Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

blue screen


  • This topic is locked This topic is locked
33 replies to this topic

#1 moses5314

moses5314

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 16 June 2011 - 02:54 PM

when i run anti virus in the middle its becoming a blue screen

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:09:48 PM, on 6/16/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\LogMeIn Backup\BackupMaint.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\LogMeIn Backup\lmibackupvssservice.exe
C:\Program Files\LogMeIn Backup\LMIGuardian.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\LogMeIn Backup\LogmeInBackupService.exe
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\LogMeIn Backup\LMIGuardian.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\mozilla firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80306&lng=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SearchHelperBho - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Autodesk DWF - {F03966D3-8EA0-47b4-BBE0-85BFE6CBC8AC} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open Client to monitor &1 - C:\WINDOWS\web\AOpenClient.htm
O8 - Extra context menu item: Open Client to monitor &2 - C:\WINDOWS\web\AOpenClient.htm
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.hotmail.com
O15 - Trusted Zone: *.live.com
O15 - Trusted Zone: *.msn.com
O15 - Trusted Zone: *.passport.com
O16 - DPF: {00A7BD45-3D5C-11D4-BDA7-00C0F02C56AB} (DMSrvPushX Control) - http://173.84.101.94/webpages/DMWebX.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{665CADB4-2C54-4A46-AD60-D2B1170D7693}: NameServer = 10.0.0.1,192.168.254.254,72.26.240.32
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL C:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O20 - Winlogon Notify: RDM+ - C:\Program Files\RDM+\notify.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: LogMeIn Backup Maintenance Service (BackupMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn Backup\BackupMaint.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Backup VSS Service (LMIBackupVSSService.exe) - LogMeIn, Inc. - C:\Program Files\LogMeIn Backup\lmibackupvssservice.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn Service (LogMeIn) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: LogMeIn Backup Storage PC Service (LogMeInBackupService.exe) - LogMeIn, Inc. - C:\Program Files\LogMeIn Backup\LogmeInBackupService.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O24 - Desktop Component 0: (no name) - https://www.officialtvwebsite.com/patch-perfect/images/bg_header.jpg
O24 - Desktop Component 1: (no name) - http://www.allsoftwaredirect.com/images/logo.gif

--
End of file - 13074 bytes

BC AdBot (Login to Remove)

 


#2 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 24 June 2011 - 11:56 AM

Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. :)

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:

  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________

Rootkit UnHooker (RkU)
Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth Code, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".



NEXT:


Running OTL

We need to create a FULL OTL Report
  • Please download OTL from here:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized

NEXT:


Please provide an update on how things are running in your next reply.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#3 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 26 June 2011 - 11:16 AM

Hi!

It's been several days since I last posted instructions for you to complete. Do you still require assistance in getting your computer cleaned up?

Please Note: Unless notified in advance, threads with no response in 3 days get closed.

If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave & if there is no contact for that amount of time I will have to assume you have abandoned your topic.


Thanks,
SweetTech.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#4 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 26 June 2011 - 11:16 AM

Double Post.

Edited by SweetTech, 05 July 2011 - 01:54 PM.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#5 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 27 June 2011 - 10:44 AM

Due to lack of feedback this thread will now be closed. If you still require assistance, and would like to have your thread re-opened, please feel free to send me a Private Message (PM) being sure to include a link to your topic, and I'd be happy to re-open it.


Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#6 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 30 June 2011 - 08:30 PM

This topic has been re-opened at the request of the person who originally posted.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#7 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 03 July 2011 - 11:09 AM

Still with me?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#8 moses5314

moses5314
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 04 July 2011 - 11:10 AM

YES IT MIGHT TAKE ME SOME TIME TO GET BACK TO YOU THANK YOU FOR BEING PATIENT



RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #2
==============================================
>Drivers
==============================================
0xBF0F1000 C:\WINDOWS\System32\ati3duag.dll 2240512 bytes (ATI Technologies Inc. , ati3duag.dll)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2154496 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2154496 bytes
0x804D7000 RAW 2154496 bytes
0x804D7000 WMIxWDM 2154496 bytes
0xBF800000 Win32k 1859584 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1859584 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xB9000000 C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 1044480 bytes (Conexant Systems, Inc., HSF_DP driver)
0xB0D4D000 C:\WINDOWS\system32\drivers\sthda.sys 1015808 bytes (SigmaTel, Inc., NDRC)
0xB91DF000 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 897024 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Miniport Driver)
0xA8CB2000 C:\WINDOWS\System32\Drivers\dump_iastor.sys 872448 bytes
0xB9E4E000 iaStor.sys 872448 bytes (Intel Corporation, Intel Matrix Storage Manager driver)
0xB8F59000 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 684032 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xB9CE8000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xBF314000 C:\WINDOWS\System32\ativvaxx.dll 479232 bytes (ATI Technologies Inc. , Radeon Video Acceleration Universal Driver)
0xAC4D0000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xBF084000 C:\WINDOWS\System32\atikvmag.dll 446464 bytes (ATI Technologies Inc., Virtual Command And Memory Manager)
0xB8E8F000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xAC65A000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xA7A90000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xBF389000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xAC5DB000 C:\WINDOWS\system32\DRIVERS\avgtdix.sys 290816 bytes (AVG Technologies CZ, s.r.o., AVG Network connection watcher)
0xA7B10000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xA8D87000 C:\WINDOWS\system32\DRIVERS\avgldx86.sys 245760 bytes (AVG Technologies CZ, s.r.o., AVG AVI Loader Driver)
0xBF04A000 C:\WINDOWS\System32\ati2cqag.dll 237568 bytes (ATI Technologies Inc., Central Memory Manager / Queue Server Module)
0xBF012000 C:\WINDOWS\System32\ati2dvag.dll 229376 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Display Driver)
0xAC622000 C:\WINDOWS\system32\DRIVERS\tcpip6.sys 229376 bytes (Microsoft Corporation, IPv6 driver)
0xB9DB5000 PCTCore.sys 225280 bytes (PC Tools, PC Tools KDS Core Driver)
0xB9122000 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys 212992 bytes (Conexant Systems, Inc., HSF_HWB2 WDM driver)
0xB8EED000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xB9F79000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xA7BC9000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xB9CBB000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xAC540000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xB917A000 C:\WINDOWS\system32\DRIVERS\b57xp32.sys 167936 bytes (Broadcom Corporation, Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver.)
0xB91A3000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows ® Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xAC58D000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xB9F23000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xAC5B5000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xA7814000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xB0D29000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xB9156000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xB90FF000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xA7356000 C:\WINDOWS\System32\Drivers\RDPWD.SYS 143360 bytes (Microsoft Corporation, RDP Terminal Stack Driver (US/Canada Only, Not for Export))
0xAC56B000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806E5000 ACPI_HAL 134400 bytes
0x806E5000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x9311F000 C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 131072 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Driver.)
0xB9DFE000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xB9F49000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xB9CA1000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xB9E36000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xA7C84000 C:\WINDOWS\System32\DLA\DLAUDFAM.SYS 98304 bytes (Sonic Solutions, Drive Letter Access Component)
0xB9E1E000 C:\WINDOWS\System32\Drivers\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xB9D88000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xB8F2E000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xA7C9C000 C:\WINDOWS\System32\DLA\DLAIFS_M.SYS 90112 bytes (Sonic Solutions, Drive Letter Access Component)
0xA7C6E000 C:\WINDOWS\System32\DLA\DLAUDF_M.SYS 90112 bytes (Sonic Solutions, Drive Letter Access Component)
0xB9D9F000 DRVMCDB.SYS 90112 bytes (Sonic Solutions, Device Driver)
0xA75A9000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xB8F45000 C:\WINDOWS\system32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xB91CB000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xAC6B3000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xB9D75000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xB9DEC000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xB9F68000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xB8F1D000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xA9CFD000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xBA158000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xBA138000 C:\WINDOWS\system32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xB988F000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xBA0F8000 Lbd.sys 61440 bytes (Lavasoft AB, Boot Driver)
0xBA168000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xACFB2000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xBA2F8000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xBA0E8000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xBA188000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xBA0C8000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xAF9B3000 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 49152 bytes (AVG Technologies CZ, s.r.o., AVG Resident Shield Minifilter Driver)
0xBA178000 C:\WINDOWS\system32\DRIVERS\dfmirage.sys 49152 bytes (DemoForge, LLC, Mirage Driver)
0xA90E4000 C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 49152 bytes (Microsoft Corporation, Family Safety Filter Driver (TDI))
0xA4B76000 C:\WINDOWS\system32\Drivers\PROCMON20.SYS 49152 bytes
0xBA1A8000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xAD5A3000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xBA148000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xBA0B8000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xBA198000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xB0075000 C:\WINDOWS\System32\Drivers\DRVNDDM.SYS 40960 bytes (Sonic Solutions, Device Driver Manager)
0xBA0A8000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xA93F1000 C:\WINDOWS\system32\drivers\LMIRfsDriver.sys 40960 bytes (LogMeIn, Inc., LogMeIn Rfs Drivemap Driver)
0xB989F000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xB987F000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xA497B000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0xBA0D8000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xAD5F3000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xBA128000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xAD5D3000 C:\WINDOWS\system32\drivers\ip6fw.sys 36864 bytes (Microsoft Corporation, IPv6 Windows Firewall Driver)
0xBA1B8000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xAD5B3000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xBA108000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xAD5C3000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xBA338000 cercsr6.sys 32768 bytes (Adaptec, Inc., DELL CERC SATA1.5/6ch Miniport Driver)
0xBA400000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xAD500000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xBA3F8000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xBA340000 avgrkx86.sys 28672 bytes (AVG Technologies CZ, s.r.o., AVG Anti-Rootkit Driver)
0xACCC7000 C:\WINDOWS\System32\DLA\DLABOIOM.SYS 28672 bytes (Sonic Solutions, Drive Letter Access Component)
0xBA408000 C:\WINDOWS\system32\DRIVERS\fdc.sys 28672 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0xAF811000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xBA328000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xAF883000 C:\WINDOWS\system32\DRIVERS\radpms.sys 28672 bytes (LogMeIn, Inc., RemotelyAnywhereDpmsSecure Device Driver)
0xBA430000 C:\WINDOWS\system32\DRIVERS\RimSerial.sys 28672 bytes (Research in Motion Ltd, RIM Virtual Serial Driver)
0xAD4D8000 C:\WINDOWS\system32\DRIVERS\usbprint.sys 28672 bytes (Microsoft Corporation, USB Printer driver)
0xAD4F0000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xAD518000 C:\WINDOWS\System32\Drivers\DLARTL_N.SYS 24576 bytes (Sonic Solutions, Shared Driver Component)
0xBA410000 C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xBA438000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xBA440000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xBA490000 C:\WINDOWS\System32\Drivers\TDTCP.SYS 24576 bytes (Microsoft Corporation, TCP Transport Driver)
0xBA3F0000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xAD510000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xAFA3A000 C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 20480 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Filter Driver.)
0xBA4A0000 C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 20480 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Loader Driver.)
0xAF819000 C:\WINDOWS\system32\DRIVERS\flpydisk.sys 20480 bytes (Microsoft Corporation, Floppy Driver)
0xAD508000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xBA448000 C:\WINDOWS\system32\DRIVERS\omci.sys 20480 bytes (Dell Inc, OMCI Device Driver)
0xBA330000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xBA420000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xBA428000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xBA418000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xAFA62000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xBA4BC000 AVGIDSEH.Sys 16384 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Helper Driver.)
0xB0E59000 C:\WINDOWS\System32\DLA\DLAOPIOM.SYS 16384 bytes (Sonic Solutions, Drive Letter Access Component)
0xA92EC000 C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xB9C50000 C:\WINDOWS\system32\drivers\MODEMCSA.sys 16384 bytes (Microsoft Corporation, Unimodem CSA Filter)
0xBA5A0000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xBA578000 C:\WINDOWS\system32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xBA4B8000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xA91B6000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xB0099000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xBA5A4000 C:\WINDOWS\System32\Drivers\i2omgmt.SYS 12288 bytes (Microsoft Corporation, I2O Utility Filter)
0xA7A68000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 12288 bytes (Conexant, Diagnostic Interface DRIVER)
0xA92E8000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xBA584000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xA7431000 C:\WINDOWS\system32\Drivers\PROCEXP141.SYS 12288 bytes
0xB0091000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xAD717000 C:\WINDOWS\system32\DRIVERS\sfloppy.sys 12288 bytes (Microsoft Corporation, SCSI Floppy Driver)
0xBA574000 C:\WINDOWS\system32\DRIVERS\tunmp.sys 12288 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0xAF8D7000 C:\WINDOWS\System32\drivers\ws2ifsl.sys 12288 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0xBA5C2000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xBA5EA000 C:\WINDOWS\System32\Drivers\DLACDBHM.SYS 8192 bytes (Sonic Solutions, Shared Driver Component)
0xACA01000 C:\WINDOWS\System32\DLA\DLAPoolM.SYS 8192 bytes (Sonic Solutions, Drive Letter Access Component)
0xBA5AC000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xBA5C0000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xBA5A8000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xBA5C4000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xBA622000 C:\Program Files\LogMeIn\x86\RaInfo.sys 8192 bytes (LogMeIn, Inc., RemotelyAnywhere Kernel Information Provider)
0xBA5C6000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xBA5EE000 C:\WINDOWS\System32\Drivers\RootMdm.sys 8192 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
0xBA5EC000 C:\WINDOWS\system32\DRIVERS\serscan.sys 8192 bytes (Microsoft Corporation, Serial Imaging Device Driver)
0xBA5F0000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xBA5F8000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xBA5AA000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xBA7F2000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xBA753000 C:\WINDOWS\System32\DLA\DLADResN.SYS 4096 bytes (Sonic Solutions, Drive Letter Access Component)
0xBA73F000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xBA7F1000 C:\WINDOWS\system32\DRIVERS\lmimirr.sys 4096 bytes (LogMeIn, Inc., LogMeIn Mirror Miniport Driver)
0xAD02E000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xBA670000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================


