[code] OTScanIt2 logfile created on: 10/25/2008 3:10:54 PM - Run 2 OTScanIt2 by OldTimer - Version 1.0.0.22b Folder = C:\Documents and Settings\Compaq_Owner\Desktop\unused desktop\OTScanIt2 Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 383.48 Mb Total Physical Memory | 165.77 Mb Available Physical Memory | 43.23% Memory free 1.09 Gb Paging File | 0.64 Gb Available in Paging File | 58.99% Paging File free Paging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 143.78 Gb Total Space | 109.19 Gb Free Space | 75.94% Space Free | Partition Type: NTFS Drive D: | 5.26 Gb Total Space | 0.90 Gb Free Space | 17.13% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: HOLBROOK Current User Name: Compaq_Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days [Processes - Safe List] ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) hpsysdrv.exe -> %SystemRoot%\system\hpsysdrv.exe -> [1998/05/07 19:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) hpztsb07.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\hpztsb07.exe -> [2002/11/22 11:49:24 | 00,188,416 | ---- | M] (HP) hphmon04.exe -> %SystemRoot%\system32\hphmon04.exe -> [2002/11/22 11:48:32 | 00,348,160 | ---- | M] (Hewlett-Packard) kbd.exe -> %SystemDrive%\hp\KBD\kbd.exe -> [2005/02/02 17:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> [2007/07/20 15:21:34 | 00,557,056 | ---- | M] (Lavasoft AB) googletoolbarnotifier.exe -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2007/07/10 20:28:42 | 00,068,856 | ---- | M] (Google Inc.) aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> [2007/08/31 11:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) syncservices.exe -> %ProgramFiles%\Maxtor\Sync\SyncServices.exe -> [2007/07/13 16:02:32 | 00,156,976 | ---- | M] (Seagate Technology LLC) mdm.exe -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/20 09:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) sqlservr.exe -> %ProgramFiles%\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -> [2005/10/14 06:51:45 | 28,768,528 | ---- | M] (Microsoft Corporation) hpzipm12.exe -> %SystemRoot%\system32\HPZipm12.exe -> [2006/03/02 21:49:14 | 00,069,632 | ---- | M] (HP) wmpnetwk.exe -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) wuauclt.exe -> %SystemRoot%\system32\wuauclt.exe -> [2008/07/18 22:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) lucomserver_3_4.exe -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_4.EXE -> [2007/08/23 16:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) iexplore.exe -> %ProgramFiles%\Internet Explorer\IEXPLORE.EXE -> [2004/08/04 08:00:00 | 00,093,184 | ---- | M] (Microsoft Corporation) scanningprocess.exe -> %UserProfile%\Local Settings\Temp\jkos-Compaq_Owner\binaries\ScanningProcess.exe -> [2008/10/25 11:56:46 | 00,139,264 | ---- | M] (Kaspersky Lab.) otscanit2.exe -> %UserProfile%\Desktop\unused desktop\OTScanIt2\OTScanIt2.exe -> [2008/10/24 21:11:24 | 00,417,792 | ---- | M] (OldTimer Tools) [Win32 Services - Safe List] (aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> [2007/07/20 15:21:34 | 00,557,056 | ---- | M] (Lavasoft AB) (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> [2006/03/04 14:31:29 | 00,072,704 | ---- | M] (Adobe Systems) (aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) (Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> [2007/08/31 11:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) (ccEvtMgr) Symantec Event Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) (ccSetMgr) Symantec Settings Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) (CLTNetCnService) Symantec Lic NetConnect service [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) (comHost) COM Host [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\VAScanner\comHost.exe -> [2007/08/22 03:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2007/02/15 05:07:34 | 00,138,168 | ---- | M] (Google) (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> [2004/10/22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) (iPodService) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2005/05/14 00:20:28 | 00,327,680 | ---- | M] (Apple Computer, Inc.) (LiveUpdate) LiveUpdate [Win32_Shared | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_4.EXE -> [2007/08/23 16:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) (LiveUpdate Notice) LiveUpdate Notice [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSVCHST.EXE -> [2008/01/31 14:15:06 | 00,149,864 | ---- | M] (Symantec Corporation) (Maxtor Sync Service) Maxtor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Maxtor\Sync\SyncServices.exe -> [2007/07/13 16:02:32 | 00,156,976 | ---- | M] (Seagate Technology LLC) (MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/20 09:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) [Win32_Own | Auto | Running] -> %ProgramFiles%\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -> [2005/10/14 06:51:45 | 28,768,528 | ---- | M] (Microsoft Corporation) (MSSQLServerADHelper) SQL Server Active Directory Helper [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Microsoft SQL Server\90\Shared\sqladhlp90.exe -> [2005/10/14 06:50:19 | 00,045,272 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) (Pml Driver HPH11) Pml Driver HPH11 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\hphipm11.exe -> [2002/11/22 11:49:22 | 00,077,824 | ---- | M] (HP) (Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Unknown | Running] -> %SystemRoot%\system32\HPZipm12.exe -> [2006/03/02 21:49:14 | 00,069,632 | ---- | M] (HP) (SQLBrowser) SQL Server Browser [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Microsoft SQL Server\90\Shared\sqlbrowser.exe -> [2005/10/14 06:51:12 | 00,239,320 | ---- | M] (Microsoft Corporation) (SQLWriter) SQL Server VSS Writer [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Microsoft SQL Server\90\Shared\sqlwriter.exe -> [2005/10/14 03:53:50 | 00,087,768 | ---- | M] (Microsoft Corporation) (Symantec Core LC) Symantec Core LC [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2008/01/23 19:31:39 | 01,251,720 | ---- | M] () (WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ALCXWDM.SYS -> [2005/04/20 11:00:56 | 02,317,696 | ---- | M] (Realtek Semiconductor Corp.) (AmdK7) AMD K7 Processor Driver [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\amdk7.sys -> [2004/08/04 15:00:00 | 00,037,376 | ---- | M] (Microsoft Corporation) (AmdK8) AMD Athlon64 Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AmdK8.sys -> [2004/05/08 20:21:44 | 00,035,840 | ---- | M] (Advanced Micro Devices) (catchme) catchme [Kernel | On_Demand | Stopped] -> %SystemRoot%\catchme.exe -> [2007/07/20 00:47:22 | 00,109,056 | ---- | M] () (CdaD10BA) CdaD10BA [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\CdaD10BA.SYS -> [2007/01/21 22:03:46 | 00,012,464 | ---- | M] (Macrovision Europe Ltd) (cmpci) C-Media PCI Audio Driver (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\cmaudio.sys -> [2002/11/18 03:51:40 | 00,377,358 | R--- | M] (C-Media Inc) (COH_Mon) COH_Mon [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\COH_Mon.sys -> [2008/07/30 17:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) (CO_Mon) CO_Mon [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\CO_Mon.sys -> [2007/08/08 19:39:56 | 00,036,056 | ---- | M] (Symantec Corporation) (Dot4 HPH11) Dot4 HPH11 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hphid411.sys -> [2002/11/22 11:49:22 | 00,050,896 | ---- | M] (HP) (Dot4Print HPH11) Print Class Driver for IEEE-1284.4 HPH11 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hphipr11.sys -> [2002/11/22 11:49:22 | 00,016,112 | ---- | M] (HP) (Dot4Usb HPH11) Dot4Usb HPH11 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\hphius11.sys -> [2002/11/22 11:49:22 | 00,018,928 | ---- | M] (HP) (eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\eeCtrl.sys -> [2008/09/02 04:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2008/09/02 04:00:00 | 00,099,376 | ---- | M] (Symantec Corporation) (fasttx2k) fasttx2k [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\Fasttx2k.sys -> [2003/12/02 21:23:20 | 00,142,336 | ---- | M] (Promise Technology, Inc.) (FINEPIX_PCC) FinePix Digital Camera 020717 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\V4CB011D.SYS -> [2002/05/07 05:44:04 | 00,081,700 | ---- | M] (FUJI PHOTO FILM CO.,LTD.) (gameenum) Game Port Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\gameenum.sys -> [2004/08/03 23:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) (GEARAspiWDM) GEAR CDRom Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> [2005/03/07 11:52:48 | 00,014,408 | ---- | M] (GEAR Software Inc.) (HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HPZid412.sys -> [2005/03/08 07:52:26 | 00,051,120 | R--- | M] (HP) (HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HPZipr12.sys -> [2005/03/08 07:52:28 | 00,016,496 | R--- | M] (HP) (HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HPZius12.sys -> [2005/03/08 07:52:28 | 00,021,744 | R--- | M] (HP) (HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWBS2.sys -> [2004/09/21 23:43:28 | 00,220,032 | ---- | M] (Conexant Systems, Inc.) (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> [2004/09/21 23:42:08 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) (ialm) ialm [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> [2004/08/21 02:26:00 | 00,737,874 | ---- | M] (Intel Corporation) (MASPINT) MASPINT [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\MASPINT.SYS -> [2000/03/29 17:11:20 | 00,008,096 | ---- | M] (MicroStaff Co.,Ltd.) (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> [2004/03/17 22:04:14 | 00,013,059 | ---- | M] (Conexant) (MXOPSWD) Maxtor OneTouch Security Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mxopswd.sys -> [2007/05/03 14:37:08 | 00,022,152 | ---- | M] (Maxtor Corp.) (NAVENG) NAVENG [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20081025.003\NAVENG.SYS -> [2008/08/20 04:00:00 | 00,089,104 | ---- | M] (Symantec Corporation) (NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20081025.003\NAVEX15.SYS -> [2008/08/20 04:00:00 | 00,873,552 | ---- | M] (Symantec Corporation) (Ps2) Ps2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\PS2.sys -> [2005/12/12 18:27:00 | 00,019,072 | ---- | M] (Hewlett-Packard Company) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/04 08:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2006/09/27 17:53:22 | 00,036,560 | ---- | M] (Sonic Solutions) (rtl8139) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\R8139n51.sys -> [2002/10/04 20:04:10 | 00,046,976 | ---- | M] (Realtek Semiconductor Corporation ) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (SiS315) SiS315 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sisgrp.sys -> [2005/04/12 11:08:44 | 00,247,296 | ---- | M] (Silicon Integrated Systems Corporation) (SISAGP) SiS AGP Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\SISAGPX.SYS -> [2003/07/18 19:58:20 | 00,036,992 | ---- | M] (Silicon Integrated Systems Corporation) (SiSkp) SiSkp [Kernel | System | Running] -> %SystemRoot%\system32\drivers\srvkp.sys -> [2005/04/12 11:42:16 | 00,011,904 | ---- | M] (Silicon Integrated Systems Corporation) (SISNIC) SiS PCI Fast Ethernet Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sisnic.sys -> [2003/07/12 01:28:56 | 00,032,768 | ---- | M] (SiS Corporation) (SPBBCDrv) SPBBCDrv [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCDrv.sys -> [2007/08/17 17:23:28 | 00,446,512 | ---- | M] (Symantec Corporation) (SRTSP) SRTSP [File_System | System | Running] -> %SystemRoot%\system32\drivers\srtsp.sys -> [2007/12/01 00:57:12 | 00,279,088 | ---- | M] (Symantec Corporation) (SRTSPL) SRTSPL [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\srtspl.sys -> [2007/12/01 00:57:12 | 00,317,616 | ---- | M] (Symantec Corporation) (SRTSPX) SRTSPX [Kernel | System | Running] -> %SystemRoot%\system32\drivers\srtspx.sys -> [2007/12/01 00:57:12 | 00,043,696 | ---- | M] (Symantec Corporation) (SWLD23U) Netopia 802.11b WLAN USB Adapter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\swld23u.sys -> [2003/12/17 17:58:08 | 00,082,888 | ---- | M] (SAMSUNG Electro-Mechanics Co.,Ltd.) (swlubtl) WLAN USB Boot Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\swlubtl.sys -> [2003/05/02 18:26:18 | 00,053,690 | ---- | M] (Samsung Electro-Mechanics ) (SYMDNS) SYMDNS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symdns.sys -> [2008/06/13 14:13:38 | 00,013,616 | ---- | M] (Symantec Corporation) (SymEvent) SymEvent [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SYMEVENT.SYS -> [2008/06/02 20:16:44 | 00,123,952 | ---- | M] (Symantec Corporation) (SYMFW) SYMFW [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symfw.sys -> [2008/06/13 14:13:38 | 00,096,432 | ---- | M] (Symantec Corporation) (SYMIDS) SYMIDS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symids.sys -> [2008/06/13 14:13:38 | 00,038,576 | ---- | M] (Symantec Corporation) (SYMIDSCO) SYMIDSCO [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\SymcData\ipsdefs\20081023.005\SymIDSCo.sys -> [2008/09/12 03:33:21 | 00,250,224 | ---- | M] (Symantec Corporation) (SymIM) Symantec Network Security Intermediate Filter Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SymIM.sys -> [2008/06/13 14:14:02 | 00,031,280 | ---- | M] (Symantec Corporation) (SymIMMP) SymIMMP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SymIM.sys -> [2008/06/13 14:14:02 | 00,031,280 | ---- | M] (Symantec Corporation) (SYMNDIS) SYMNDIS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symndis.sys -> [2008/06/13 14:13:38 | 00,037,424 | ---- | M] (Symantec Corporation) (SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\symredrv.sys -> [2008/06/13 14:13:38 | 00,022,320 | ---- | M] (Symantec Corporation) (SYMTDI) SYMTDI [Kernel | System | Running] -> %SystemRoot%\system32\drivers\symtdi.sys -> [2008/06/13 14:13:40 | 00,184,240 | ---- | M] (Symantec Corporation) (viaagp1) VIA AGP Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\VIAAGP1.SYS -> [2003/07/02 14:42:00 | 00,027,904 | ---- | M] (VIA Technologies, Inc.) (viagfx) viagfx [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\vtmini.sys -> [2004/09/23 20:52:20 | 00,173,312 | ---- | M] (Copyright (C) VIA/S3 Graphics Co, Ltd.) (winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> [2004/09/21 23:42:42 | 00,685,184 | ---- | M] (Conexant Systems, Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> about:blank -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/ie -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default_Search_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop -> HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.google.com -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://portal.wowway.net/index.php -> HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie -> HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/search?q=%s -> HKEY_CURRENT_USER\: SearchURL\\"provider" -> gogl -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < HOSTS File > (686 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> [2004/12/14 02:56:50 | 00,063,136 | ---- | M] (Adobe Systems Incorporated) {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> [2005/05/31 01:04:00 | 00,853,672 | ---- | M] (Safer Networking Limited) {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> %CommonProgramFiles%\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [Reg Error: Value does not exist or could not be read.] -> [2007/08/24 23:51:56 | 00,316,784 | ---- | M] (Symantec Corporation) {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> %CommonProgramFiles%\Symantec Shared\IDS\IPSBHO.dll [Symantec Intrusion Prevention] -> [2008/01/31 03:07:45 | 00,116,088 | ---- | M] (Symantec Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 04:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\GoogleToolbar4.dll [Google Toolbar Helper] -> [2007/01/20 00:55:32 | 02,403,392 | R--- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [Google Toolbar Notifier BHO] -> [2008/09/10 21:41:52 | 00,737,776 | ---- | M] (Google Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> [2007/01/20 00:55:32 | 02,403,392 | R--- | M] (Google Inc.) "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> %CommonProgramFiles%\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [Show Norton Toolbar] -> [2007/08/24 23:51:56 | 00,316,784 | ---- | M] (Symantec Corporation) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> [2007/01/20 00:55:32 | 02,403,392 | R--- | M] (Google Inc.) ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\GoogleToolbar4.dll [&Google] -> [2007/01/20 00:55:32 | 02,403,392 | R--- | M] (Google Inc.) WebBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> %CommonProgramFiles%\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [Show Norton Toolbar] -> [2007/08/24 23:51:56 | 00,316,784 | ---- | M] (Symantec Corporation) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "ccApp" -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE ["C:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> [2008/01/31 14:15:02 | 00,051,048 | ---- | M] (Symantec Corporation) "HPDJ Taskbar Utility" -> %SystemRoot%\system32\spool\drivers\w32x86\3\hpztsb07.