OTScanIt2 logfile created on: 12/21/2008 2:10:09 PM - Run 2 OTScanIt2 by OldTimer - Version 1.0.3.1 Folder = C:\Documents and Settings\Compaq_Administr ator\Desktop\OTScanIt2 Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 958.48 Mb Total Physical Memory | 613.99 Mb Available Physical Memory | 64.06% Memory free 1.85 Gb Paging File | 1.45 Gb Available in Paging File | 78.46% Paging File free Paging file location(s): C:\pagefile.sys 1024 1024; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 225.36 Gb Total Space | 201.79 Gb Free Space | 89.54% Space Free | Partition Type: NTFS Drive D: | 7.51 Gb Total Space | 0.96 Gb Free Space | 12.79% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-B27FB1C401 Current User Name: Compaq_Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On File Age = 30 Days [Processes - Safe List] alcxmntr.exe -> %SystemRoot%\ALCXMNTR.EXE -> [2004/09/07 13:47:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) ati2evxx.exe -> %SystemRoot%\system32\ati 2evxx.exe -> [2005/06/07 22:38:32 | 00,376,832 | ---- | M] (ATI Technologies Inc.) ati2evxx.exe -> %SystemRoot%\system32\ati 2evxx.exe -> [2005/06/07 22:38:32 | 00,376,832 | ---- | M] (ATI Technologies Inc.) atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> [2005/06/08 04:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) avgemc.exe -> %ProgramFiles%\AVG\AVG8\a vgemc.exe -> [2008/12/15 14:09:07 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) avgrsx.exe -> %ProgramFiles%\AVG\AVG8\a vgrsx.exe -> [2008/12/15 14:09:09 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> %ProgramFiles%\AVG\AVG8\a vgwdsvc.exe -> [2008/12/15 14:09:07 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) ehrecvr.exe -> %SystemRoot%\ehome\ehrecv r.exe -> [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) ehsched.exe -> %SystemRoot%\ehome\ehSche d.exe -> [2005/08/05 13:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) ehtray.exe -> %SystemRoot%\ehome\ehtray .exe -> [2005/08/05 13:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation) hpsysdrv.exe -> %SystemRoot%\system\hpsys drv.exe -> [1998/05/07 09:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) ipodservice.exe -> %ProgramFiles%\iPod\bin\i PodService.exe -> [2005/05/05 00:21:26 | 00,327,680 | ---- | M] (Apple Computer, Inc.) issch.exe -> %CommonProgramFiles%\Inst allShield\UpdateService\i ssch.exe -> [2004/07/27 23:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) ituneshelper.exe -> %ProgramFiles%\iTunes\iTu nesHelper.exe -> [2005/05/05 00:21:42 | 00,278,528 | ---- | M] (Apple Computer, Inc.) jqs.exe -> %ProgramFiles%\Java\jre6\ bin\jqs.exe -> [2008/12/02 13:19:07 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) jusched.exe -> %ProgramFiles%\Java\jre1.5.0\bin\jusched.exe -> [2005/08/05 09:11:20 | 00,036,972 | ---- | M] (Sun Microsystems, Inc.) kbd.exe -> %SystemDrive%\hp\KBD\kbd.exe -> [2005/02/02 16:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) lsburnwatcher.exe -> %SystemDrive%\hp\drivers\ hplsbwatcher\LSBurnWatche r.exe -> [2005/05/10 17:50:42 | 00,253,952 | ---- | M] (Hewlett-Packard Company) lssrvc.exe -> %CommonProgramFiles%\Ligh tScribe\LSSrvc.exe -> [2005/06/21 06:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) lxddcoms.exe -> %SystemRoot%\system32\lxd dcoms.exe -> [2007/05/25 02:41:37 | 00,537,520 | ---- | M] ( ) mcrdsvc.exe -> %SystemRoot%\ehome\mcrdsv c.exe -> [2005/08/05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) mdm.exe -> %CommonProgramFiles%\Micr osoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/20 06:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) msmsgs.exe -> %ProgramFiles%\Messenger\ msmsgs.exe -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) mssysmgr.exe -> %ProgramFiles%\Walgreens\ Walgreens PhotoShow\data\Xtras\mssy smgr.exe -> [2005/05/19 14:59:03 | 00,176,128 | ---- | M] (Simple Star, Inc.) otscanit2.exe -> %UserProfile%\Desktop\OTS canIt2\OTScanIt2.exe -> [2008/12/12 09:24:20 | 00,477,184 | ---- | M] (OldTimer Tools) qttask.exe -> %ProgramFiles%\QuickTime\ qttask.exe -> [2005/08/05 09:40:39 | 00,098,304 | ---- | M] (Apple Computer, Inc.) rundll32.exe -> %SystemRoot%\system32\run dll32.exe -> [2008/04/13 17:12:33 | 00,033,280 | ---- | M] (Microsoft Corporation) sm56hlpr.exe -> %SystemRoot%\sm56hlpr.exe -> [2005/01/24 02:56:00 | 00,544,768 | ---- | M] (Motorola Inc.) superantispyware.exe -> %ProgramFiles%\SUPERAntiS pyware\SUPERAntiSpyware.exe -> [2008/12/04 13:50:00 | 01,809,648 | ---- | M] (SUPERAntiSpyware.com) viewpointservice.exe -> %ProgramFiles%\Viewpoint\ Common\ViewpointService.exe -> [2007/01/04 14:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Win32 Services - Safe List] (aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati 2evxx.exe -> [2005/06/07 22:38:32 | 00,376,832 | ---- | M] (ATI Technologies Inc.) (avg8emc) AVG Free8 E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\a vgemc.exe -> [2008/12/15 14:09:07 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) (avg8wd) AVG Free8 WatchDog [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\a vgwdsvc.exe -> [2008/12/15 14:09:07 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) (dvpapi) dvpapi [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Auth entium\AntiVirus\dvpapi.exe -> [2007/07/09 12:54:08 | 00,177,416 | R--- | M] (Authentium, Inc.) (ehRecvr) Media Center Receiver Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\ehrecv r.exe -> [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) (ehSched) Media Center Scheduler Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\ehSche d.exe -> [2005/08/05 13:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCac he.exe -> [2006/10/20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) (helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\pchealth\hel pctr\binaries\pchsvc.dll -> [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) (IDriverT) InstallDriver Table Manager [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Inst allShield\Driver\1050\Int el 32\IDriverT.exe -> [2004/10/22 10:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2006/10/30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) (iPodService) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\i PodService.exe -> [2005/05/05 00:21:26 | 00,327,680 | ---- | M] (Apple Computer, Inc.) (JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> %ProgramFiles%\Java\jre6\ bin\jqs.exe -> [2008/12/02 13:19:07 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) (LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Ligh tScribe\LSSrvc.exe -> [2005/06/21 06:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) (lxdd_device) lxdd_device [Win32_Own | Auto | Running] -> %SystemRoot%\system32\lxd dcoms.exe -> [2007/05/25 02:41:37 | 00,537,520 | ---- | M] ( ) (McrdSvc) Media Center Extender Service [Win32_Own | Auto | Running] -> %SystemRoot%\ehome\mcrdsv c.exe -> [2005/08/05 13:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) (MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Micr osoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/20 06:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) (MHN) MHN [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\system32\mhn .dll -> [2004/08/10 19:11:50 | 00,085,504 | ---- | M] (Microsoft Corporation) (NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2006/10/30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Micr osoft Shared\Source Engine\OSE.EXE -> [2003/07/28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) (Viewpoint Manager Service) Viewpoint Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Viewpoint\ Common\ViewpointService.exe -> [2007/01/04 14:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) (WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\Wud fSvc.dll -> [2006/09/28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\dri vers\ALCXWDM.SYS -> [2005/04/20 11:00:56 | 02,317,696 | ---- | M] (Realtek Semiconductor Corp.) (AmdK8) AMD Processor Driver [Kernel | System | Running] -> %SystemRoot%\system32\dri vers\AmdK8.sys -> [2005/03/09 14:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\dri vers\ati2mtag.sys -> [2005/06/07 22:44:36 | 01,235,968 | ---- | M] (ATI Technologies