Nothing detected :(






OTL logfile created on: 6/30/2011 4:01:38 PM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = G:\Documents and Settings\Moses Rosenberg\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 68.22% Memory free
8.26 Gb Paging File | 6.84 Gb Available in Paging File | 82.80% Paging File free
Paging file location(s): c:\pagefile.sys 5046 8092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 78.71 Gb Free Space | 33.81% Space Free | Partition Type: NTFS
Drive F: | 109.37 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 931.51 Gb Total Space | 604.79 Gb Free Space | 64.93% Space Free | Partition Type: NTFS
Drive M: | 931.51 Gb Total Space | 604.79 Gb Free Space | 64.93% Space Free | Partition Type: NTFS
Drive O: | 931.51 Gb Total Space | 604.79 Gb Free Space | 64.93% Space Free | Partition Type: NTFS

Computer Name: MNROFFICE | User Name: Moses new | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/30 15:59:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Moses Rosenberg\My Documents\Downloads\OTL.exe
PRC - [2011/06/26 06:40:12 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\mozilla firefox\firefox.exe
PRC - [2011/05/27 14:53:12 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
PRC - [2011/05/27 08:52:30 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/09 05:35:14 | 001,265,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgsrmax.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/21 16:40:25 | 001,045,256 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010/10/13 16:57:12 | 003,887,480 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Moses new\Desktop\PROCEXP.EXE
PRC - [2010/06/29 17:14:47 | 000,116,104 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/06/29 17:14:45 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/06/29 17:14:44 | 000,378,248 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2010/04/19 01:04:46 | 010,962,144 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\AutoCAD Architecture 2010\acad.exe
PRC - [2010/02/10 00:47:54 | 000,174,304 | ---- | M] (Autodesk, Inc.) -- c:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe
PRC - [2009/02/09 09:34:32 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2008/04/13 20:12:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/28 22:53:05 | 000,079,360 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/06/30 15:59:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Moses Rosenberg\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (svlostServices)
SRV - [2011/06/16 11:06:10 | 003,435,096 | ---- | M] () [On_Demand | Stopped] -- c:\Program Files\Common Files\Akamai\netsession_win_e877e12.dll -- (Akamai)
SRV - [2011/06/13 12:26:07 | 001,036,104 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/12/20 19:30:30 | 000,036,864 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\o2flash.exe -- (O2Flash)
SRV - [2010/10/21 16:40:25 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/29 17:14:47 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/06/29 17:14:45 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/11 00:25:54 | 001,709,456 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- C:\Program Files\LogMeIn Backup\LogmeInBackupService.exe -- (LogMeInBackupService.exe)
SRV - [2010/03/11 00:25:50 | 000,488,848 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- C:\Program Files\LogMeIn Backup\lmibackupvssservice.exe -- (LMIBackupVSSService.exe)
SRV - [2010/03/11 00:25:44 | 000,140,688 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- C:\Program Files\LogMeIn Backup\BackupMaint.exe -- (BackupMaint)
SRV - [2010/02/19 19:31:44 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/09/23 14:33:42 | 001,141,200 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/09/23 13:17:22 | 000,358,600 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/02/09 13:33:44 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/06/10 06:47:06 | 000,846,848 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\RDM+\rdmpserv.exe -- (RDMPLocalService)
SRV - [2008/06/06 00:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/13 20:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/13 20:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2007/11/28 22:53:05 | 000,079,360 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/06/20 12:09:14 | 000,258,856 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2006/09/29 12:48:06 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Autodesk\3DS MAX 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit)
SRV - [2005/09/30 19:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Disabled | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005/04/25 09:49:52 | 000,086,142 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel®
SRV - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) [Disabled | Stopped] -- C:\WINDOWS\System32\Brmfrmps.exe -- (brmfrmps)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/06/29 17:14:47 | 000,013,408 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\radpms.sys -- (radpms)
DRV - [2010/06/29 17:14:47 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/06/29 17:14:45 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/06/29 17:14:45 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/09/23 17:10:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/09/04 14:50:02 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/09/04 14:50:00 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/09/04 14:49:58 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/03 10:49:08 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/06/22 07:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/15 07:49:18 | 000,031,896 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2007/11/02 15:36:10 | 000,018,176 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2007/10/10 17:41:50 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motport.sys -- (motport)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/01/22 19:33:00 | 000,007,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (winusb)
DRV - [2006/09/21 04:53:16 | 000,004,442 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\_tpb0000.tmp\TPPWRIF.sys -- (TPPWRIF)
DRV - [2006/09/06 07:12:34 | 000,006,784 | ---- | M] (Micro Innovations) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2006/01/27 18:44:24 | 000,150,528 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/11/16 22:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/08 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2004/09/15 00:36:48 | 000,789,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/03/24 11:12:44 | 000,004,272 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/02/13 11:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002/01/29 17:33:28 | 000,018,560 | ---- | M] (Barom Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PortRst.sys -- (PortRst)
DRV - [2000/05/31 09:23:56 | 000,034,520 | ---- | M] (COWON Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fnd1F45.sys -- (USBFMC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 11 B7 5A 0C 99 2F CC 01 [binary data]
IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Productivity Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2856459&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: avg@igeared:6.011.025.001
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.0.19
FF - prefs.js..extensions.enabledItems: {1c9b96a0-cba2-482e-9c40-9200b547123a}:3.3.0.19
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4d068466&v=7.005.030.004&i=23&tp=ab&iy=b&ychte=us&lng=en-US&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/24 09:43:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\mozilla firefox\components [2011/06/26 06:40:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\mozilla firefox\plugins [2011/06/16 17:33:38 | 000,000,000 | ---D | M]

[2008/08/26 15:04:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Extensions
[2011/06/27 12:00:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions
[2010/10/21 16:54:31 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/02/07 16:17:36 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(2)
[2011/06/27 12:00:33 | 000,000,000 | ---D | M] (Productivity Community Toolbar) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{1c9b96a0-cba2-482e-9c40-9200b547123a}
[2010/08/03 17:32:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/23 16:08:25 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/03/27 18:29:43 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\engine@conduit.com
[2011/06/26 06:44:19 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\LogMeInClient@logmein.com
[2010/01/14 21:33:13 | 000,002,172 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\searchplugins\bing.xml
[2010/12/30 18:23:08 | 000,000,927 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\searchplugins\conduit.xml
[2011/01/02 12:16:17 | 000,002,292 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\searchplugins\inbox-search.xml
[2011/06/29 15:53:46 | 000,001,835 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\searchplugins\weathercom.xml
[2007/06/19 10:47:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2007/12/10 13:02:25 | 000,000,000 | ---D | M] (Java Console) -- C:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2009/09/01 12:15:32 | 000,000,000 | ---D | M] (Java Console) -- C:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2011/06/24 09:43:23 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2006/05/20 14:46:06 | 000,034,384 | ---- | M] (WebEx) -- C:\Program Files\mozilla firefox\plugins\atgpcdec.dll
[2006/05/20 14:45:36 | 000,093,848 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcext.dll
[2006/05/20 15:39:24 | 000,032,768 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\atsc3cls.dll
[2006/05/20 14:23:12 | 000,087,632 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\ieatgpc.dll
[2006/05/20 14:23:36 | 000,051,792 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll
[2007/05/10 14:45:00 | 001,589,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npRACtrl.dll
[2006/11/29 23:55:24 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2006/11/09 16:20:40 | 002,111,096 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2007/01/26 16:59:00 | 000,008,784 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
[2007/01/10 12:30:00 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\unicows.dll

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\.DEFAULT..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: google.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: hotmail.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: live.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: msn.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: passport.com ([]* in Trusted sites)
O16 - DPF: {00A7BD45-3D5C-11D4-BDA7-00C0F02C56AB} http://173.84.101.94/webpages/DMWebX.ocx (DMSrvPushX Control)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} http://download.microsoft.com/download/7/0/7/707a44ad-52ad-49af-b7ef-e21b6b0656e4/VirtualEarth3D.cab (SentinelVE3D Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\AutorunsDisabled\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\AutorunsDisabled\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\GoToMyPC: DllName - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\RDM+: DllName - C:\Program Files\RDM+\notify.dll - C:\Program Files\RDM+\notify.dll ()
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/16 18:13:39 | 000,000,000 | ---D | M] - C:\AUTO-CAD 2005 (WITH KEY) -- [ NTFS ]
O32 - AutoRun File - [2009/11/08 15:49:08 | 000,000,000 | ---D | M] - C:\AutoCAD 2005 1 -- [ NTFS ]
O32 - AutoRun File - [2007/03/15 17:20:12 | 000,000,000 | ---D | M] - C:\AUTOCAT 2005 -- [ NTFS ]
O32 - AutoRun File - [2010/10/21 14:55:06 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{26b8a1f4-1792-11dd-8503-0013721e880e}\Shell - "" = AutoRun
O33 - MountPoints2\{26b8a1f4-1792-11dd-8503-0013721e880e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{26b8a1f4-1792-11dd-8503-0013721e880e}\Shell\AutoRun\command - "" = D:\LaunchU3.exe
O33 - MountPoints2\{96d5ec3f-d3c1-11db-8489-0013721e880e}\Shell\AutoRun\command - "" = F:\pstart.exe
O33 - MountPoints2\{c779f558-7a69-11db-845d-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{c779f558-7a69-11db-845d-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c779f558-7a69-11db-845d-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/29 16:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/06/23 17:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2011/06/22 12:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Moses new\Application Data\ElevatedDiagnostics
[2011/06/22 11:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriverFinder
[2011/06/22 11:38:47 | 000,000,000 | ---D | C] -- C:\Program Files\DriverFinder
[2011/06/22 11:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Moses new\Application Data\DriverFinder
[2011/06/21 20:04:28 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/06/21 19:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2011/06/21 19:09:55 | 000,716,800 | ---- | C] (Sysinternals) -- C:\WINDOWS\System32\SysInternalsBluescreen.scr
[2011/06/20 19:42:12 | 003,022,712 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Moses new\Desktop\

#9 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 04 July 2011 - 12:36 PM

Hi!

It looks like the OTL.txt log got cut off, and the Extras.txt log didn't get posted. Can you please attempt to post both of those again for me?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#10 moses5314

moses5314
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 05 July 2011 - 01:01 PM

OTL Extras logfile created on: 6/30/2011 4:01:38 PM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = G:\Documents and Settings\Moses Rosenberg\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 68.22% Memory free
8.26 Gb Paging File | 6.84 Gb Available in Paging File | 82.80% Paging File free
Paging file location(s): c:\pagefile.sys 5046 8092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 78.71 Gb Free Space | 33.81% Space Free | Partition Type: NTFS
Drive F: | 109.37 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 931.51 Gb Total Space | 604.79 Gb Free Space | 64.93% Space Free | Partition Type: NTFS
Drive M: | 931.51 Gb Total Space | 604.79 Gb Free Space | 64.93% Space Free | Partition Type: NTFS
Drive O: | 931.51 Gb Total Space | 604.79 Gb Free Space | 64.93% Space Free | Partition Type: NTFS