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe] -> [2002/11/22 11:49:24 | 00,188,416 | ---- | M] (HP) "HPHmon04" -> %SystemRoot%\system32\hphmon04.exe [C:\WINDOWS\system32\hphmon04.exe] -> [2002/11/22 11:48:32 | 00,348,160 | ---- | M] (Hewlett-Packard) "hpsysdrv" -> %SystemRoot%\system\hpsysdrv.exe [c:\windows\system\hpsysdrv.exe] -> [1998/05/07 19:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) "IgfxTray" -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> [2004/08/21 01:55:14 | 00,155,648 | ---- | M] (Intel Corporation) "KBD" -> %SystemDrive%\hp\KBD\kbd.exe [C:\HP\KBD\KBD.EXE] -> [2005/02/02 17:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) "LSBWatcher" -> %SystemDrive%\hp\drivers\hplsbwatcher\LSBurnWatcher.exe [c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe] -> [2004/10/15 00:54:32 | 00,253,952 | ---- | M] (Hewlett-Packard Company) "osCheck" -> %ProgramFiles%\Norton Internet Security\osCheck.exe ["C:\Program Files\Norton Internet Security\osCheck.exe"] -> [2007/08/25 00:53:28 | 00,714,608 | ---- | M] (Symantec Corporation) "Recguard" -> %SystemRoot%\SMINST\Recguard.exe [C:\WINDOWS\SMINST\RECGUARD.EXE] -> [2004/04/14 23:43:46 | 00,233,472 | ---- | M] () "REGSHAVE" -> %ProgramFiles%\REGSHAVE\Regshave.exe [C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN] -> [2002/02/04 22:32:10 | 00,053,248 | ---- | M] (FUJI PHOTO FILM CO., LTD.) "SiSPower" -> %SystemRoot%\system32\SiSPower.dll [Rundll32.exe SiSPower.dll,ModeAgent] -> [2004/09/24 12:49:34 | 00,049,152 | ---- | M] (Silicon Integrated Systems Corporation) "VTTimer" -> [VTTimer.exe] -> File not found < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "swg" -> %ProgramFiles%\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2007/07/10 20:28:42 | 00,068,856 | ---- | M] (Google Inc.) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Compaq_Owner Startup Folder > -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> < Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoCDBurning" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [36] -> File not found \\"NoDriveAutoRun" -> [FF FF FF FF [binary data]] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> %SystemDrive%\PROGRA~1\MI1933~1\Office10\EXCEL.EXE [res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2004/10/13 12:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2004/10/13 12:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Sun Java Console] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 12:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3261 domain(s) found. -> 119 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 78 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} [HKLM] -> http://www.worldwinner.com/games/v47/scrabblecubes/scrabblecubes.cab[ScrabbleCubes Control] -> {04063354-A10E-4427-A1EC-F3CC81587BC6} [HKLM] -> http://www.worldwinner.com/games/v41/mines/mines.cab[Mines Control] -> {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [HKLM] -> http://go.microsoft.com/fwlink/?linkid=58813[Office Genuine Advantage Validation Tool] -> {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab[Shockwave ActiveX Control] -> {18C3FD15-74F6-4280-9C98-3590C966B7B8} [HKLM] -> http://www.worldwinner.com/games/v47/skillgam/skillgam.cab[SkillGam Control] -> {1A1F56AA-3401-46F9-B277-D57F3421F821} [HKLM] -> http://gsn.worldwinner.com/games/v46/shared/FunGamesLoader.cab[FunGamesLoader Object] -> {1D082E71-DF20-4AAF-863B-596428C49874} [HKLM] -> http://www.worldwinner.com/games/v50/tpir/tpir.cab[TPIR Control] -> {2C153C75-8476-434B-B3C3-57B63A3D1939} [HKLM] -> http://www.worldwinner.com/games/v48/brickout/brickout.cab[Brickout Control] -> {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} [HKLM] -> http://www.worldwinner.com/games/v50/pool/pool.cab[Pool Control] -> {41D1977F-4161-4720-800F-EA4903983A38} [HKLM] -> http://www.worldwinner.com/games/v43/jigsaw/jigsaw.cab[Jigsaw Genius Control] -> {42FDC231-A411-45F8-B8B6-3B5026111DA8} [HKLM] -> http://www.worldwinner.com/games/v47/solitairerush/solitairerush.cab[SolitaireRush Control] -> {474F00F5-3853-492C-AC3A-476512BBC336} [HKLM] -> http://picasaweb.google.com/s/v/30.62/uploader2.cab[UploadListView Class] -> {48DD0448-9209-4F81-9F6D-D83562940134} [HKLM] -> http://lads.myspace.com/upload/MySpaceUploader1006.cab[MySpace Uploader Control] -> {49232000-16E4-426C-A231-62846947304B} [HKLM] -> http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab[SysData Class] -> {4C39376E-FA9D-4349-BACC-D305C1750EF3} [HKLM] -> http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab[EPUImageControl Class] -> {555F1BBC-6EC2-474F-84AF-633EF097FF54} [HKLM] -> http://www.worldwinner.com/games/v52/wwhearts/wwhearts.cab[WWHearts Control] -> {58FC4C77-71C2-4972-A8CD-78691AD85158} [HKLM] -> http://www.worldwinner.com/games/v63/bjattack/bja.cab[BJA Control] -> {615F158E-D5CA-422F-A8E7-F6A5EED7063B} [HKLM] -> http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab[Bejeweled Control] -> {61900274-3323-4446-BDCD-91548D32AF1B} [HKLM] -> http://www.worldwinner.com/games/v56/spidersolitaire/spidersolitaire.cab[SpiderSolitaire Control] -> {62969CF2-0F7A-433B-A221-FD8818C06C2F} [HKLM] -> http://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab[Blockwerx Control] -> {639658F3-B141-4D6B-B936-226F75A5EAC3} [HKLM] -> http://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab[CPlayFirstDinerDash2Control Object] -> {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} [HKLM] -> http://www.worldwinner.com/games/v41/freecell/freecell.cab[FreeCell