10/15 03:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/10/15 03:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2010/10/15 03:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2010/10/14 20:42:42 | 000,000,000 | ---D | C] -- C:\FU_Backup
[2010/10/14 20:42:42 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\CheeseSoft
[2010/10/14 20:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\FinalUninstaller
[2010/10/14 14:47:21 | 000,000,000 | -H-D | C] -- C:\Windows\Icons
[2010/10/14 14:21:09 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010/10/14 14:21:09 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010/10/14 14:19:01 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/10/14 13:42:53 | 000,030,528 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010/10/14 13:39:22 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\TuneUp Software
[2010/10/14 13:38:53 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/10/14 13:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010/10/14 13:36:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/10/13 14:39:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2010/10/13 14:38:31 | 000,000,000 | ---D | C] -- C:\Users\iji\Documents\Outlook Files
[2010/10/12 21:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2010/10/12 19:19:10 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\Apps
[2010/10/12 18:04:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/10/12 13:46:01 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/10/12 13:45:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/10/12 13:44:47 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/10/12 13:43:52 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/10/12 13:43:46 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/10/12 13:33:33 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/10/12 13:33:32 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/10/12 13:33:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/10/12 13:33:29 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/10/12 13:33:27 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/10/12 13:33:25 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/10/12 13:33:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/10/12 13:33:24 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/10/12 13:33:24 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/10/12 13:33:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/10/12 13:33:22 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/10/12 13:33:22 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/10/12 13:33:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/10/12 13:33:21 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/10/12 13:33:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/10/12 13:33:19 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/10/12 13:33:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/10/12 13:28:30 | 000,000,000 | ---D | C] -- C:\$AVG8.VAULT$
[2010/10/12 13:26:55 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/10/12 13:26:42 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010/10/12 13:26:42 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010/10/12 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Roaming\Media Player Classic
[2010/10/11 04:47:50 | 000,158,456 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxwma.dll
[2010/10/11 04:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/10/11 04:20:34 | 000,185,944 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010/10/11 04:18:52 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010/10/11 04:18:52 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010/10/11 04:18:45 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/10/11 02:03:40 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\mp3fhg.acm
[2010/10/11 02:03:38 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2010/10/11 02:03:37 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010/10/11 02:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010/10/10 23:37:52 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\Real
[2010/10/10 23:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/10/10 23:30:30 | 000,000,000 | ---D | C] -- C:\Program Files\The Weather Channel FW
[2010/10/10 23:30:11 | 000,000,000 | ---D | C] -- C:\Users\iji\AppData\Local\The Weather Channel
[2010/09/18 16:06:46 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\cphc700.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/09 23:03:06 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/09 22:14:06 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1659419934-660851909-4252960256-1000UA.job
[2010/11/09 22:03:06 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/09 21:50:12 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/09 21:50:12 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/09 19:36:43 | 000,000,388 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{37787454-5E3E-4688-A3AB-839DD24D6B8E}.job
[2010/11/09 18:04:48 | 067,442,503 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/11/09 14:05:43 | 000,000,000 | ---- | M] () -- C:\Users\iji\Desktop\wasted.mp3
[2010/11/09 13:56:48 | 000,000,000 | ---- | M] () -- C:\Users\iji\Desktop\dueling_banjos.mp3
[2010/11/09 13:55:41 | 000,000,000 | ---- | M] () -- C:\Users\iji\Desktop\boyfriend_calling.mp3
[2010/11/09 13:24:35 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\ASOService.job
[2010/11/09 10:14:09 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1659419934-660851909-4252960256-1000Core.job
[2010/11/09 00:08:00 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job
[2010/11/08 21:55:10 | 000,075,264 | ---- | M] () -- C:\Users\iji\Desktop\SystemLook.exe