Computer Name: MNROFFICE | User Name: Moses new | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\mozilla firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"8097:TCP" = 8097:TCP:*:Enabled:EarthLink UHP Modem Support
"3390:TCP" = 3390:TCP:*:Enabled:remote desk
"135:TCP" = 135:TCP:*:Enabled:remote assistance
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
"4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
"4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
"54925:UDP" = 54925:UDP:*:Enabled:Brother Network Scanner
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"2512:TCP" = 2512:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\WINDOWS\LMI456.tmp\rescue.exe" = C:\WINDOWS\LMI456.tmp\rescue.exe:*:Enabled:RemotelyAnywhere Rescue DLL
"C:\Program Files\NetworkViewer\DMNetworkViewer.exe" = C:\Program Files\NetworkViewer\DMNetworkViewer.exe:*:Enabled:DMNetworkViewer -- ()
"C:\Program Files\NetworkViewer\DMNetworkAdmin.exe" = C:\Program Files\NetworkViewer\DMNetworkAdmin.exe:*:Enabled:DMNetworkAdmin -- ()
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe
"C:\WINDOWS\LMI1B8.tmp\rescue.exe" = C:\WINDOWS\LMI1B8.tmp\rescue.exe:*:Enabled:LogMeIn Rescue
"C:\WINDOWS\surfmonkey\SMProxy.exe" = C:\WINDOWS\surfmonkey\SMProxy.exe:*:Enabled:EarthLink Parental Controls
"C:\Program Files\Autodesk\3DS MAX 9\3dsmax.exe" = C:\Program Files\Autodesk\3DS MAX 9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit -- (Autodesk, Inc.)
"C:\Program Files\Autodesk\Backburner\monitor.exe" = C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor -- (Autodesk, Inc.)
"C:\Program Files\Autodesk\Backburner\manager.exe" = C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager -- (Autodesk, Inc.)
"C:\Program Files\Autodesk\Backburner\server.exe" = C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server -- (Autodesk, Inc.)
"C:\Program Files\Laplink\PCsync\SFTHost.exe" = C:\Program Files\Laplink\PCsync\SFTHost.exe:*:Enabled:PCsync Host Module -- (Laplink Software, Inc.)
"C:\Program Files\Laplink\PCsync\PCsync.exe" = C:\Program Files\Laplink\PCsync\PCsync.exe:*:Enabled:Laplink PCsync -- (Laplink Software, Inc.)
"D:\Autorun.exe" = D:\Autorun.exe:*:Enabled:CD navigator
"C:\Program Files\palm\Hotsync.exe" = C:\Program Files\palm\Hotsync.exe:*:Enabled:HotSync® Manager Application -- (PalmSource, Inc)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\AutoCAD 2007\acad.exe" = C:\Program Files\AutoCAD 2007\acad.exe:*:Enabled:AutoCAD Application -- (Autodesk, Inc.)
"C:\Program Files\Motorola\Software Update\msu.exe" = C:\Program Files\Motorola\Software Update\msu.exe:*:Enabled:msu -- (Motorola)
"C:\Program Files\Roxio\Media Manager 9\MediaManager9.exe" = C:\Program Files\Roxio\Media Manager 9\MediaManager9.exe:*:Enabled:MediaManager9 Module
"C:\mozilla firefox\firefox.exe" = C:\mozilla firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"D:\setup\HPZNET01.EXE" = D:\setup\HPZNET01.EXE:*:Enabled:hpznet01.exe
"D:\setup\hppapd.exe" = D:\setup\hppapd.exe:*:Enabled:hppapd.exe
"D:\setup\HPNTWKEXE.EXE" = D:\setup\HPNTWKEXE.EXE:*:Enabled:hpntwkexe.exe
"C:\Program Files\FileHippo.com\UpdateChecker.exe" = C:\Program Files\FileHippo.com\UpdateChecker.exe:*:Enabled:FileHippo.com Update Checker -- (FileHippo.com)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Program Files\Google\Google SketchUp 7\SketchUp.exe" = C:\Program Files\Google\Google SketchUp 7\SketchUp.exe:*:Enabled:SketchUp Application -- (Google, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Moses new\Application Data\U3\000015672B63663B\0DE4F643-C398-46ec-9339-2362F2311932\Exec\skype.exe" = C:\Documents and Settings\Moses new\Application Data\U3\000015672B63663B\0DE4F643-C398-46ec-9339-2362F2311932\Exec\skype.exe:*:Enabled:Skype
"C:\Documents and Settings\Moses new\Application Data\U3\000015672B63663B\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Plugin Manager\skypePM.exe" = C:\Documents and Settings\Moses new\Application Data\U3\000015672B63663B\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Documents and Settings\Moses new\Application Data\U3\000015672B63663B\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Phone\Skype.exe" = C:\Documents and Settings\Moses new\Application Data\U3\000015672B63663B\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Phone\Skype.exe:*:Enabled:Skype
"C:\Program Files\Brother\Brmfl08i\FAXRX.exe" = C:\Program Files\Brother\Brmfl08i\FAXRX.exe:*:Enabled:FAXRX.EXE -- (Brother Industries Ltd.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004B8D14-7E3A-490A-ABB3-753535E169E3}" = Brother MFL-Pro Suite
"{0088533A-C3B5-3A94-E64F-5BA6D9EC95AC}" = Catalyst Control Center Localization Italian
"{011BD142-49B4-0DE4-0EBC-1CC1EA879CA1}" = Catalyst Control Center Graphics Full Existing
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{04563D27-AD66-4A8A-B69D-7A22467EB445}" = AutoCAD Civil 2009 Version 2 Object Enabler on AutoCAD Architecture 2009 - English (United States)
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{058B32E2-6310-4359-B2D4-1988390C3B83}" = Broadcom Advanced Control Suite
"{062D9176-0A68-82F2-E536-B6CFCB648474}" = CCC Help Czech
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{08149959-5F4F-1FFB-0729-930396A4FE38}" = CCC Help Chinese Standard
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0A0960AD-ADA0-4606-B0C9-B3477D1868CA}" = AutoCAD Architecture-MEP 2011 Object Enabler on Autodesk Vault 2011 (Client) - Language Neutral
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CA3E8E6-51CD-F006-EE04-726345784F3C}" = Catalyst Control Center Localization Hungarian
"{0D21E5DF-E126-CCBA-44F0-C39437F6DFF4}" = Catalyst Control Center Localization Japanese
"{1198F4A5-65B5-6224-3EFC-6EE9CF54A80B}" = CCC Help Hungarian
"{11F2DD56-1175-D58C-D3D5-6A40573F2170}" = Catalyst Control Center Localization Thai
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{127AE4A9-1200-0409-0002-6E90A7D8E996}" = Autodesk Inventor Object Enabler for AutoCAD 2007
"{127AE4A9-68AE-4876-0002-6E90A7D8E996}" = Autodesk Mechanical Desktop Object Enabler
"{127AE4A9-68AE-4876-8B52-6E90A7D8E996}" = Autodesk Mechanical Desktop Object Enabler
"{135BA9A6-495A-4FE9-B1A1-AB4DA449CAB1}" = hppLJP2015
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{14374623-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Premier: Accountant Edition 2005
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{15F4085A-BC98-4590-AFFD-03BBBE49524E}" = Garmin Communicator Plugin
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17ED6C9B-117B-44F3-8FAE-F9DADB4D5AC6}" = BlackBerry Device Software v5.0.0 for the BlackBerry 9630 smartphone
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1ABF65AB-DF36-4251-A0C3-8E1B2C7599B2}" = AutoCAD Civil 2010 Object Enabler on AutoCAD Architecture 2010 - English (United States)
"{1C481534-E4E7-861F-7246-A0E0B2870A87}" = Catalyst Control Center HydraVision Full
"{1E6C0673-591F-4893-8E9F-3FA161C35357}" = StoneCAD 5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F58B417-2A47-4373-87DD-95230B200EAF}" = AutoCAD MEP 2009 Object Enabler on AutoCAD Architecture 2009 - English (United States)
"{1F73D672-6175-4A1D-B3C1-420439D03D0F}" = Product_SF_Full_QFolder
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{228814B2-6A64-4AD5-8D2D-4E2188DEB191}" = AVG 2011
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23C12370-3A82-4558-B727-F345B473AD87}" = BlackBerry Device Software Updater
"{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009
"{24DC7910-2A3C-8DF7-4EC9-3196AA026986}" = CCC Help Japanese
"{2555F3E2-B542-48A0-0EBD-8D7C585CA645}" = Catalyst Control Center Graphics Previews Common
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = RemoteCapture Task 1.1
"{2905CEBD-E7D3-48B4-9E4A-D9F0B583DE15}" = Autodesk MapGuide® SDF Component Toolkit Release 6.3
"{298BDF7B-B45B-47EF-87FA-D66146E8E4C7}" = Support Manager for Netscape Navigator and Mozilla
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2D33A97C-C09E-A577-3DEC-140899A99996}" = CCC Help Swedish
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2DCBA355-028D-B90D-DA6F-4766B83B4B34}" = ccc-core-preinstall
"{2E11BD62-37DE-F607-B1A2-4451617A8BD9}" = Catalyst Control Center Localization Portuguese
"{302B072E-3B33-44A2-8E51-CE6FC02E3BFF}" = AutoCAD Architecture 2009 Object Enabler on AutoCAD 2009 - English (United States)
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3522F12E-0B12-497C-A5F4-4F88883303F4}" = Application for Payment v7.8.4
"{3562A082-CF01-419B-8A02-233E31B8A83C}" = O2Micro Flash Memory Card Windows Driver V3.00
"{35845E72-E34A-11D4-817D-005004D0F1FA}" = MarketBrowser
"{39556553-8C77-4C5E-8F30-4083274948A2}" = Application Verifier
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BC341BD-3736-45F0-B0E0-5664792AC528}" = HP Care Pack Core
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3C74D5C3-EBB9-408E-972F-B9802F13D5E4}" = 3DVIA Shape for Maps
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4041E519-BA03-6641-3017-B270ABC7F9F9}" = Catalyst Control Center Localization Swedish
"{40A6C96D-808E-41DD-8716-617AB6B0F1F1}" = Brother MFL-Pro Suite
"{414C803A-6115-4DB6-BD4E-FD81EA6BC71C}" = Product_SF_Min_QFolder
"{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}" = Adobe InDesign CS
"{41A3F2C0-B3FA-4B46-B831-78C558989A25}" = AutoCAD Civil Object Enabler Coordinate System Files
"{41EEF558-3585-4020-8DF2-B182A0CE2D69}" = Autodesk Vault 2011 (Client)
"{41EEF558-3585-4028-8DF2-B182A0CE2D69}" = Autodesk Vault 2011 (Client) English Language Pack
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4475560E-9418-4908-A158-472D873AE139}" = LogMeIn
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{48F9AE5C-4911-4B76-BC37-EAA5430797B8}" = ArcSoft Funhouse
"{49552874-0793-49B2-AB9C-19B0AD07A299}" = AutoCAD Civil 3D 2011 Transportation Extension on AutoCAD Civil 3D 2011 - English (United States)
"{4A11206C-4377-49E8-911E-B11548658FF3}" = Revit Architecture 2008
"{4B43D905-3B78-4234-97E0-7525E377D8FF}" = BlackBerry Device Software v4.5.0 for the BlackBerry 8330 smartphone
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4CD4FF25-5673-6E99-CDFD-7F9810894164}" = Catalyst Control Center Localization Dutch
"{4E494280-F9EC-11D3-AF37-0080AD4616C7}" = Black Ice Tiff Viewer
"{4F30BC2B-5441-3149-91D7-FAA2332E2F5F}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{4F5C9F76-EB27-9AB5-E5BA-17E5451E6ECF}" = Catalyst Control Center Localization French
"{5080F0FF-B36C-4C38-96ED-6FC076A755B2}" = 4Team Outlook Express Duplicate Remover
"{53E20E85-4F7D-A552-BE35-E13A3AAE0136}" = Catalyst Control Center Core Implementation
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{561D20B1-766E-4EA5-8A1D-B7357D903673}" = hppIOFiles
"{56C13706-C0CB-4F90-BEF6-E9371C79C134}" = Math Success Deluxe
"{572FBF5D-3BAA-42FF-A468-A54C2C0A17C3}" = Autodesk Revit Architecture 2010
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D7-5001-0409-0002-0060B0CE6BBA}" = AutoCAD 2007 - English
"{5783F2D7-7001-0409-0002-0060B0CE6BBA}" = AutoCAD 2009 - English
"{5783F2D7-7004-0409-0002-0060B0CE6BBA}" = AutoCAD Architecture 2009
"{5783F2D7-8004-0000-0002-0060B0CE6BBA}" = AutoCAD Architecture 2010
"{5783F2D7-8004-0409-0002-0060B0CE6BBA}" = AutoCAD Architecture 2010
"{5783F2D7-8004-0409-1002-0060B0CE6BBA}" = AutoCAD Architecture 2010 Language Pack - English
"{5783F2D7-8006-0409-0002-0060B0CE6BBA}" = AutoCAD MEP 2010
"{5783F2D7-8006-0409-1002-0060B0CE6BBA}" = AutoCAD MEP 2010 Language Pack - English
"{5783F2D7-8028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2010
"{5783F2D7-9000-0409-0002-0060B0CE6BBA}" = AutoCAD Civil 3D 2011
"{5783F2D7-9000-0409-1002-0060B0CE6BBA}" = AutoCAD Civil 3D 2011 Language Pack - English
"{5783F2D7-9028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2011
"{578B9B0A-DE78-D958-E733-1F6D19636A07}" = Catalyst Control Center Localization Finnish
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{58F4D4FD-1814-4068-B316-C28FC776C6DD}" = GoToMyPC
"{59C91609-D1EC-67D6-04BD-153DDFC5A6DB}" = Catalyst Control Center Localization Greek
"{5AAF9D92-3BAA-44AA-B666-4FD8A2758C10}" = AutoCAD Raster Design 2010 Object Enabler on Autodesk Revit Architecture 2010 - English (United States)
"{5AAF9D92-8004-44AA-B666-4FD8A2758C10}" = AutoCAD Raster Design 2010 Object Enabler on AutoCAD Architecture 2010 - English (United States)
"{5AAF9D92-8006-44AA-B666-4FD8A2758C10}" = AutoCAD Raster Design 2010 Object Enabler on AutoCAD MEP 2010 - English (United States)
"{5AAF9D92-8028-44AA-B666-4FD8A2758C10}" = AutoCAD Raster Design 2010 Object Enabler on DWG TrueView 2010 - English (United States)
"{5B764556-D882-4068-05EE-3E2C5EB98F4B}" = CCC Help Norwegian
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5D0B9DA3-5FF5-5351-CBF2-6BD6DBB7D8D3}" = Catalyst Control Center Graphics Light
"{5D8A40E9-8E59-3761-98DE-2C9F7303FA17}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514)
"{5E55F3F1-2210-4CC9-A761-9E4B818D9FA7}" = HP Care Pack Products
"{601802D9-CE20-45D7-F59F-747D7CEF9BDC}" = CCC Help Thai
"{60F063BE-732B-3E02-9574-63F81F057A8B}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Application Verifier (30514)
"{62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0}" = Windows Rights Management Client with Service Pack 2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6441FECE-0E73-4326-81BF-68503E897820}" = CorePLS_Min_QFolder
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{66669E2D-4C2A-408B-8B8F-30A6125B3FA5}" = Autodesk Raster Design 2007 Object Enabler on AutoCAD 2007 - English (United States)
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{669A37FF-A446-46F9-8AAE-EEC1988A2ADF}" = Autodesk Design Review Firefox Add-on v1.1
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.9
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{699C970F-1E17-3CD8-A2EA-87AB9EDEDFF4}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{69E6C13B-CF6B-47A6-B7A5-77FE82B2CB40}" = hppFonts