Control] -> {74EF5274-F439-2168-B543-14745B625C72} [HKLM] -> http://www.shockwave.com/content/weddingdash2/sis/WeddingDash2Web.1.0.0.11.cab[CPlayFirstWeddingDasControl Object] -> {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} [HKLM] -> http://www.worldwinner.com/games/shared/wwlaunch.cab[Wwlaunch Control] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {94299420-321F-4FF9-A247-62A23EBB640B} [HKLM] -> http://www.worldwinner.com/games/v46/wordmojo/wordmojo.cab[WordMojo Control] -> {97438FE9-D361-4279-BA82-98CC0877A717} [HKLM] -> http://www.worldwinner.com/games/v57/cubis/cubis.cab[Cubis Control] -> {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} [HKLM] -> http://www.worldwinner.com/games/v46/sol/sol.cab[Sol Control] -> {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} [HKLM] -> http://www.worldwinner.com/games/v57/wof/wof.cab[WoF Control] -> {A91FB93D-7561-4524-8484-5C27C8FA8D42} [HKLM] -> http://www.worldwinner.com/games/v49/luxor/luxor.cab[WwLuxor Control] -> {AC2881FD-5760-46DB-83AE-20A5C6432A7E} [HKLM] -> http://www.worldwinner.com/games/v67/swapit/swapit.cab[SwapIt Control] -> {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} [HKLM] -> http://www.worldwinner.com/games/v41/hangman/hangman.cab[Hangman Control] -> {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} [HKLM] -> http://www.shockwave.com/content/burgershop/sis/GoBitGamesPlayer_v4.cab[GoBit Games Player] -> {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} [HKLM] -> http://www.worldwinner.com/games/v42/tilecity/tilecity.cab[Tilecity Control] -> {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} [HKLM] -> http://www.shockwave.com/content/dinerdashfloonthego/sis/ddfotg.1.0.0.33.cab[CPlayFirstddfotgControl Object] -> {BB637307-92FA-47EC-B3F7-6969078673CC} [HKLM] -> http://www.worldwinner.com/games/v45/royal/royal.cab[Royal Control] -> {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} [HKLM] -> http://support.f-secure.com/ols/fscax.cab[F-Secure Online Scanner 3.3] -> {C5326A4D-E9AA-40AD-A09A-E74304D86B47} [HKLM] -> http://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab[DinerDash Control] -> {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} [HKLM] -> http://office.microsoft.com/officeupdate/content/opuc4.cab[Office Update Installation Engine] -> {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} [HKLM] -> http://www.worldwinner.com/games/v43/paint/paint.cab[Paint Control] -> {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[Java Plug-in 1.6.0_03] -> {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab[Java Plug-in 1.6.0_05] -> {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab[Java Plug-in 1.6.0_06] -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] -> {CF969D51-F764-4FBF-9E90-475248601C8A} [HKLM] -> http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab[FamilyFeud Control] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[Shockwave Flash Object] -> {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} [HKLM] -> http://www.shockwave.com/content/cinematycoon/sis/cinematycoon.cab[TikGames Online Control] -> {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} [HKLM] -> http://www.worldwinner.com/games/v44/golfsol/golfsol.cab[GolfSol Control] -> {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} [HKLM] -> http://www.worldwinner.com/games/v53/wwspades/wwspades.cab[WWSpades Control] -> {EA6246B4-F380-443F-8727-9AEA3371146C} [HKLM] -> http://www.shockwave.com/content/weddingdash/sis/WeddingDash.1.0.0.47.cab[CPlayFirstWeddingDashControl Object] -> {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} [HKLM] -> http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab[H2hPool Control] -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {4D5ADAE2-6E1B-48A4-A7EA-AC9B9866F179} -> (Netopia 802.11b WLAN USB Adapter) -> {DC8B7D44-9196-455D-9FDF-373AEDF66ABC} -> (1394 Net Adapter) -> {FAB776C1-D5B9-4DC4-AC75-DDB6546A040F} -> () -> {FBE046B1-625C-4190-A567-756A0C3EA34A} -> (SiS 900-Based PCI Fast Ethernet Adapter) -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> igfxcui -> %SystemRoot%\system32\igfxsrvc.dll -> [2004/08/21 01:50:54 | 00,344,064 | ---- | M] (Intel Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2004/08/04 08:00:00 | 00,049,536 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2004/10/20 09:13:12 | 00,000,000 | ---- | M] () D:\AUTOEXEC.BAT [] -> D:\AUTOEXEC.BAT [ FAT32 ] -> [2001/07/28 06:07:38 | 00,000,000 | -HS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \J HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell \J\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\AutoRun \J\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\Shell\AutoRun\command \J\Shell\AutoRun\command\\"" -> J:\LaunchU3.exe [J:\LaunchU3.exe -a] -> File not found \{60d2a586-b36b-11dc-af04-0011d820d78a} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d2a586-b36b-11dc-af04-0011d820d78a}\Shell \{60d2a586-b36b-11dc-af04-0011d820d78a}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d2a586-b36b-11dc-af04-0011d820d78a}\Shell\AutoRun \{60d2a586-b36b-11dc-af04-0011d820d78a}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60d2a586-b36b-11dc-af04-0011d820d78a}\Shell\AutoRun\command \{60d2a586-b36b-11dc-af04-0011d820d78a}\Shell\AutoRun\command\\"" -> K:\LaunchU3.exe [K:\LaunchU3.exe -a] -> File not found \{7ba43368-8a5a-11dd-af52-0011d820d78a} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ba43368-8a5a-11dd-af52-0011d820d78a}\Shell \{7ba43368-8a5a-11dd-af52-0011d820d78a}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ba43368-8a5a-11dd-af52-0011d820d78a}\Shell\AutoRun \{7ba43368-8a5a-11dd-af52-0011d820d78a}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ba43368-8a5a-11dd-af52-0011d820d78a}\Shell\AutoRun\command \{7ba43368-8a5a-11dd-af52-0011d820d78a}\Shell\AutoRun\command\\"" -> J:\LaunchU3.exe [J:\LaunchU3.exe -a] -> File not found [Files/Folders - Created Within 30 Days] fsaua.data -> %SystemDrive%\fsaua.data -> [2008/10/25 11:35:11 | 00,000,000 | ---D | C] _OTScanIt -> %SystemDrive%\_OTScanIt -> [2008/10/25 11:25:34 | 00,000,000 | ---D | C] Avenger -> %SystemDrive%\Avenger -> [2008/10/25 11:19:50 | 00,000,000 | ---D | C] avenger.zip -> %UserProfile%\Desktop\avenger.zip -> [2008/10/25 11:16:03 | 00,724,952 | ---- | C] () hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/10/24 10:55:02 | 40,218,2144 | -HS- | C] () Trend Micro -> %ProgramFiles%\Trend Micro -> [2008/10/22 13:02:18 | 00,000,000 | ---D | C] ERUNT -> %SystemRoot%\ERUNT -> [2008/10/21 14:16:44 | 00,000,000 | ---D | C] SDFix -> %SystemDrive%\SDFix -> [2008/10/21 14:12:31 | 00,000,000 | ---D | C] Malwarebytes -> %AppData%\Malwarebytes -> [2008/10/21 12:49:41 | 00,000,000 | ---D | C] mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/10/21 12:49:19 | 00,015,504 | ---- | C] (Malwarebytes Corporation) mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/10/21 12:49:14 | 00,038,496 | ---- | C] (Malwarebytes Corporation) Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2008/10/21 12:49:12 | 00,000,000 | ---D | C] Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2008/10/21 12:49:11 | 00,000,000 | ---D | C] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [2008/10/21 09:49:15 | 00,000,000 | ---D | C] Brickfish -> %UserProfile%\Desktop\Brickfish -> [2008/10/03 11:55:19 | 00,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help -> [2005/10/04 20:28:08 | 00,000,000 | ---D | M] hhcolreg.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [2005/10/04 20:28:08 | 00,001,310 | ---- | M] () C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA -> [2006/03/03 11:43:11 | 00,000,000 | ---D | M] data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\data.dat -> [2005/04/18 10:45:50 | 00,001,538 | ---- | M] () opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2005/09/26 13:08:32 | 00,011,194 | ---- | M] () C:\Documents and Settings\All Users\Application Data\Microsoft\VisualStudio\8.0\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\VisualStudio\8.0 -> [2006/09/27 13:01:52 | 00,000,000 | ---D | M] vs000223.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\VisualStudio\8.0\vs000223.dat -> [2006/09/27 13:00:33 | 00,677,178 | -H-- | M] () C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works -> [2005/10/01 08:32:50 | 00,000,000 | ---D | M] wkcalcat.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wkcalcat.dat -> [2005/04/16 22:59:18 | 00,016,384 | ---- | M] () wklntsk1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Works\wklntsk1.dat -> [2005/04/16 22:59:40 | 00,162,451 | ---- | M] () C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries -> [2008/10/25 11:56:52 | 00,000,000 | ---D | M] ScanningProcess.exe -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\ScanningProcess.exe -> [2008/10/25 11:56:46 | 00,139,264 | ---- | M] (Kaspersky Lab.) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus -> [2008/10/25 11:41:25 | 00,000,000 | ---D | M] fsgk32.exe -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk32.exe -> [2008/10/25 11:40:21 | 00,413,696 | ---- | M] (F-Secure Corp.) fssm32.exe -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fssm32.exe -> [2008/10/25 11:40:21 | 00,494,592 | ---- | M] (F-Secure Corp.) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta -> [2008/10/25 11:40:21 | 00,000,000 | ---D | M] fsgk32.exe -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgk32.exe -> [2008/10/25 11:40:21 | 00,413,696 | ---- | M] (F-Secure Corp.) fssm32.exe -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fssm32.exe -> [2008/10/25 11:40:21 | 00,494,592 | ---- | M] (F-Secure Corp.) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries -> [2008/10/25 11:56:52 | 00,000,000 | ---D | M] FSSync.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\FSSync.dll -> [2008/10/25 11:56:46 | 00,038,400 | ---- | M] (Kaspersky Lab) ikave.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\ikave.dll -> [2008/10/25 11:56:46 | 00,065,536 | ---- | M] () kave.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\kave.dll -> [2008/10/25 11:56:46 | 00,282,624 | ---- | M] (Kaspersky Lab.) kosglue-7.0.25.0.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\kosglue-7.0.25.0.dll -> [2008/10/25 11:56:46 | 00,729,152 | ---- | M] (Kaspersky Lab) msvcm80.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\msvcm80.dll -> [2008/10/25 11:56:46 | 00,479,232 | ---- | M] (Microsoft Corporation) msvcp80.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\msvcp80.dll -> [2008/10/25 11:56:46 | 00,548,864 | ---- | M] (Microsoft Corporation) msvcr80.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\msvcr80.dll -> [2008/10/25 11:56:46 | 00,626,688 | ---- | M] (Microsoft Corporation) prLoader.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\prLoader.dll -> [2008/10/25 11:56:46 | 00,184,320 | ---- | M] (Kaspersky Lab) prremote.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\binaries\prremote.dll -> [2008/10/25 11:56:46 | 00,090,112 | ---- | M] (Kaspersky Lab) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus -> [2008/10/25 11:41:25 | 00,000,000 | ---D | M] AVPFPI0.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\AVPFPI0.dll -> [2008/10/25 11:40:21 | 00,147,538 | ---- | M] (Kaspersky Lab) avpproxy.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\avpproxy.dll -> [2008/10/25 11:40:21 | 00,077,910 | ---- | M] (F-Secure Corporation) daas_s.