[2010/11/08 21:45:53 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010/11/08 21:45:31 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010/11/08 21:45:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/08 21:44:59 | 937,476,096 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/08 21:10:07 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/11/08 17:34:34 | 000,002,898 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010/11/08 17:25:03 | 000,002,034 | ---- | M] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2010/11/08 02:21:14 | 000,629,114 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/08 02:21:14 | 000,112,524 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/08 02:11:07 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\MyFolder Manager.lnk
[2010/11/07 03:45:16 | 000,001,537 | ---- | M] () -- C:\Users\iji\Desktop\WindowsUpdate.BAT
[2010/11/06 18:52:52 | 003,903,886 | R--- | M] () -- C:\Users\iji\Desktop\etavaresCF.exe.exe
[2010/11/06 11:19:00 | 155,124,798 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/06 11:13:47 | 000,294,912 | ---- | M] () -- C:\Users\iji\Desktop\gmer.exe
[2010/11/06 10:43:23 | 000,050,477 | ---- | M] () -- C:\Users\iji\Desktop\Defogger.exe
[2010/11/06 10:41:44 | 000,038,400 | ---- | M] () -- C:\Users\iji\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/06 10:37:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\iji\Desktop\OTL.exe
[2010/11/06 10:25:12 | 000,302,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/11/05 21:15:49 | 000,088,576 | ---- | M] () -- C:\Windows\MBR.exe
[2010/11/04 21:10:10 | 000,627,856 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2010/11/04 18:15:41 | 000,030,782 | ---- | M] () -- C:\Users\iji\Desktop\[Demonoid.com]-software_drivers_for_over_70_000_hardware_components_XP_VISTA__6192064.1258.torrent
[2010/11/04 17:34:50 | 000,000,787 | ---- | M] () -- C:\Users\iji\Desktop\MiPony.lnk
[2010/11/04 17:00:45 | 000,000,982 | ---- | M] () -- C:\Users\Public\Desktop\Start Singlesnet.lnk
[2010/11/03 17:45:44 | 115,331,072 | ---- | M] () -- C:\Program Files\Samsung New PC Studio.msi
[2010/11/03 17:38:26 | 000,069,632 | ---- | M] () -- C:\Program Files\1033.MST
[2010/11/03 17:37:31 | 000,013,730 | ---- | M] () -- C:\Program Files\0x0409.ini
[2010/11/03 17:33:16 | 007,772,672 | ---- | M] () -- C:\Program Files\Samsung New PC Studio USB Driver Installer.msi
[2010/10/26 05:38:36 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2010/10/25 14:37:14 | 000,001,356 | ---- | M] () -- C:\Users\iji\AppData\Local\d3d9caps.dat
[2010/10/24 12:39:16 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\iji\Desktop\ATF-Cleaner.exe
[2010/10/23 22:51:37 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/10/20 14:32:11 | 000,000,904 | ---- | M] () -- C:\Users\iji\Desktop\cmd - Shortcut.lnk
[2010/10/20 09:40:15 | 000,001,065 | ---- | M] () -- C:\net_save.dna
[2010/10/20 08:51:30 | 000,158,471 | ---- | M] () -- C:\Windows\hphins33.dat
[2010/10/20 08:32:17 | 000,158,453 | ---- | M] () -- C:\Windows\hphins33.dat.temp
[2010/10/20 03:43:15 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/20 01:48:28 | 000,000,230 | ---- | M] () -- C:\Users\iji\Desktop\Run.lnk
[2010/10/19 13:22:53 | 000,001,636 | ---- | M] () -- C:\Users\iji\Documents\Firefox Sync Key.html
[2010/10/19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/10/18 21:43:14 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/10/18 21:43:12 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSvx.sys
[2010/10/18 21:43:10 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2010/10/18 21:43:08 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/10/18 21:42:58 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/10/18 21:42:55 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/10/18 21:42:55 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/10/18 21:39:59 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgfwd6x.sys
[2010/10/18 03:42:20 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/10/17 20:48:01 | 000,000,094 | -H-- | M] () -- C:\Windows\System32\spv1_WCssg.ini
[2010/10/17 16:38:46 | 000,000,040 | ---- | M] () -- C:\Windows\RSoftInfo.dat
[2010/10/17 12:49:00 | 000,000,134 | ---- | M] () -- C:\Users\iji\Desktop\Device Manager - Shortcut.lnk
[2010/10/16 22:19:33 | 000,000,731 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin710.exe.lnk
[2010/10/16 21:44:05 | 000,000,376 | -H-- | M] () -- C:\IPH.PH
[2010/10/13 11:33:24 | 000,015,523 | ---- | M] () -- C:\Users\iji\Kimberly's Resume.docx
[2010/10/12 20:59:25 | 000,000,410 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2010/10/11 04:47:39 | 000,158,456 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\pxwma.dll
[2010/10/11 04:23:51 | 000,000,118 | ---- | M] () -- C:\Windows\cdplayer.ini
[2010/10/11 04:20:34 | 000,185,944 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2010/10/11 04:18:52 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2010/10/11 04:18:52 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2010/10/11 04:18:45 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/09 14:05:43 | 000,000,000 | ---- | C] () -- C:\Users\iji\Desktop\wasted.mp3
[2010/11/09 13:56:48 | 000,000,000 | ---- | C] () -- C:\Users\iji\Desktop\dueling_banjos.mp3
[2010/11/09 13:55:41 | 000,000,000 | ---- | C] () -- C:\Users\iji\Desktop\boyfriend_calling.mp3
[2010/11/08 21:55:52 | 000,075,264 | ---- | C] () -- C:\Users\iji\Desktop\SystemLook.exe
[2010/11/08 17:25:03 | 000,002,034 | ---- | C] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2010/11/08 02:11:07 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\MyFolder Manager.lnk
[2010/11/07 03:45:16 | 000,001,537 | ---- | C] () -- C:\Users\iji\Desktop\WindowsUpdate.BAT
[2010/11/06 19:00:28 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/11/06 19:00:28 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/11/06 19:00:28 | 000,088,576 | ---- | C] () -- C:\Windows\MBR.exe
[2010/11/06 19:00:28 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/11/06 19:00:28 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/11/06 18:54:10 | 003,903,886 | R--- | C] () -- C:\Users\iji\Desktop\etavaresCF.exe.exe
[2010/11/06 11:13:38 | 000,294,912 | ---- | C] () -- C:\Users\iji\Desktop\gmer.exe
[2010/11/06 10:43:55 | 000,050,477 | ---- | C] () -- C:\Users\iji\Desktop\Defogger.exe