"{6B68025E-407D-4362-9BF9-FB174F2CB87C}" = Autodesk DWG to Google Earth Publisher
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6C9F6831-F6A8-4178-A0AD-83EA6F5D07EB}" = IDrop
"{6CC5ABA2-6237-47B2-BCCF-6B72B17D112D}" = AutoCAD Civil 2010 Object Enabler on DWG TrueView 2010 - Language Neutral
"{6DE6837F-F3A3-40FF-9F5C-A0B95948E32D}" = Dassault Systemes Software Prerequisites x86
"{6ED57AF9-33D1-CD51-BD67-10D7717EC031}" = Skins
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{719E15DE-65EA-ABE2-74CD-9AF842505FFD}" = CCC Help Finnish
"{71DFAA65-77FA-41F3-A748-013B5A8524A3}" = Garmin City Navigator North America NT 2010.30
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{747A8FF8-36B9-28D3-6CA5-6C34E46650C9}" = Catalyst Control Center Localization Spanish
"{75ae2b4c-f8f8-4104-a963-56455a4838f6}_is1" = BreezyPrint
"{76CE5B47-F5A4-4E5C-99A0-CEFF6146EA4A}" = System Requirements Lab for Intel
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7953E06D-CDE9-1EB1-7CCC-3F9814970E85}" = CCC Help Russian
"{7A178F2E-92F6-437C-A709-69685D1C0F2B}" = hppTLBXFXP2015
"{7AFFE35D-047A-3D27-B204-1CD849933C02}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{7B3DE20B-12F9-9E3C-1E21-08A0379DFE07}" = CCC Help Chinese Traditional
"{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}" = Microsoft Visual Basic Power Packs 3.0
"{7B847C9D-6758-45E6-B598-3BD8F43EAE9E}" = Camera Window DS
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{7E8D0979-B4EE-4C7E-B68A-63938A256C5A}" = AutoCAD Civil 2010 Object Enabler on AutoCAD MEP 2010 - English (United States)
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{81987CB8-3D1B-1A2C-AE46-8E56FB5360C4}" = Catalyst Control Center Localization German
"{83073C45-3003-4671-9A86-243AAADD915A}" = Microsoft Calculator Plus
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84128752-7134-430B-8620-9D358401EDF5}" = Autodesk Inventor Translators for Parasolid, UG-NX, Pro/ENGINEER and SolidWorks
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{84462DA9-6EF5-43F7-A409-868E065A0671}" = Autodesk Civil 2007 Object Enabler on AutoCAD 2007 - English (United States)
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{85C977FB-2A5B-3223-8AC5-828558EAF7D9}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{862983D7-FA08-493E-A9ED-6B7859E069D3}" = Canon PhotoRecord
"{87DF5956-A327-4304-8338-8E2B0AAB843E}" = BlackBerry Desktop Software 6.0.2
"{8944B5A2-A948-4BA2-9A14-B094EB23D779}" = SOTI Pocket Controller-Pro For BlackBerry
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A9E2571-44CC-C3CE-DACF-7D49EE160F80}" = Catalyst Control Center Graphics Full New
"{8B21757D-5AD0-443C-0B02-3A81901576B9}" = ccc-utility
"{8C0118CC-F720-45FF-A4DA-44AD77B2E73C}" = CorePLS_Full_QFolder
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{922D9CCA-4317-425F-9AA5-94829DF8BA6D}" = Motorola Software Update
"{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1)
"{93C069D4-2F86-4570-A6DF-BFABBA1E4AFD}" = hpzTLBXFX
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{962DE60D-D080-4E77-BD0C-F97A179C50B7}" = Microsoft Windows Vista Upgrade Advisor
"{9857B360-21D6-11D5-A9D7-00E0295120B2}" = Brother Driver Deployment Wizard
"{98A432F3-D9FB-48E4-8258-B11C9F3C14D6}" = AutoCAD Architecture 2009 Object Enabler on AutoCAD Architecture 2009 - English (United States)
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A259CBB-BD0D-1DF8-E657-6B65636C20AD}" = Catalyst Control Center Localization Norwegian
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9F1EAC9C-B135-1672-60D3-D9B009FB86C7}" = CCC Help Polish
"{A1D530E4-E6D9-2ACD-FEF6-BAF39A1A6D93}" = CCC Help Turkish
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A38032BB-7B5E-CCD2-6BFB-D5943C3C77BA}" = Catalyst Control Center Localization Danish
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A62F50D4-EED7-4417-A382-E89ABCF11BAC}" = SketchUp DWG Importer
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A918DE8A-98C8-0950-0000-000000380070}" = Motorola KRZR K1m(Sprint PCS) USB - Handset Manager V9.5
"{A918DE8A-98C8-0950-0000-000005380070}" = Motorola KRZR K1m (SprintPCS) MA730 - Handset Manager V9.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A94C6D45-5A5F-2550-CA6B-BF5256854E8B}" = Catalyst Control Center Localization Polish
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAA11090-6E99-4655-AAF5-57EB5F677D0C}" = MarketResearch
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AD068483-1E11-3B1A-E866-D6F30961AD21}" = CCC Help Italian
"{AD7A44E4-15D7-4646-ADC0-22E8EB198A12}" = LogMeIn Backup
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B214C3C8-FC16-42EC-B7BB-703A1BB9C790}" = Lenovo Battery Program
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B39895A3-FF92-807D-61E8-E52340BB25C1}" = CCC Help Greek
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{B565D094-8FE6-D9BC-40EE-0627F7480E75}" = CCC Help Spanish
"{B6F62F2C-2468-4254-A1D8-8A40877640FC}" = BlackBerry Device Software v5.0.0 for the BlackBerry 9650 smartphone
"{B7EC21AC-9559-4B5A-940A-63EA0AA91395}" = AutoCAD Civil 2010 Object Enabler on Autodesk Revit Architecture 2010 - Language Neutral
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C042DB01-01CC-F821-9417-0E8EE049F79F}" = Catalyst Control Center Localization Chinese Standard
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4D1ED3A-F7C3-47CF-B1AD-694507C65094}" = Math Sucess
"{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}" = FireGL driver for 3D Studio MAX/VIZ
"{C75ADCCF-A898-466D-8D1D-C7226EC57866}" = AutoCAD Civil 2009 Version 2 Object Enabler on AutoCAD 2009 - English (United States)
"{C8E95BF5-C07F-4D98-BB42-F58FC98BC03E}" = Google Apps
"{C9005A17-95D5-AEA5-C339-F84F20BF94EF}" = CCC Help German
"{CA795A4D-5CA8-C561-A145-192D85526D6D}" = CCC Help Portuguese
"{CA9483A2-742A-4A72-881D-B81C6B1ACB3E}" = Google SketchUp Pro 7
"{CAA59EFA-5158-494F-93DA-C2F2530DB921}" = Impact ColorFax Lite
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBBCD044-B406-4C41-A3DD-99DE6F0004D2}" = ATI Hydravision APS
"{CC0E22BA-59F1-4983-A8BF-63FECDAF0556}" = Autodesk DWF Writer 3.1
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2A7D92-D766-30A9-B195-C4772EE2695F}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFB61D8C-D651-4D7C-80B4-C78676A0AF1F}" = hppusgP2015
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D50BBB80-1DC9-9376-C3D4-D5947AF30E2C}" = CCC Help Korean
"{D541AD3B-BF0B-BE09-D588-C05763D7F875}" = Catalyst Control Center Localization Turkish
"{D5D7E62F-5A01-1C5B-1FC9-D1A9C5796E33}" = CCC Help French
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"{DABF79AA-DE47-7F41-C1C4-DC51AAABC67F}" = CCC Help Dutch
"{DB90FF25-9932-48F2-B643-1802F1864FAF}" = AVG 2011
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{DFAD4B62-3594-463B-B266-A86623386107}" = AutoCAD MEP 2009 Object Enabler on AutoCAD 2009 - English (United States)
"{E0A160F1-127B-43AC-AF96-EBB6319B01C7}" = Google SketchUp Pro 8
"{E130868E-D095-4A7D-250C-618B2C84E349}" = CCC Help English
"{E1423608-F529-40A1-93CA-C7F396F30DF0}" = Google SketchUp
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E635221F-390F-F027-ED8E-4F4B33837AE8}" = Catalyst Control Center Localization Russian
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{E8E9A39C-6F70-4261-816F-2B2DE8F7BB13}" = Wal-Mart Digital Photo Manager
"{E96D4088-AAC5-437F-9E39-EC0E387897B4}" = Autodesk 3ds Max 9 32-bit
"{EA110D11-7F62-4FE9-91B4-57ED480C1C9F}" = Picture Organiser
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" =
"{EC31D769-2712-F5E5-4146-140FB3060DDA}" = Catalyst Control Center Localization Czech
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{ED0042CA-CBEA-4ADF-B262-FE0518AF2221}" = LogMeIn
"{EDAE4F43-833C-443B-8DB5-129F897DF3E8}" = hppWebRegMM
"{EEEAC41D-B3EE-4665-B4A4-174BACB50978}" = Bluebeam PDF Revu v4.7.0
"{EF79F558-31D2-93AD-F897-347A6543B827}" = Catalyst Control Center Localization Chinese Traditional
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3885DDF-E711-4F14-B4C9-5CA3F07A13E9}" = PCsync
"{F38D0F99-1BFC-47AB-AC36-8D9D43700CFB}" = hppManualsP2015
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FBE6B162-D772-A4CB-3DD3-D79CC94BB9FB}" = ccc-core-static
"{FC1C7967-A1AC-6659-62A7-07E087FF39DF}" = CCC Help Danish
"{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}" = HydraVision
"{FD7AAB8A-EA95-E05F-4229-72C2E4817D8B}" = Catalyst Control Center Localization Korean
"{FE4CA824-A514-40F4-9FE9-807A91A147F6}" = Autodesk Building Systems 2007 Object Enabler on AutoCAD 2007 - English (United States)
"{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}" = palmOne
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"7-Zip" = 7-Zip 9.17 beta
"ActiveScan 2.0" = Panda ActiveScan 2.0
"ActiveTouchMeetingClient" = WebEx
"Ad-Aware" = Ad-Aware
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.3.0 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_830" = Adobe Acrobat 8.3.0 - CPSID_83708
"Adobe Acrobat 8 Professional - English, Franחais, Deutsch" = Adobe Acrobat 8.2.5 Professional
"Adobe Acrobat 8 Professional - English, Franחais, Deutsch_825" = Adobe Acrobat 8.2.5 - CPSID_83708
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AIWA IC-DP200" = AIWA IC-DP200
"Akamai" = Akamai NetSession Interface
"All ATI Software" = ATI - Software Uninstall Utility
"AnumanLive" = AnumanLive
"ATI Display Driver" = ATI Display Driver
"AutoCAD 2009 - English" = AutoCAD 2009 - English
"AutoCAD Architecture 2009" = AutoCAD Architecture 2009
"AutoCAD Architecture 2010" = AutoCAD Architecture 2010
"AutoCAD Architecture 2010 Version 3" = AutoCAD Architecture 2010 Version 3
"AutoCAD Civil 3D 2011" = AutoCAD Civil 3D 2011
"AutoCAD Civil 3D 2011 Version 2.1" = AutoCAD Civil 3D 2011 Version 2.1
"AutoCAD MEP 2010" = AutoCAD MEP 2010
"AutoCAD MEP 2010 Version 2" = AutoCAD MEP 2010 Version 2
"Autodesk 2005 OE Hotfix" = Autodesk 2005 OE Hotfix
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"Autodesk Revit Architecture 2010" = Autodesk Revit Architecture 2010
"Autodesk Revit Architecture 2010 SP2" = Autodesk Revit Architecture 2010 x86 Update 2
"Autodesk Vault 2011 (Client)" = Autodesk Vault 2011 (Client)
"AutoPagex Plug-In_is1" = AutoPagex Plug-In, v. 1.7
"AVG" = AVG 2011
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.2
"BlockExtender" = BlockExtender
"Brother BRAdmin Professional Utilities" = Brother BRAdmin Professional 2.42
"Bus Driver" = Bus Driver 1.0
"CAL" = Canon Camera Access Library
"Calendar95" = Calendar 95
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"Capture-It!" = Capture-It!
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CSCLIB" = Canon Camera Support Core Library
"CutePDF Writer Installation" = CutePDF Writer 2.7
"Defraggler" = Defraggler (remove only)
"DesignWorkshop Lite" = DesignWorkshop Lite
"DMNetVuObserVer_is1" = DMNetVuObserVer 1.16.3
"DriverFinder" = DriverFinder
"DWG TrueView 2010" = DWG TrueView 2010
"DWG TrueView 2011" = DWG TrueView 2011
"FBX Plugin 2006.08 for Max 9.0" = FBX Plugin 2006.08 for Max 9.0
"FileHippo.com" = FileHippo.com Update Checker
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist 8.0.0.514
"GPL Ghostscript 8.54" = GPL Ghostscript 8.54
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"Graph paper printer" = Graph paper printer
"HatchKit Demonstration" = HatchKit Demonstration
"HP LaserJet P2015" = HP LaserJet P2015 Series 1.0
"HPExtendedCapabilities" = HP Extended Capabilities 6.0
"iDEN Download Apps Utility" = iDEN Download Apps Utility
"iDEN i560-i450-i455 R4C.01.02 Upgrade Utility" = iDEN i560-i450-i455 R4C.01.02 Upgrade Utility
"ie8" = Windows Internet Explorer 8
"InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = Canon RemoteCapture Task for ZoomBrowser EX
"InstallShield_{3562A082-CF01-419B-8A02-233E31B8A83C}" = O2Micro Flash Memory Card Windows Driver V3.00
"InstallShield_{7B847C9D-6758-45E6-B598-3BD8F43EAE9E}" = Canon Camera Window DS for ZoomBrowser EX
"InstallShield_{EEEAC41D-B3EE-4665-B4A4-174BACB50978}" = Bluebeam PDF Revu v4.7.0
"Internet Print" = Brother Internet Print 1.63
"jZip" = jZip
"LogMeIn Backup" = LogMeIn Backup
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"MiniTool Power Data Recovery_is1" = MiniTool Power Data Recovery
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"MSAWFax" = Microsoft Fax
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Network Viewer v2.2 (002)" = Network Viewer v2.2 (002)
"PC Playback v2.0(003)" = PC Playback v2.0(003)
"pdf2cad" = pdf2cad
"pdfFactory Pro" = pdfFactory Pro
"Picasa 3" = Picasa 3
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RDM+" = RDM+ 3.7
"Recuva" = Recuva (remove only)
"RegClean Pro_is1" = RegClean Pro
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Resco Photo Viewer for PalmOS" = Resco Photo Viewer for PalmOS
"Rhapsody" = Rhapsody
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"Spyware Doctor" = Spyware Doctor 7.0
"ST6UNST #1" = Easy DOCViewer 2.0
"ST6UNST #2" = Karona
"TruVoice" = Lernout & Hauspie TruVoice for Microsoft Agent
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009
"Uniblue SpeedUpMyPC 2009" = Uniblue SpeedUpMyPC 2009
"Unit Conversion Tool Evaluation Version_is1" = Unit Conversion Tool Evaluation Version 5.1
"VLC media player" = VideoLAN VLC media player 0.8.4a
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WETCable" = Windows Easy Transfer
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinZip Self-Extractor" = WinZip Self-Extractor
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"Yahoo! Toolbar" = Yahoo! Toolbar
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Reader for Palm OS" = Adobe Reader for Palm OS, 3.05
"e466ecf5f2bb88ab" = Kavanah
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Sun Download Manager 2.0 (web)" = Sun Download Manager 2.0 (web)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/30/2011 3:59:00 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 15:59:00.625]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