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\daas_s.dll -> [2008/02/27 15:59:28 | 00,495,616 | ---- | M] (F-Secure Corporation) fm4av.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fm4av.dll -> [2008/10/25 11:40:21 | 00,514,048 | ---- | M] () fpinor.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fpinor.dll -> [2008/10/25 11:40:21 | 00,113,664 | ---- | M] (F-Secure Corporation) fsbl.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbl.dll -> [2008/10/25 11:40:21 | 00,049,152 | ---- | M] (F-Secure Corporation) fsbld.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbld.dll -> [2008/10/25 11:39:48 | 00,551,544 | ---- | M] (F-Secure Corporation) fsecr32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsecr32.dll -> [2008/10/25 11:40:08 | 00,262,144 | ---- | M] (F-Secure Corporation) fsgkiapi.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgkiapi.dll -> [2008/10/25 11:40:21 | 00,082,432 | ---- | M] (F-Secure Corp.) fsmart.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsmart.dll -> [2008/10/25 11:40:14 | 00,147,456 | ---- | M] (F-Secure Corporation) fspe32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fspe32.dll -> [2008/10/25 11:40:08 | 00,385,024 | ---- | M] (F-Secure Corporation) fssubmit.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fssubmit.dll -> [2008/10/25 11:39:52 | 00,651,264 | ---- | M] (F-Secure Corporation) fsup32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsup32.dll -> [2008/10/25 11:40:09 | 00,577,536 | ---- | M] (F-Secure Corporation) fsupcx32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupcx32.dll -> [2008/10/25 11:40:09 | 00,073,728 | ---- | M] (F-Secure Corporation) fsupfg32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupfg32.dll -> [2008/10/25 11:40:09 | 00,098,304 | ---- | M] (F-Secure Corporation) fsupmw32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupmw32.dll -> [2008/10/25 11:40:09 | 00,086,016 | ---- | M] (F-Secure Corporation) fsupnp32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupnp32.dll -> [2008/10/25 11:40:09 | 00,098,304 | ---- | M] (F-Secure Corporation) fsupux32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupux32.dll -> [2008/10/25 11:40:09 | 00,090,112 | ---- | M] (F-Secure Corporation) fsupwu32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupwu32.dll -> [2008/10/25 11:40:09 | 00,090,112 | ---- | M] (F-Secure Corporation) fsusscr.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsusscr.dll -> [2008/10/25 11:40:14 | 00,888,832 | ---- | M] (F-Secure Corporation) Nse_w32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\Nse_w32.dll -> [2008/10/25 11:39:44 | 00,588,856 | ---- | M] (Norman ASA) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta -> [2008/10/25 11:40:21 | 00,000,000 | ---D | M] AVPFPI0.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\AVPFPI0.dll -> [2008/10/25 11:40:21 | 00,147,538 | ---- | M] (Kaspersky Lab) avpproxy.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\avpproxy.dll -> [2008/10/25 11:40:21 | 00,077,910 | ---- | M] (F-Secure Corporation) fm4av.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fm4av.dll -> [2008/10/25 11:40:21 | 00,514,048 | ---- | M] () fpinor.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fpinor.dll -> [2008/10/25 11:40:21 | 00,113,664 | ---- | M] (F-Secure Corporation) fsbl.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsbl.dll -> [2008/10/25 11:40:21 | 00,049,152 | ---- | M] (F-Secure Corporation) fsgkiapi.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgkiapi.dll -> [2008/10/25 11:40:21 | 00,082,432 | ---- | M] (F-Secure Corp.) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin -> [2008/10/25 11:40:09 | 00,000,000 | ---D | M] fsecr32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsecr32.dll -> [2008/10/25 11:40:08 | 00,262,144 | ---- | M] (F-Secure Corporation) fspe32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fspe32.dll -> [2008/10/25 11:40:08 | 00,385,024 | ---- | M] (F-Secure Corporation) fsup32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsup32.dll -> [2008/10/25 11:40:09 | 00,577,536 | ---- | M] (F-Secure Corporation) fsupcx32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupcx32.dll -> [2008/10/25 11:40:09 | 00,073,728 | ---- | M] (F-Secure Corporation) fsupfg32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupfg32.dll -> [2008/10/25 11:40:09 | 00,098,304 | ---- | M] (F-Secure Corporation) fsupmw32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupmw32.dll -> [2008/10/25 11:40:09 | 00,086,016 | ---- | M] (F-Secure Corporation) fsupnp32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupnp32.dll -> [2008/10/25 11:40:09 | 00,098,304 | ---- | M] (F-Secure Corporation) fsupux32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupux32.dll -> [2008/10/25 11:40:09 | 00,090,112 | ---- | M] (F-Secure Corporation) fsupwu32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupwu32.dll -> [2008/10/25 11:40:09 | 00,090,112 | ---- | M] (F-Secure Corporation) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\mlcwin\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\mlcwin -> [2008/10/25 11:40:14 | 00,000,000 | ---D | M] fsmart.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsmart.dll -> [2008/10/25 11:40:14 | 00,147,456 | ---- | M] (F-Secure Corporation) fsusscr.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsusscr.dll -> [2008/10/25 11:40:14 | 00,888,832 | ---- | M] (F-Secure Corporation) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb -> [2008/10/25 11:39:44 | 00,000,000 | ---D | M] Nse_w32.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\Nse_w32.dll -> [2008/10/25 11:39:44 | 00,588,856 | ---- | M] (Norman ASA) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\ols_33_bin -> [2008/10/25 11:39:52 | 00,000,000 | ---D | M] fssubmit.