[2010/11/04 18:15:36 | 000,030,782 | ---- | C] () -- C:\Users\iji\Desktop\[Demonoid.com]-software_drivers_for_over_70_000_hardware_components_XP_VISTA__6192064.1258.torrent
[2010/11/04 17:34:50 | 000,000,787 | ---- | C] () -- C:\Users\iji\Desktop\MiPony.lnk
[2010/11/04 17:00:45 | 000,000,982 | ---- | C] () -- C:\Users\Public\Desktop\Start Singlesnet.lnk
[2010/11/03 18:52:30 | 000,002,898 | ---- | C] () -- C:\aqua_bitmap.cpp
[2010/11/03 18:29:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/11/03 18:29:38 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/11/03 17:47:11 | 115,331,072 | ---- | C] () -- C:\Program Files\Samsung New PC Studio.msi
[2010/11/03 17:41:20 | 000,013,730 | ---- | C] () -- C:\Program Files\0x0409.ini
[2010/11/03 17:41:19 | 000,069,632 | ---- | C] () -- C:\Program Files\1033.MST
[2010/11/03 17:40:59 | 007,772,672 | ---- | C] () -- C:\Program Files\Samsung New PC Studio USB Driver Installer.msi
[2010/10/26 03:51:42 | 000,000,731 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin710.exe.lnk
[2010/10/26 00:25:06 | 155,124,798 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/10/25 11:14:27 | 937,476,096 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/20 14:29:29 | 000,000,904 | ---- | C] () -- C:\Users\iji\Desktop\cmd - Shortcut.lnk
[2010/10/20 08:46:20 | 000,158,453 | ---- | C] () -- C:\Windows\hphins33.dat.temp
[2010/10/20 08:46:20 | 000,000,586 | ---- | C] () -- C:\Windows\hphmdl33.dat.temp
[2010/10/20 08:29:27 | 000,158,471 | ---- | C] () -- C:\Windows\hphins33.dat
[2010/10/20 03:43:15 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/20 01:48:28 | 000,000,230 | ---- | C] () -- C:\Users\iji\Desktop\Run.lnk
[2010/10/19 13:22:46 | 000,001,636 | ---- | C] () -- C:\Users\iji\Documents\Firefox Sync Key.html
[2010/10/18 21:42:55 | 000,627,856 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[2010/10/18 21:42:55 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/10/18 21:42:50 | 067,442,503 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/10/18 18:26:02 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2010/10/18 03:42:20 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/10/17 20:48:01 | 000,000,094 | -H-- | C] () -- C:\Windows\System32\spv1_WCssg.ini
[2010/10/17 16:38:46 | 000,000,040 | ---- | C] () -- C:\Windows\RSoftInfo.dat
[2010/10/17 12:49:00 | 000,000,134 | ---- | C] () -- C:\Users\iji\Desktop\Device Manager - Shortcut.lnk
[2010/10/16 21:42:47 | 000,000,376 | -H-- | C] () -- C:\IPH.PH
[2010/10/13 11:33:15 | 000,015,523 | ---- | C] () -- C:\Users\iji\Kimberly's Resume.docx
[2010/10/12 20:59:24 | 000,000,410 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/10/11 04:23:51 | 000,000,118 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/10/11 02:03:46 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/10/11 02:03:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/10/11 02:03:36 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/10/11 02:03:36 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/10/11 02:03:25 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/10/05 02:51:27 | 000,000,026 | ---- | C] () -- C:\Windows\System32\defragboot.ini
[2010/09/28 07:51:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/09/20 13:52:35 | 000,000,110 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2010/09/18 16:06:46 | 000,015,488 | ---- | C] () -- C:\Windows\phc700.ini
[2010/09/18 16:06:43 | 000,644,864 | ---- | C] () -- C:\Windows\System32\drivers\phc700.sys
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/08 14:13:53 | 000,001,356 | ---- | C] () -- C:\Users\iji\AppData\Local\d3d9caps.dat
[2009/04/12 08:50:44 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2009/03/31 20:02:58 | 000,003,741 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/03/05 05:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2008/10/16 14:43:50 | 000,026,504 | ---- | C] () -- C:\Windows\System32\drivers\swmsflt.sys
[2008/05/04 17:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll
[2008/05/04 16:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll_rename
[2008/01/12 22:06:33 | 000,005,024 | ---- | C] () -- C:\Users\iji\AppData\Roaming\wklnhst.dat
[2008/01/08 20:46:51 | 000,024,206 | ---- | C] () -- C:\Users\iji\AppData\Roaming\UserTile.png
[2007/12/31 13:53:51 | 000,000,067 | ---- | C] () -- C:\Windows\swupdate.INI
[2007/12/30 16:31:54 | 000,038,400 | ---- | C] () -- C:\Users\iji\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/08/22 15:33:11 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/08/22 15:18:54 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/08/22 15:18:54 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/08/22 15:18:54 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/08/22 15:18:54 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/08/22 15:18:54 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/08/22 15:18:54 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/08/22 14:49:10 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/08/22 14:49:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/08/22 14:49:10 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/08/22 14:49:10 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007/08/22 14:45:08 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/07/28 01:26:30 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/12/05 15:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:46:17 | 000,006,656 | ---- | C] () -- C:\Windows\System32\shunimpl.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 12:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/07/22 23:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:182D85B1
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:435657D8
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:0A051701
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:73828A71
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:80B291A7
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:5160F090