Error - 6/30/2011 4:00:09 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 16:00:09.625]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

Error - 6/30/2011 4:01:18 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 16:01:18.625]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

Error - 6/30/2011 4:02:27 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 16:02:27.640]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

Error - 6/30/2011 4:03:36 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 16:03:36.640]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

Error - 6/30/2011 4:04:45 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 16:04:45.640]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

Error - 6/30/2011 4:05:54 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 16:05:54.640]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

Error - 6/30/2011 4:07:03 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 16:07:03.640]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

Error - 6/30/2011 4:08:12 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 16:08:12.640]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

Error - 6/30/2011 4:09:21 PM | Computer Name = MNROFFICE | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2011/06/30 16:09:21.640]: [00001508]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.254.3]

[ System Events ]
Error - 6/21/2011 7:19:01 PM | Computer Name = MNROFFICE | Source = System Error | ID = 1003
Description = Error code 00000051, parameter1 00000004, parameter2 00000001, parameter3
e141a738, parameter4 0234c760.

Error - 6/22/2011 2:41:57 PM | Computer Name = MNROFFICE | Source = LDMS | ID = 16780239
Description = The Logical Disk Manager Service failed while registering for device
handle notifications on device \\?\USBSTOR#SFloppy&Ven_MITSUMI&Prod_USB_FDD&Rev_1039#9&10881820&0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}.
Win32 Error: 2.

Error - 6/23/2011 5:13:48 PM | Computer Name = MNROFFICE | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Activation
permission for the COM Server application with CLSID {D485DDC0-49C6-11D1-8E56-00A0C92C9D5D}

to the user MNROFFICE\HOME_2 SID (S-1-5-21-2347827306-315855231-310137897-1011).
This security permission can be modified using the Component Services administrative
tool.

Error - 6/23/2011 5:14:12 PM | Computer Name = MNROFFICE | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service dmadmin with
arguments "/com" in order to run the server: {4FB6BB00-3347-11D0-B40A-00AA005FF586}

Error - 6/23/2011 5:14:24 PM | Computer Name = MNROFFICE | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service dmadmin with
arguments "/com" in order to run the server: {4FB6BB00-3347-11D0-B40A-00AA005FF586}

Error - 6/26/2011 7:20:15 AM | Computer Name = MNROFFICE | Source = Service Control Manager | ID = 7031
Description = The AVG WatchDog service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 0 milliseconds: Restart
the service.

Error - 6/29/2011 3:51:45 PM | Computer Name = MNROFFICE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 6/29/2011 3:51:45 PM | Computer Name = MNROFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 6/29/2011 3:51:50 PM | Computer Name = MNROFFICE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 6/29/2011 3:51:50 PM | Computer Name = MNROFFICE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.


< End of report >


OTL logfile created on: 6/30/2011 4:01:38 PM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = G:\Documents and Settings\Moses Rosenberg\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 68.22% Memory free
8.26 Gb Paging File | 6.84 Gb Available in Paging File | 82.80% Paging File free
Paging file location(s): c:\pagefile.sys 5046 8092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 78.71 Gb Free Space | 33.81% Space Free | Partition Type: NTFS
Drive F: | 109.37 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 931.51 Gb Total Space | 604.79 Gb Free Space | 64.93% Space Free | Partition Type: NTFS
Drive M: | 931.51 Gb Total Space | 604.79 Gb Free Space | 64.93% Space Free | Partition Type: NTFS
Drive O: | 931.51 Gb Total Space | 604.79 Gb Free Space | 64.93% Space Free | Partition Type: NTFS

Computer Name: MNROFFICE | User Name: Moses new | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/30 15:59:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Moses Rosenberg\My Documents\Downloads\OTL.exe
PRC - [2011/06/26 06:40:12 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\mozilla firefox\firefox.exe
PRC - [2011/05/27 14:53:12 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
PRC - [2011/05/27 08:52:30 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/09 05:35:14 | 001,265,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgsrmax.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/21 16:40:25 | 001,045,256 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010/10/13 16:57:12 | 003,887,480 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Moses new\Desktop\PROCEXP.EXE
PRC - [2010/06/29 17:14:47 | 000,116,104 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/06/29 17:14:45 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/06/29 17:14:44 | 000,378,248 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2010/04/19 01:04:46 | 010,962,144 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\AutoCAD Architecture 2010\acad.exe
PRC - [2010/02/10 00:47:54 | 000,174,304 | ---- | M] (Autodesk, Inc.) -- c:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe
PRC - [2009/02/09 09:34:32 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2008/04/13 20:12:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/28 22:53:05 | 000,079,360 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/06/30 15:59:10 | 000,580,096 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Moses Rosenberg\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (svlostServices)
SRV - [2011/06/16 11:06:10 | 003,435,096 | ---- | M] () [On_Demand | Stopped] -- c:\Program Files\Common Files\Akamai\netsession_win_e877e12.dll -- (Akamai)
SRV - [2011/06/13 12:26:07 | 001,036,104 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/12/20 19:30:30 | 000,036,864 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\o2flash.exe -- (O2Flash)
SRV - [2010/10/21 16:40:25 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/29 17:14:47 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/06/29 17:14:45 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/11 00:25:54 | 001,709,456 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- C:\Program Files\LogMeIn Backup\LogmeInBackupService.exe -- (LogMeInBackupService.exe)
SRV - [2010/03/11 00:25:50 | 000,488,848 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- C:\Program Files\LogMeIn Backup\lmibackupvssservice.exe -- (LMIBackupVSSService.exe)
SRV - [2010/03/11 00:25:44 | 000,140,688 | ---- | M] (LogMeIn, Inc.) [On_Demand | Stopped] -- C:\Program Files\LogMeIn Backup\BackupMaint.exe -- (BackupMaint)
SRV - [2010/02/19 19:31:44 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/09/23 14:33:42 | 001,141,200 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/09/23 13:17:22 | 000,358,600 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/02/09 13:33:44 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/06/10 06:47:06 | 000,846,848 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\RDM+\rdmpserv.exe -- (RDMPLocalService)
SRV - [2008/06/06 00:41:12 | 001,322,648 | ---- | M] (Autodesk, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/13 20:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/13 20:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2007/11/28 22:53:05 | 000,079,360 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007/06/20 12:09:14 | 000,258,856 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2006/09/29 12:48:06 | 000,065,536 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Autodesk\3DS MAX 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit)
SRV - [2005/09/30 19:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Disabled | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005/04/25 09:49:52 | 000,086,142 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon) Intel®
SRV - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) [Disabled | Stopped] -- C:\WINDOWS\System32\Brmfrmps.exe -- (brmfrmps)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/06/29 17:14:47 | 000,013,408 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\radpms.sys -- (radpms)
DRV - [2010/06/29 17:14:47 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/06/29 17:14:45 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/06/29 17:14:45 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/09/23 17:10:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/09/04 14:50:02 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/09/04 14:50:00 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/09/04 14:49:58 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/03 10:49:08 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/06/22 07:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/15 07:49:18 | 000,031,896 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2007/11/02 15:36:10 | 000,018,176 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2007/10/10 17:41:50 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motport.sys -- (motport)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/01/22 19:33:00 | 000,007,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (winusb)
DRV - [2006/09/21 04:53:16 | 000,004,442 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\_tpb0000.tmp\TPPWRIF.sys -- (TPPWRIF)
DRV - [2006/09/06 07:12:34 | 000,006,784 | ---- | M] (Micro Innovations) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2006/01/27 18:44:24 | 000,150,528 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/11/16 22:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/08 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2004/09/15 00:36:48 | 000,789,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/03/24 11:12:44 | 000,004,272 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/02/13 11:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002/01/29 17:33:28 | 000,018,560 | ---- | M] (Barom Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PortRst.sys -- (PortRst)
DRV - [2000/05/31 09:23:56 | 000,034,520 | ---- | M] (COWON Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fnd1F45.sys -- (USBFMC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc-rel&channel=us
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 11 B7 5A 0C 99 2F CC 01 [binary data]
IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2347827306-315855231-310137897-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Productivity Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2856459&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: avg@igeared:6.011.025.001
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.0.19
FF - prefs.js..extensions.enabledItems: {1c9b96a0-cba2-482e-9c40-9200b547123a}:3.3.0.19
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4d068466&v=7.005.030.004&i=23&tp=ab&iy=b&ychte=us&lng=en-US&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/24 09:43:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\mozilla firefox\components [2011/06/26 06:40:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\mozilla firefox\plugins [2011/06/16 17:33:38 | 000,000,000 | ---D | M]

[2008/08/26 15:04:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Extensions
[2011/06/27 12:00:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions
[2010/10/21 16:54:31 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/02/07 16:17:36 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(2)
[2011/06/27 12:00:33 | 000,000,000 | ---D | M] (Productivity Community Toolbar) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{1c9b96a0-cba2-482e-9c40-9200b547123a}
[2010/08/03 17:32:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/23 16:08:25 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/03/27 18:29:43 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\engine@conduit.com
[2011/06/26 06:44:19 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\extensions\LogMeInClient@logmein.com
[2010/01/14 21:33:13 | 000,002,172 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\searchplugins\bing.xml
[2010/12/30 18:23:08 | 000,000,927 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\searchplugins\conduit.xml
[2011/01/02 12:16:17 | 000,002,292 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\searchplugins\inbox-search.xml
[2011/06/29 15:53:46 | 000,001,835 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Mozilla\Firefox\Profiles\iamnx5iq.default\searchplugins\weathercom.xml
[2007/06/19 10:47:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2007/12/10 13:02:25 | 000,000,000 | ---D | M] (Java Console) -- C:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2009/09/01 12:15:32 | 000,000,000 | ---D | M] (Java Console) -- C:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2011/06/24 09:43:23 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2006/05/20 14:46:06 | 000,034,384 | ---- | M] (WebEx) -- C:\Program Files\mozilla firefox\plugins\atgpcdec.dll
[2006/05/20 14:45:36 | 000,093,848 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\atgpcext.dll
[2006/05/20 15:39:24 | 000,032,768 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\atsc3cls.dll
[2006/05/20 14:23:12 | 000,087,632 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\ieatgpc.dll
[2006/05/20 14:23:36 | 000,051,792 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\mozilla firefox\plugins\npatgpc.dll
[2007/05/10 14:45:00 | 001,589,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npRACtrl.dll
[2006/11/29 23:55:24 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2006/11/09 16:20:40 | 002,111,096 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2007/01/26 16:59:00 | 000,008,784 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
[2007/01/10 12:30:00 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\unicows.dll