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\fssubmit.dll -> [2008/10/25 11:39:52 | 00,651,264 | ---- | M] (F-Secure Corporation) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\ols_bl\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\ols_bl -> [2008/10/25 11:39:48 | 00,000,000 | ---D | M] fsblu.dll -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\ols_bl\fsblu.dll -> [2008/10/25 11:39:48 | 00,551,544 | ---- | M] (F-Secure Corporation) C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\engine\bases\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\engine\bases -> [2008/10/25 12:13:39 | 00,000,000 | ---D | M] sfdb.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jkos-Compaq_Owner\engine\bases\sfdb.dat -> [2008/10/25 12:13:39 | 00,000,084 | ---- | M] () C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus -> [2008/10/25 11:41:25 | 00,000,000 | ---D | M] ext.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\ext.dat -> [2008/10/25 11:39:35 | 00,000,444 | ---- | M] () fsedb.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsedb.dat -> [2008/10/25 11:40:08 | 01,664,058 | ---- | M] () fsupdllb.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupdllb.dat -> [2008/10/25 11:40:09 | 00,422,594 | ---- | M] () fsupplgn.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupplgn.dat -> [2008/10/25 11:40:09 | 00,000,226 | ---- | M] () fsuptmpl.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\fsuptmpl.dat -> [2008/10/25 11:40:09 | 00,005,828 | ---- | M] () perf.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\perf.dat -> [2008/10/25 11:40:58 | 00,000,128 | ---- | M] () sae.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\sae.dat -> [2008/10/25 11:39:35 | 00,000,243 | ---- | M] () sai.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\Anti-Virus\sai.dat -> [2008/10/25 11:39:35 | 00,001,348 | ---- | M] () C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\avmisc\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\avmisc -> [2008/10/25 11:39:35 | 00,000,000 | ---D | M] ext.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\avmisc\ext.dat -> [2008/10/25 11:39:35 | 00,000,444 | ---- | M] () sae.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\avmisc\sae.dat -> [2008/10/25 11:39:35 | 00,000,243 | ---- | M] () sai.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\avmisc\sai.dat -> [2008/10/25 11:39:35 | 00,001,348 | ---- | M] () C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\ -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin -> [2008/10/25 11:40:09 | 00,000,000 | ---D | M] fsedb.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsedb.dat -> [2008/10/25 11:40:08 | 01,664,058 | ---- | M] () fsupdllb.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupdllb.dat -> [2008/10/25 11:40:09 | 00,422,594 | ---- | M] () fsupplgn.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupplgn.dat -> [2008/10/25 11:40:09 | 00,000,226 | ---- | M] () fsuptmpl.dat -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsuptmpl.dat -> [2008/10/25 11:40:09 | 00,005,828 | ---- | M] () wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/10/25 11:31:41 | 00,001,158 | ---- | M] () hpsysdrv.dat -> %SystemRoot%\System\hpsysdrv.dat -> [2008/10/25 11:30:43 | 00,000,246 | ---- | M] () SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/10/25 11:30:38 | 00,000,006 | -H-- | M] () bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/10/25 11:30:33 | 00,002,048 | --S- | M] () hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/10/25 11:30:31 | 40,218,2144 | -HS- | M] () avenger.exe -> %UserProfile%\Desktop\avenger.exe -> [2008/10/25 11:17:14 | 00,731,136 | ---- | M] () avenger.zip -> %UserProfile%\Desktop\avenger.zip -> [2008/10/25 11:16:07 | 00,724,952 | ---- | M] () NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [2008/10/24 11:58:48 | 00,000,116 | ---- | M] () hpfr5550.xml -> %SystemDrive%\hpfr5550.xml -> [2008/10/23 10:19:04 | 00,000,563 | ---- | M] () HOSTS -> %SystemRoot%\System32\drivers\etc\HOSTS -> [2008/10/21 14:19:48 | 00,000,686 | ---- | M] () win.ini -> %SystemRoot%\win.ini -> [2008/10/21 12:34:18 | 00,000,775 | ---- | M] () boot.ini -> %SystemDrive%\boot.ini -> [2008/10/21 12:34:18 | 00,000,281 | RHS- | M] () system.ini -> %SystemRoot%\system.ini -> [2008/10/21 12:34:18 | 00,000,227 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/10/18 20:11:17 | 00,068,608 | ---- | M] () Norton Internet Security - Run Full System Scan - Compaq_Owner.job -> %SystemRoot%\tasks\Norton Internet Security - Run Full System Scan - Compaq_Owner.job -> [2008/10/17 05:42:32 | 00,000,636 | ---- | M] () mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/10/16 20:25:46 | 00,038,496 | ---- | M] (Malwarebytes Corporation) mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/10/16 20:25:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/10/16 20:12:13 | 00,267,800 | ---- | M] () imsins.BAK -> %SystemRoot%\imsins.BAK -> [2008/10/16 20:04:34 | 00,001,393 | ---- | M] () netapi32.dll -> %SystemRoot%\System32\netapi32.dll -> [2008/10/15 12:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) netapi32.dll -> %SystemRoot%\System32\dllcache\netapi32.dll -> [2008/10/15 12:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2008/10/07 15:19:40 | 16,721,856 | ---- | M] (Microsoft Corporation) Thumbs.db -> %UserProfile%\Desktop\Thumbs.db -> [2008/10/06 08:26:07 | 00,337,920 | -HS- | M] () GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2008/09/30 13:39:16 | 00,067,016 | ---- | M] () passd.doc -> %UserProfile%\My Documents\passd.doc -> [2008/09/26 11:35:00 | 00,023,552 | ---- | M] () < End of report > [/code]