< End of report >
----------------------------
Jotti Scan Results :

[ArcaVir]
2010-11-10 Found nothing
[G DATA]
2010-11-10 Found nothing
[Avast! antivirus]
2010-11-09 Found nothing
[Ikarus]
2010-11-10 Found nothing
[Grisoft AVG Anti-Virus]
2010-11-09 Found nothing
[Kaspersky Anti-Virus]
2010-11-09 Found nothing
[Avira AntiVir]
2010-11-09 Found nothing
[ESET NOD32]
2010-11-09 Found nothing
[Softwin BitDefender]
2010-11-10 Found nothing
[Panda Antivirus]
2010-11-09 Found nothing
[ClamAV]
2010-11-09 Found nothing
[Quick Heal]
2010-11-09 Found nothing
[CPsecure]
2010-11-10 Found nothing
[Sophos]
2010-11-10 Found nothing
[Dr.Web]
2010-11-10 Found nothing
[VirusBlokAda VBA32]
2010-11-09 Found nothing
[Frisk F-Prot Antivirus]
2010-11-09 Found nothing
[VirusBuster]
2010-11-09 Found nothing
[F-Secure Anti-Virus]
2010-11-10 Found nothing
Kimberly

#12 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:34 PM

Posted 10 November 2010 - 07:22 PM

How is your computer running otherwise at this point?


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#13 SouthrnSmile40

SouthrnSmile40
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 PM

Posted 11 November 2010 - 05:02 AM

Goodmorning etavares,:P

It's running good other than the thing's I mentioned a few post ago. I still cant do any update's----remove any program's, etc......I guess there's nothing more you can do at this point is there? You have done ALOT. Even with all that's wrong with the computer it seem's faster...Lol......Let me ask you.....What exactly is a vista recovery disc? I downloaded one of those from online, thinking that it would help fix my computer but a friend said he didnt think it would help. Exactly what does it do? and Do you you know a place -site that sell's the actual operating system disc at a discount or anything because being a single Mom with no job is very hard to come up with that kind of money....Lol.....That's why I dont want my computer to crash or anything because its what I use to try and find work. Thank you Sweetie, and have a blessed day.

Kimberly
Kimberly

#14 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:34 PM

Posted 11 November 2010 - 06:54 PM

I'm not giving up yet. :)

First, to answer your question, you can order a CD from Microsoft. You'll need your license key for windows. Right-click on My Computer, select properties, and the license key should be at the bottom of the screen that pops up. I have no idea how much it costs, but it's a lot cheaper than buying it at retail, since you're mostly paying for the license you already have.

http://windows.microsoft.com/en-US/windows-vista/products/get/order-cds

OK, let's try to fix the update error. First, try going here:
http://support.microsoft.com/kb/971058

Click the Fix it button and follow the prompts. Try it in default first, then try it in aggressive mode. Can you update after that?


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#15 SouthrnSmile40

SouthrnSmile40
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 PM

Posted 13 November 2010 - 05:57 AM

G'morning etavares. Sorry it took so long to get back to you. Thank you for not giving up on my computer...Lol.......Heaven knows I dont know what I'm doing so it's certainly a blessing to have a site like this, and someone like you that can help me. I ran the Mr. Fix from the web-site you had in the last post, and unfortunately I still cannot do any updates. It simply says the say thing thing. Anything else for me try?......Lol............Thank you so much.......

Kimberly :P
Kimberly




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users