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\.DEFAULT..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: google.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: hotmail.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: live.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: msn.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: passport.com ([]* in Trusted sites)
O16 - DPF: {00A7BD45-3D5C-11D4-BDA7-00C0F02C56AB} http://173.84.101.94/webpages/DMWebX.ocx (DMSrvPushX Control)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} http://download.microsoft.com/download/7/0/7/707a44ad-52ad-49af-b7ef-e21b6b0656e4/VirtualEarth3D.cab (SentinelVE3D Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3BB1D69B-A780-4BE1-876E-F3D488877135} http://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab (SentinelProxy Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\AutorunsDisabled\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\AutorunsDisabled\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\GoToMyPC: DllName - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll - C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\RDM+: DllName - C:\Program Files\RDM+\notify.dll - C:\Program Files\RDM+\notify.dll ()
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/16 18:13:39 | 000,000,000 | ---D | M] - C:\AUTO-CAD 2005 (WITH KEY) -- [ NTFS ]
O32 - AutoRun File - [2009/11/08 15:49:08 | 000,000,000 | ---D | M] - C:\AutoCAD 2005 1 -- [ NTFS ]
O32 - AutoRun File - [2007/03/15 17:20:12 | 000,000,000 | ---D | M] - C:\AUTOCAT 2005 -- [ NTFS ]
O32 - AutoRun File - [2010/10/21 14:55:06 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{26b8a1f4-1792-11dd-8503-0013721e880e}\Shell - "" = AutoRun
O33 - MountPoints2\{26b8a1f4-1792-11dd-8503-0013721e880e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{26b8a1f4-1792-11dd-8503-0013721e880e}\Shell\AutoRun\command - "" = D:\LaunchU3.exe
O33 - MountPoints2\{96d5ec3f-d3c1-11db-8489-0013721e880e}\Shell\AutoRun\command - "" = F:\pstart.exe
O33 - MountPoints2\{c779f558-7a69-11db-845d-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{c779f558-7a69-11db-845d-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c779f558-7a69-11db-845d-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/29 16:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/06/23 17:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2011/06/22 12:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Moses new\Application Data\ElevatedDiagnostics
[2011/06/22 11:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DriverFinder
[2011/06/22 11:38:47 | 000,000,000 | ---D | C] -- C:\Program Files\DriverFinder
[2011/06/22 11:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Moses new\Application Data\DriverFinder
[2011/06/21 20:04:28 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/06/21 19:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2011/06/21 19:09:55 | 000,716,800 | ---- | C] (Sysinternals) -- C:\WINDOWS\System32\SysInternalsBluescreen.scr
[2011/06/20 19:42:12 | 003,022,712 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Moses new\Desktop\Procmon.exe
[2011/06/20 19:38:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\PeerNetworking
[2011/06/20 19:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Moses new\Start Menu\Programs\Microsoft Windows Performance Toolkit
[2011/06/20 19:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2011/06/20 19:24:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Debugging Tools for Windows (x86)
[2011/06/20 19:24:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Application Verifier
[2011/06/20 19:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2011/06/20 19:19:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Windows SDK v7.1
[2011/06/20 17:53:00 | 003,887,480 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Moses new\Desktop\PROCEXP.EXE
[2011/06/20 16:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\windows media player
[2011/06/19 18:32:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/06/19 15:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Moses new\Application Data\Systweak
[2011/06/19 15:32:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RegClean Pro
[2011/06/19 15:32:16 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2011/06/15 11:01:42 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/06/13 17:10:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Moses new\My Documents\6_7_11_Well 28 access Rd Ver 2008
[2011/06/13 16:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/06/13 16:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Moses new\Start Menu\Programs\HiJackThis
[2006/06/24 01:27:52 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2004/10/11 20:46:32 | 000,205,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltefx13n.dll
[2004/01/19 15:31:00 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltfil13n.DLL
[2004/01/19 14:31:06 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfiff13n.dll
[2004/01/19 14:31:06 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfCUT13n.dll
[2004/01/19 13:31:50 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltkrn13n.dll
[2004/01/19 13:12:00 | 000,089,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfcgm13n.dll
[2004/01/19 12:49:52 | 000,278,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFJ2K13n.dll
[2004/01/19 12:49:08 | 000,180,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpng13n.dll
[2004/01/19 12:47:36 | 000,076,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfwmf13n.dll
[2004/01/19 12:47:04 | 000,509,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMW13n.dll
[2004/01/19 12:45:38 | 000,420,352 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LFCMP13n.DLL
[2004/01/19 12:44:52 | 000,143,872 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lftif13n.dll
[2004/01/19 12:36:48 | 000,056,832 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpsd13n.dll
[2004/01/19 12:36:36 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcd13n.dll
[2004/01/19 12:36:32 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfpcx13n.dll
[2004/01/19 12:36:24 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\Lfpct13n.dll
[2004/01/19 12:36:18 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfmsp13n.dll
[2004/01/19 12:35:56 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfmac13n.dll
[2004/01/19 12:35:34 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfimg13n.dll
[2004/01/19 12:34:50 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfclp13n.dll
[2004/01/19 12:34:42 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\lfbmp13n.dll
[2004/01/19 12:33:48 | 000,444,928 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\ltimg13n.dll
[2004/01/19 12:32:18 | 000,265,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\Program Files\LTDIS13n.dll
[2000/05/02 05:17:00 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Program Files\PCDLIB32.DLL
[1999/11/19 00:00:00 | 000,284,032 | ---- | C] (Xceed Software Inc (450) 442-2626 zip@xceedsoft.com www.xceedsoft.com) -- C:\Program Files\XceedZip.dll
[40 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[19 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Moses new\*.tmp files -> C:\Documents and Settings\Moses new\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/30 15:39:30 | 078,909,178 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/06/30 15:30:45 | 000,001,984 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/29 16:11:05 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Moses new\Local Settings\Application Data\prvlcl.dat
[2011/06/29 16:01:20 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/06/27 14:09:33 | 000,001,353 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2011/06/24 09:43:24 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/06/23 19:38:56 | 000,326,918 | ---- | M] () -- C:\acadminidump.dmp
[2011/06/23 17:53:01 | 000,001,809 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2010 - English.lnk
[2011/06/23 17:50:32 | 000,000,976 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\acad.err
[2011/06/23 17:27:14 | 001,713,969 | ---- | M] () -- C:\Documents and Settings\Moses new\Desktop\Logfile.PML
[2011/06/23 17:18:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/23 17:10:26 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Status Monitor.lnk
[2011/06/22 17:59:28 | 000,001,476 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110622_175925.reg
[2011/06/22 16:16:15 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110622_161612.reg
[2011/06/22 14:51:39 | 000,000,322 | -HS- | M] () -- C:\WINDOWS\tasks\Jtojvmr.job
[2011/06/22 14:51:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/22 14:51:31 | 3756,158,976 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/22 11:39:02 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DriverFinder.lnk
[2011/06/21 20:03:50 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/21 20:03:46 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/06/21 20:03:46 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/06/21 19:46:41 | 000,001,068 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110621_194638.reg
[2011/06/21 19:39:20 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\ErrorEND.job
[2011/06/21 18:52:19 | 000,716,800 | ---- | M] (Sysinternals) -- C:\WINDOWS\System32\SysInternalsBluescreen.scr
[2011/06/21 17:58:05 | 000,000,210 | -HS- | M] () -- C:\boot.ini
[2011/06/21 17:47:13 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110621_174710.reg
[2011/06/21 15:32:10 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110621_153208.reg
[2011/06/21 15:19:10 | 000,019,036 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110621_151907.reg
[2011/06/21 14:40:30 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/20 19:42:04 | 003,022,712 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Moses new\Desktop\Procmon.exe
[2011/06/20 18:26:40 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{27D5824A-5981-4EC5-942E-71C8DEB3FE5C}.job
[2011/06/20 16:01:17 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2347827306-315855231-310137897-1008UA.job
[2011/06/20 16:01:17 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2347827306-315855231-310137897-1008Core.job
[2011/06/20 16:01:17 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/20 16:01:17 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/20 16:01:17 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/06/20 16:01:17 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/20 16:01:17 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/06/20 15:33:51 | 000,002,455 | ---- | M] () -- C:\Documents and Settings\Moses new\Desktop\HiJackThis.lnk
[2011/06/20 15:20:29 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\Moses new\Desktop\My Documents.lnk
[2011/06/19 18:32:50 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/06/19 17:26:59 | 000,249,407 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/06/19 15:55:05 | 001,510,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/19 15:32:25 | 000,001,645 | ---- | M] () -- C:\Documents and Settings\Moses new\Desktop\Check PC For Errors.lnk
[2011/06/19 15:32:25 | 000,001,623 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2011/06/19 15:22:31 | 000,000,015 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\DLL Rename.bat
[2011/06/16 17:33:38 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/06/16 17:20:50 | 000,000,061 | ---- | M] () -- C:\WINDOWS\brmx2001.ini
[2011/06/16 10:45:31 | 000,567,256 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/16 10:45:31 | 000,109,772 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/13 15:29:05 | 000,002,007 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD Architecture 2010 (US Imperial).lnk
[2011/06/12 18:16:08 | 000,028,186 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\modern_brick_closeup004.jpg
[2011/06/12 13:42:08 | 002,363,365 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\New Boys School TT E.dwg
[2011/06/06 10:46:46 | 000,287,159 | ---- | M] () -- C:\Documents and Settings\Moses new\Desktop\Samfeder.pdf
[2011/06/06 10:46:46 | 000,287,159 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\DINEV I.pdf
[2011/06/06 10:45:46 | 000,016,332 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\DINEV I PARKING-Model.pdf
[2011/06/03 13:14:41 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/06/03 13:14:41 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Moses new\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/06/03 12:57:06 | 000,097,839 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H3.pdf
[2011/06/02 19:40:41 | 000,006,505 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H999(6)-Model.pdf
[2011/06/02 19:40:23 | 000,008,852 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H999(5)-Model.pdf
[2011/06/02 19:40:04 | 000,007,360 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H999(4)-Model.pdf
[2011/06/02 18:37:13 | 000,006,286 | ---- | M] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H999(3)-Model.pdf
[2011/06/02 13:24:19 | 000,001,911 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Style Builder 2.lnk
[2011/06/02 13:24:19 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LayOut 3.lnk
[2011/06/02 13:24:19 | 000,001,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google SketchUp 8.lnk
[40 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[19 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Moses new\*.tmp files -> C:\Documents and Settings\Moses new\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/23 17:47:03 | 000,002,335 | ---- | C] () -- C:\Documents and Settings\Moses new\Start Menu\Programs\Windows Install Clean Up.lnk
[2011/06/23 17:27:14 | 001,713,969 | ---- | C] () -- C:\Documents and Settings\Moses new\Desktop\Logfile.PML
[2011/06/23 17:01:10 | 000,287,159 | ---- | C] () -- C:\Documents and Settings\Moses new\Desktop\Samfeder.pdf
[2011/06/22 17:59:26 | 000,001,476 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110622_175925.reg
[2011/06/22 16:16:14 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110622_161612.reg
[2011/06/22 11:39:02 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DriverFinder.lnk
[2011/06/21 20:03:37 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Moses new\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/21 19:46:39 | 000,001,068 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110621_194638.reg
[2011/06/21 19:39:20 | 000,000,390 | ---- | C] () -- C:\WINDOWS\tasks\ErrorEND.job
[2011/06/21 17:47:12 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110621_174710.reg
[2011/06/21 15:32:09 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110621_153208.reg
[2011/06/21 15:19:08 | 000,019,036 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\cc_20110621_151907.reg
[2011/06/20 17:31:55 | 000,001,809 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AutoCAD 2010 - English.lnk
[2011/06/20 16:34:49 | 3756,158,976 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/20 15:20:14 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\Moses new\Desktop\My Documents.lnk
[2011/06/19 18:32:50 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/06/19 15:53:58 | 001,876,496 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/19 15:32:25 | 000,001,645 | ---- | C] () -- C:\Documents and Settings\Moses new\Desktop\Check PC For Errors.lnk
[2011/06/19 15:32:25 | 000,001,623 | ---- | C] () -- C:\Documents and Settings\Moses new\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2011/06/19 15:22:31 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\DLL Rename.bat
[2011/06/13 16:38:35 | 000,002,455 | ---- | C] () -- C:\Documents and Settings\Moses new\Desktop\HiJackThis.lnk
[2011/06/12 18:23:27 | 002,363,365 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\New Boys School TT E.dwg
[2011/06/12 18:16:07 | 000,028,186 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\modern_brick_closeup004.jpg
[2011/06/06 10:46:38 | 000,287,159 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\DINEV I.pdf
[2011/06/06 10:45:45 | 000,016,332 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\DINEV I PARKING-Model.pdf
[2011/06/03 12:57:04 | 000,097,839 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H3.pdf
[2011/06/03 09:41:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Moses new\Local Settings\Application Data\prvlcl.dat
[2011/06/02 19:40:40 | 000,006,505 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H999(6)-Model.pdf
[2011/06/02 19:40:23 | 000,008,852 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H999(5)-Model.pdf
[2011/06/02 19:40:04 | 000,007,360 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H999(4)-Model.pdf
[2011/06/02 18:18:58 | 000,006,286 | ---- | C] () -- C:\Documents and Settings\Moses new\My Documents\DINEV H999(3)-Model.pdf
[2011/06/02 13:24:19 | 000,001,911 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Style Builder 2.lnk
[2011/06/02 13:24:19 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\LayOut 3.lnk
[2010/12/23 15:34:14 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2010/12/20 19:30:31 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2010/12/20 19:30:30 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\o2flash.exe
[2010/10/06 01:11:06 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Moses new\Local Settings\Application Data\housecall.guid.cache
[2010/09/01 13:47:52 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bd8890dw.dat
[2010/09/01 13:45:29 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2010/09/01 13:45:29 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2010/09/01 13:45:28 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRADM08A.DAT
[2010/09/01 13:45:25 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2010/09/01 13:35:23 | 000,031,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/07/29 13:19:17 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2010/07/29 13:19:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2010/07/29 13:19:07 | 000,345,088 | ---- | C] () -- C:\WINDOWS\System32\ShrLk21.dll
[2010/07/18 16:02:56 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Moses new\Application Data\D4A527
[2010/07/18 16:02:55 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Moses new\Application Data\mcs.rma
[2010/05/17 18:06:51 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/10 15:01:19 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2010/03/10 15:01:18 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2010/03/10 15:00:17 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2010/03/10 15:00:17 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2010/03/10 15:00:15 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2010/03/10 15:00:09 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/02/08 07:33:04 | 000,359,320 | ---- | C] () -- C:\WINDOWS\System32\vfprintpthelper.dll
[2009/09/06 14:21:04 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/15 15:15:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\DCMVWR.INI
[2009/06/03 12:16:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MelodyExe.INI
[2009/06/03 12:16:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AlbumExe.INI
[2009/06/03 12:11:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhoneBkExe.INI
[2009/06/03 12:10:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2009/06/03 12:08:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FileMgrExe.INI
[2009/03/25 01:00:42 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2009/03/25 00:29:19 | 000,002,009 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2009/03/25 00:22:16 | 000,093,130 | ---- | C] () -- C:\WINDOWS\hppins05.dat
[2009/03/25 00:22:16 | 000,000,896 | ---- | C] () -- C:\WINDOWS\hppmdl05.dat
[2009/01/15 14:39:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/11/24 11:23:44 | 000,416,704 | ---- | C] () -- C:\WINDOWS\System32\EPD.dll
[2008/11/05 14:42:45 | 000,062,400 | ---- | C] () -- C:\WINDOWS\System32\IFC.dll
[2008/11/05 14:41:56 | 000,422,848 | ---- | C] () -- C:\WINDOWS\System32\PPL.dll
[2008/09/23 15:58:58 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\atibrtmon.exe
[2008/06/16 15:31:27 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/05/28 22:25:41 | 000,013,081 | ---- | C] () -- C:\Program Files\Setup.ini
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/01/29 19:42:27 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/01/25 13:54:48 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Moses new\Application Data\WorkingFolders.xml
[2007/11/07 15:24:10 | 000,000,113 | ---- | C] () -- C:\WINDOWS\bradr.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/01 16:55:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2007/08/01 16:55:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2007/06/06 22:16:22 | 000,000,335 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2007/04/13 15:40:48 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007/03/26 13:14:49 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2007/03/20 18:32:11 | 000,090,112 | ---- | C] () -- C:\WINDOWS\rsetuppalmEn.exe
[2007/03/06 18:04:52 | 000,176,918 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/02/04 13:04:42 | 000,000,075 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2006/11/23 16:09:12 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Moses new\Local Settings\Application Data\fusioncache.dat
[2006/11/22 14:58:36 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2006/11/20 11:53:08 | 000,001,176 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2006/11/20 11:50:36 | 000,001,182 | ---- | C] () -- C:\WINDOWS\ipconfig.dat
[2006/10/04 19:16:29 | 000,000,185 | ---- | C] () -- C:\WINDOWS\TiffViewer.INI
[2006/09/11 13:40:24 | 000,175,104 | ---- | C] () -- C:\Documents and Settings\Moses new\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/08/23 18:31:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\GBROWSER.INI
[2006/08/03 14:48:26 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\InstallPrinter6.dll
[2006/08/02 17:11:30 | 000,000,025 | ---- | C] () -- C:\WINDOWS\weekcal.ini
[2006/08/02 17:11:21 | 000,000,030 | ---- | C] () -- C:\WINDOWS\shab30.ini
[2006/08/02 17:10:01 | 000,000,167 | ---- | C] () -- C:\WINDOWS\cal30.ini
[2006/08/02 17:10:01 | 000,000,112 | ---- | C] () -- C:\WINDOWS\datefmt.ini
[2006/08/02 17:06:25 | 000,000,077 | ---- | C] () -- C:\WINDOWS\hebrfont.ini
[2006/08/01 18:07:38 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Moses new\Local Settings\Application Data\FASTWiz.html
[2006/08/01 16:00:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006/07/31 18:29:48 | 000,217,149 | ---- | C] () -- C:\WINDOWS\System32\SC4Dec.dll
[2006/07/31 18:29:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\GtoPCM.dll
[2006/07/28 14:39:32 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\CFLResNT.dll
[2006/07/21 15:50:43 | 000,000,090 | ---- | C] () -- C:\WINDOWS\msmail.ini
[2006/07/20 17:10:31 | 000,359,744 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2006/07/12 23:04:59 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2006/07/12 16:38:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2006/07/12 16:38:24 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2006/07/12 12:57:58 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\ventmon.dll
[2006/07/11 15:05:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/07/11 15:05:00 | 000,005,952 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/07/10 12:57:57 | 000,053,116 | R--- | C] () -- C:\Program Files\License.rtf
[2006/07/07 11:18:43 | 000,000,108 | ---- | C] () -- C:\WINDOWS\bi_group.ini
[2006/07/07 11:05:50 | 000,257,536 | ---- | C] () -- C:\WINDOWS\System32\BiImg.dll
[2006/07/07 11:05:12 | 000,002,504 | ---- | C] () -- C:\WINDOWS\FAXCPP1.INI
[2006/07/07 11:05:08 | 000,001,753 | ---- | C] () -- C:\WINDOWS\ColorFaxLite.ini
[2006/07/05 12:26:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/06/28 18:11:32 | 000,167,936 | ---- | C] () -- C:\WINDOWS\Dit.DLL
[2006/06/28 18:11:32 | 000,000,212 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2006/06/27 17:57:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/06/27 17:52:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006/06/27 17:38:24 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2006/06/27 17:37:22 | 000,001,353 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2006/06/27 17:37:22 | 000,000,532 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2006/06/27 17:37:22 | 000,000,159 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2006/06/27 17:37:22 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2006/06/27 17:37:22 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2006/06/27 17:36:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2006/06/27 14:20:53 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/24 01:45:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/24 01:44:14 | 000,000,332 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/06/24 01:27:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/06/24 01:27:52 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2006/06/24 01:27:52 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2006/06/24 01:27:32 | 000,000,393 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/06/08 18:55:08 | 000,007,904 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2006/05/20 14:44:46 | 000,051,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2006/05/09 18:19:12 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.DLL
[2005/11/10 09:38:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/11/02 10:54:48 | 002,945,024 | R--- | C] () -- C:\WINDOWS\System32\BGP851c.dll
[2005/10/05 10:55:48 | 000,000,526 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.DAT
[2005/09/06 12:04:16 | 002,232,320 | ---- | C] () -- C:\WINDOWS\System32\I2E_CINT.dll
[2005/03/21 19:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 19:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/01/07 07:55:50 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\I2E_CIIO.dll
[2004/08/11 18:24:19 | 000,000,892 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 18:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/11 18:12:14 | 000,027,568 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 18:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 18:06:43 | 001,510,048 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 18:00:28 | 000,567,256 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 18:00:28 | 000,109,772 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 18:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/04/09 12:47:03 | 000,031,232 | ---- | C] () -- C:\WINDOWS\UNCAL95.EXE
[2004/04/09 12:46:51 | 000,000,486 | ---- | C] () -- C:\WINDOWS\CALSYM.INI
[2002/03/13 15:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll
[2002/03/04 10:16:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\JPEG32.DLL
[2001/07/06 17:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2000/07/16 15:20:30 | 000,185,856 | ---- | C] () -- C:\WINDOWS\System32\Bmp2Jpeg.dll
[1999/01/04 13:25:00 | 000,375,296 | ---- | C] () -- C:\WINDOWS\System32\tx32.dll
[1998/11/04 02:20:00 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\Ic32.ini

========== Files - Unicode (All) ==========
[2011/03/11 12:57:01 | 000,027,648 | ---- | M] ()(C:\Documents and Settings\Moses new\My Documents\????? ????.doc) -- C:\Documents and Settings\Moses new\My Documents\מגילת אסתר.doc
[2011/03/11 12:46:41 | 000,027,648 | ---- | C] ()(C:\Documents and Settings\Moses new\My Documents\????? ????.doc) -- C:\Documents and Settings\Moses new\My Documents\מגילת אסתר.doc
[2011/01/12 11:19:56 | 000,020,480 | ---- | M] ()(C:\Documents and Settings\Moses new\My Documents\????? ????.doc) -- C:\Documents and Settings\Moses new\My Documents\לעילו נשמת.doc
[2011/01/02 19:15:24 | 000,040,448 | ---- | M] ()(C:\Documents and Settings\Moses new\Desktop\???? ??? ????? ?????.doc) -- C:\Documents and Settings\Moses new\Desktop\מרים רזב ביקור חולים.doc
[2011/01/01 21:06:11 | 000,040,448 | ---- | C] ()(C:\Documents and Settings\Moses new\Desktop\???? ??? ????? ?????.doc) -- C:\Documents and Settings\Moses new\Desktop\מרים רזב ביקור חולים.doc
[2010/11/17 12:18:33 | 000,020,480 | ---- | C] ()(C:\Documents and Settings\Moses new\My Documents\????? ????.doc) -- C:\Documents and Settings\Moses new\My Documents\לעילו נשמת.doc
[2010/11/17 12:18:33 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Moses new\My Documents\~$??? ????.doc) -- C:\Documents and Settings\Moses new\My Documents\~$ילו נשמת.doc
[2010/11/17 12:18:33 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Moses new\My Documents\~$??? ????.doc) -- C:\Documents and Settings\Moses new\My Documents\~$ילו נשמת.doc
[2010/05/02 14:00:11 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Moses new\Desktop\Copy of Copy of ~$??? ?? ?????.doc) -- C:\Documents and Settings\Moses new\Desktop\Copy of Copy of ~$רות על חנוכה.doc
[2010/05/02 13:59:31 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Moses new\Desktop\Copy of ~$??? ?? ?????.doc) -- C:\Documents and Settings\Moses new\Desktop\Copy of ~$רות על חנוכה.doc
[2010/05/02 13:45:18 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Moses new\Desktop\Copy of Copy of ~$??? ?? ?????.doc) -- C:\Documents and Settings\Moses new\Desktop\Copy of Copy of ~$רות על חנוכה.doc
[2010/05/02 13:45:18 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Moses new\Desktop\Copy of ~$??? ?? ?????.doc) -- C:\Documents and Settings\Moses new\Desktop\Copy of ~$רות על חנוכה.doc
[2010/03/12 15:24:29 | 000,096,256 | ---- | M] ()(C:\Documents and Settings\Moses new\Desktop\??? ??????.doc) -- C:\Documents and Settings\Moses new\Desktop\אשר קארפען.doc
[2010/03/12 15:22:12 | 000,096,256 | ---- | C] ()(C:\Documents and Settings\Moses new\Desktop\??? ??????.doc) -- C:\Documents and Settings\Moses new\Desktop\אשר קארפען.doc
[2008/01/01 12:24:39 | 000,027,648 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\????? 2.doc) -- C:\Documents and Settings\All Users\Documents\פרנסה 2.doc
[2006/08/09 13:20:43 | 000,023,552 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\Copy of ?' ???, ??????? ???? ???.doc) -- C:\Documents and Settings\All Users\Documents\Copy of ר' איד, וואוהין פארט איר.doc
[2006/08/02 00:25:06 | 000,128,512 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\????.doc) -- C:\Documents and Settings\All Users\Documents\מחאה.doc
[2006/08/01 15:15:36 | 000,153,600 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\??? ??????????? ???????.doc) -- C:\Documents and Settings\All Users\Documents\דער מיסיאנערישע געראנגל.doc
[2006/08/01 15:15:36 | 000,152,064 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\????? - ??? ???? ??????.doc) -- C:\Documents and Settings\All Users\Documents\מגבית - מלך אסיר ברהטים.doc
[2006/08/01 15:15:36 | 000,029,696 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\????.doc) -- C:\Documents and Settings\All Users\Documents\צדקה.doc
[2006/08/01 15:15:36 | 000,025,088 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\?????? ????? ??? ???? - ????.doc) -- C:\Documents and Settings\All Users\Documents\באצאלט אייער חוב לזמן - קופה.doc
[2006/08/01 15:15:36 | 000,019,968 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\?????? - ????? ??? ???? ??????.doc) -- C:\Documents and Settings\All Users\Documents\סימבאל - מגבית מלך אסיר ברהטים.doc
[2006/08/01 15:15:23 | 000,086,528 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\????? ??? ??? - ?? ?? ??????.doc) -- C:\Documents and Settings\All Users\Documents\פאפיר פין חתן - צו די עסקנים.doc
[2006/08/01 15:15:23 | 000,077,312 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\????? ?????? ????? - ???????.doc) -- C:\Documents and Settings\All Users\Documents\מגבית מאפילה לאורה - קאמפיין.doc
[2006/08/01 15:15:23 | 000,037,376 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\????? ?????????? - ???? ??? ????.doc) -- C:\Documents and Settings\All Users\Documents\חינוך פארשטעלונג - מדבר שקר תרחק.doc
[2006/08/01 15:15:23 | 000,027,648 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\?????? - ??? ???? - ????? ??????? ?????.doc) -- C:\Documents and Settings\All Users\Documents\סימבאל - מלך אסיר - ערשטע קאמפיין פאפיר.doc
[2006/08/01 15:15:23 | 000,023,552 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\?' ???, ??????? ???? ???.doc) -- C:\Documents and Settings\All Users\Documents\ר' איד, וואוהין פארט איר.doc
[2006/08/01 15:15:23 | 000,023,040 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\???? ?????? ????? - ??? ???.doc) -- C:\Documents and Settings\All Users\Documents\קלמן אליעזר סאפדי - מזל טוב.doc
[2006/08/01 15:15:23 | 000,019,968 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\?????? ??? ???? ??????.doc) -- C:\Documents and Settings\All Users\Documents\דיזיין מלך אסיר ברהטים.doc
[2006/08/01 15:15:23 | 000,019,968 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\?????? - ???????????? ?????? - ??? ????.doc) -- C:\Documents and Settings\All Users\Documents\ראטשעס - צייטווייליגע סימבאל - מלך אסיר.doc
[2006/08/01 10:16:08 | 000,128,512 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\????.doc) -- C:\Documents and Settings\All Users\Documents\מחאה.doc
[2006/07/28 01:52:20 | 000,025,088 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\?????? ????? ??? ???? - ????.doc) -- C:\Documents and Settings\All Users\Documents\באצאלט אייער חוב לזמן - קופה.doc
[2006/07/28 01:51:30 | 000,019,968 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\?????? - ???????????? ?????? - ??? ????.doc) -- C:\Documents and Settings\All Users\Documents\ראטשעס - צייטווייליגע סימבאל - מלך אסיר.doc
[2006/07/28 01:50:16 | 000,019,968 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\?????? - ????? ??? ???? ??????.doc) -- C:\Documents and Settings\All Users\Documents\סימבאל - מגבית מלך אסיר ברהטים.doc
[2006/07/28 01:28:28 | 000,153,600 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\??? ??????????? ???????.doc) -- C:\Documents and Settings\All Users\Documents\דער מיסיאנערישע געראנגל.doc
[2006/07/26 13:31:04 | 000,023,552 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\Copy of ?' ???, ??????? ???? ???.doc) -- C:\Documents and Settings\All Users\Documents\Copy of ר' איד, וואוהין פארט איר.doc
[2006/07/26 13:31:04 | 000,023,552 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\?' ???, ??????? ???? ???.doc) -- C:\Documents and Settings\All Users\Documents\ר' איד, וואוהין פארט איר.doc
[2006/07/25 00:08:22 | 000,019,968 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\?????? ??? ???? ??????.doc) -- C:\Documents and Settings\All Users\Documents\דיזיין מלך אסיר ברהטים.doc
[2006/07/24 01:50:50 | 000,086,528 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\????? ??? ??? - ?? ?? ??????.doc) -- C:\Documents and Settings\All Users\Documents\פאפיר פין חתן - צו די עסקנים.doc
[2006/07/24 01:49:20 | 000,023,040 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\???? ?????? ????? - ??? ???.doc) -- C:\Documents and Settings\All Users\Documents\קלמן אליעזר סאפדי - מזל טוב.doc
[2006/07/22 02:16:06 | 000,077,312 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\????? ?????? ????? - ???????.doc) -- C:\Documents and Settings\All Users\Documents\מגבית מאפילה לאורה - קאמפיין.doc
[2006/07/21 02:12:00 | 000,027,648 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\?????? - ??? ???? - ????? ??????? ?????.doc) -- C:\Documents and Settings\All Users\Documents\סימבאל - מלך אסיר - ערשטע קאמפיין פאפיר.doc
[2006/07/21 01:11:14 | 000,152,064 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\????? - ??? ???? ??????.doc) -- C:\Documents and Settings\All Users\Documents\מגבית - מלך אסיר ברהטים.doc
[2006/07/17 23:13:04 | 000,037,376 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\????? ?????????? - ???? ??? ????.doc) -- C:\Documents and Settings\All Users\Documents\חינוך פארשטעלונג - מדבר שקר תרחק.doc
[2006/07/14 22:52:08 | 000,029,696 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\????.doc) -- C:\Documents and Settings\All Users\Documents\צדקה.doc
[2006/06/19 20:39:30 | 000,084,992 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\??? ??????????? ?????.doc) -- C:\Documents and Settings\All Users\Documents\דער ריזיקאלישער מיסיע.doc
[2006/06/13 23:34:39 | 000,119,296 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\??? ?????????? ?????.doc) -- C:\Documents and Settings\All Users\Documents\דער ריזיקאלישע געיעג.doc
[2006/04/24 17:02:33 | 000,046,080 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\?? ??????? ????? ????.doc) -- C:\Documents and Settings\All Users\Documents\די צווייטע וועלט קריג.doc
[2006/04/24 17:02:33 | 000,046,080 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\?? ??????? ????? ????.doc) -- C:\Documents and Settings\All Users\Documents\די צווייטע וועלט קריג.doc
[2006/01/31 22:52:47 | 000,327,168 | ---- | M] ()(C:\Documents and Settings\All Users\Documents\?????.doc) -- C:\Documents and Settings\All Users\Documents\פרנסה.doc
[2005/10/31 20:36:12 | 000,084,992 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\??? ??????????? ?????.doc) -- C:\Documents and Settings\All Users\Documents\דער ריזיקאלישער מיסיע.doc
[2005/08/18 01:11:43 | 000,027,648 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\????? 2.doc) -- C:\Documents and Settings\All Users\Documents\פרנסה 2.doc
[2005/08/16 01:11:03 | 000,119,296 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\??? ?????????? ?????.doc) -- C:\Documents and Settings\All Users\Documents\דער ריזיקאלישע געיעג.doc
[2005/08/09 17:51:40 | 000,327,168 | ---- | C] ()(C:\Documents and Settings\All Users\Documents\?????.doc) -- C:\Documents and Settings\All Users\Documents\פרנסה.doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 186 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:40F038C5
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

#11 moses5314

moses5314
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:03 PM

Posted 05 July 2011 - 01:15 PM

Hi when i want to open this key I'm getting a bluescreen
or when avg anti virus program want to check it out its becoming a Bluescreen when its getting to this key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events

#12 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 05 July 2011 - 02:29 PM

Hi!

Did you open these ports?

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3390:TCP" = 3390:TCP:*:Enabled:remote desk
"135:TCP" = 135:TCP:*:Enabled:remote assistance
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

--------

I see you have these programs installed:

  • RegClean Pro
  • Uniblue DriverScanner 2009
  • Uniblue RegistryBooster 2009
  • Uniblue SpeedUpMyPC 2009

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:

Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.

Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.

Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.

The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

I suggest you remove these programs from your computer:

  • RegClean Pro
  • Uniblue DriverScanner 2009
  • Uniblue RegistryBooster 2009
  • Uniblue SpeedUpMyPC 2009

You can remove them via Start > Control Panel > Add/Remove Programs.


NEXT:



Back-Up Registry
First, we need to backup your registry:
Please go to Start > Run
Paste in the following line:

regedit /e c:\registrybackup.reg

Click OK.
It won't appear to be doing anything, that's normal.
Your mouse pointer may turn to an hour glass for a minute.
Please continue when it no longer has the hour glass.


NEXT:



OTL Fix

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
    :Processes
    KILLALLPROCESSES
    :OTL
    [2007/12/10 13:02:25 | 000,000,000 | ---D | M] (Java Console) -- C:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
    [2009/09/01 12:15:32 | 000,000,000 | ---D | M] (Java Console) -- C:\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
    O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: google.com ([www] http in Trusted sites)
    O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: hotmail.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: live.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: localhost ([]http in Local intranet)
    O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: msn.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-21-2347827306-315855231-310137897-1008\..Trusted Domains: passport.com ([]* in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
    O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
    O33 - MountPoints2\{26b8a1f4-1792-11dd-8503-0013721e880e}\Shell - "" = AutoRun
    O33 - MountPoints2\{26b8a1f4-1792-11dd-8503-0013721e880e}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{26b8a1f4-1792-11dd-8503-0013721e880e}\Shell\AutoRun\command - "" = D:\LaunchU3.exe
    O33 - MountPoints2\{96d5ec3f-d3c1-11db-8489-0013721e880e}\Shell\AutoRun\command - "" = F:\pstart.exe
    O33 - MountPoints2\{c779f558-7a69-11db-845d-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{c779f558-7a69-11db-845d-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{c779f558-7a69-11db-845d-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe
    [40 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
    [2 C:\*.tmp files -> C:\*.tmp -> ]
    [19 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\Documents and Settings\Moses new\*.tmp files -> C:\Documents and Settings\Moses new\*.tmp -> ]
    [2011/06/22 14:51:39 | 000,000,322 | -HS- | M] () -- C:\WINDOWS\tasks\Jtojvmr.job
    [40 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
    [2 C:\*.tmp files -> C:\*.tmp -> ]
    [19 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\Documents and Settings\Moses new\*.tmp files -> C:\Documents and Settings\Moses new\*.tmp -> ]
    [2010/07/18 16:02:56 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Moses new\Application Data\D4A527
    [2010/07/18 16:02:55 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Moses new\Application Data\mcs.rma
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Grisoft\AVG7\avginet.exe"=-
    "C:\Program Files\Grisoft\AVG7\avgcc.exe"=-
    "C:\Program Files\Grisoft\AVG7\avgamsvr.exe"=-
    :Files
    type "C:\Documents and Settings\Moses new\My Documents\DLL Rename.bat" /c
    C:\Program Files\Grisoft\
    ipconfig /flushdns /c
    :Commands
    [purity]
    [resethosts]
    [CreateRestorePoint]
    [emptytemp]
    [EMPTYFLASH]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



Remove Program
We need to remove a program. To do this please do the following:
  • Click Start
  • Go to Control Panel
  • Go to Add/Remove Programs
  • Find and click Remove for the following (if present):
  • Google Toolbar for Internet Explorer <== If you don't use it, then I suggest you remove it.
  • Windows Live Toolbar Extension (Windows Live Toolbar) <== If you don't use it, then I suggest you remove it.
  • Browser Address Error Redirector <== If you don't use it, then I suggest you remove it.
  • Windows Live Toolbar <== If you don't use it, then I suggest you remove it.
  • Yahoo! Toolbar <== If you don't use it, then I suggest you remove it.
  • Ad-Aware <== If you don't use it, then I suggest you remove it.
  • Ad-Aware SE Personal <== If you don't use it, then I suggest you remove it.
  • Spybot - Search & Destroy <== If you don't use it, then I suggest you remove it.
  • Spyware Doctor 7.0 <== If you don't use it, then I suggest you remove it.
  • J2SE Runtime Environment 5.0 Update 6
  • J2SE Runtime Environment 5.0 Update 9
  • J2SE Runtime Environment 5.0 Update 10
  • Java™ SE Runtime Environment 6 Update 1
  • Java™ 6 Update 3
  • Java 2 Runtime Environment, SE v1.4.2_03
  • HiJackThis
  • Panda ActiveScan 2.0


NEXT:



Malwarebytes' Anti-Malware

I see that you have Malwarebytes' Anti-Malware installed on your computer could you please do a scan using these settings:

  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform quick scan, then click on Scan
  • Leave the default options as it is and click on Start Scan
  • When done, you will be prompted. Click OK, then click on Show Results
  • Checked (ticked) all items and click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT:



What issues are you currently experiencing with your computer?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#13 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 09 July 2011 - 12:42 PM

Still with me?

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#14 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 11 July 2011 - 02:27 PM

Due to lack of feedback this thread will now be closed. If you still require assistance, and would like to have your thread re-opened, please feel free to send me a Private Message (PM) being sure to include a link to your topic, and I'd be happy to re-open it.


Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#15 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:03:03 PM

Posted 12 July 2011 - 09:23 AM

This topic has been re-opened at the request of the person who originally posted.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users