Inc.) (AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> %SystemRoot%\system32\dri vers\avgldx86.sys -> [2008/12/15 14:09:28 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> %SystemRoot%\system32\dri vers\avgmfx86.sys -> [2008/12/15 14:09:26 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgTdiX) AVG Free8 Network Redirector [Kernel | Auto | Running] -> %SystemRoot%\system32\dri vers\avgtdix.sys -> [2008/12/15 14:09:35 | 00,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) (bb-run) Promise driver accelerator [Kernel | Boot | Running] -> %SystemRoot%\system32\dri vers\bb-run.sys -> [2003/11/05 15:45:12 | 00,017,408 | ---- | M] (Promise Technology, Inc.) (CSS DVP) Dynamic Virus Protection [Kernel | Auto | Running] -> %SystemRoot%\system32\dri vers\Css-Dvp.sys -> [2007/07/09 12:01:04 | 00,834,448 | ---- | M] (Authentium, Inc.) (ftsata2) ftsata2 [Kernel | Boot | Running] -> %SystemRoot%\system32\dri vers\ftsata2.sys -> [2005/04/14 21:12:12 | 00,175,616 | ---- | M] (Promise Technology, Inc.) (GEARAspiWDM) GEAR CDRom Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\dri vers\GEARAspiWDM.sys -> [2005/03/07 18:52:48 | 00,014,408 | ---- | M] (GEAR Software Inc.) (iaStor) Intel RAID Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\dri vers\iaStor.sys -> [2005/03/09 18:09:18 | 00,870,912 | ---- | M] (Intel Corporation) (ltmodem5) LT Modem Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\dri vers\ltmdmnt.sys -> [2004/08/04 05:41:36 | 00,606,684 | ---- | M] (LT) (MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Running] -> %SystemRoot%\system32\dri vers\MODEMCSA.sys -> [2001/08/17 20:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) (Ps2) Ps2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\dri vers\PS2.sys -> [2002/07/29 15:43:50 | 00,023,808 | ---- | M] (Hewlett-Packard Company) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\dri vers\ptilink.sys -> [2004/08/10 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\dri vers\pxhelp20.sys -> [2005/04/25 09:03:00 | 00,020,640 | ---- | M] (Sonic Solutions) (RTL8023xp) Realtek 10/100/1000 PCI NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\dri vers\Rtnicxp.sys -> [2008/02/25 12:54:56 | 00,105,088 | ---- | M] (Realtek Semiconductor Corporation ) (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\dri vers\RTL8139.sys -> [2004/08/04 05:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) (SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiS pyware\sasdifsv.sys -> [2008/12/04 13:50:04 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiS pyware\SASENUM.SYS -> [2008/12/04 13:50:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) (SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiS pyware\SASKUTIL.SYS -> [2008/12/04 13:50:02 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\dri vers\secdrv.sys -> [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (smserial) smserial [Kernel | On_Demand | Running] -> %SystemRoot%\system32\dri vers\smserial.sys -> [2005/01/25 06:56:00 | 00,923,863 | ---- | M] (Motorola Inc.) (WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\dri vers\ws2ifsl.sys -> [2004/08/10 12:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL " -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_ Page_URL" -> -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchass t/sr... -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp =ie... -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp =ie... -> HKEY_CURRENT_USER\: Main\\"Default_Search_URL " -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp =ie... -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp =ie... -> HKEY_CURRENT_USER\: Main\\"SearchMigratedDefa ultName" -> Google -> HKEY_CURRENT_USER\: Main\\"SearchMigratedDefa ultURL" -> http://www.google.com/search?q={searchTerms }&s... -> HKEY_CURRENT_USER\: Main\\"Start Page" -> about:blank -> HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/keyword/%s -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < FireFox Settings [Default Profile] > -> C:\Documents and Settings\Compaq_Administr ator\Application Data\Mozilla\FireFox\Prof iles\0r1k2j18.default\prefs.js -> browser.startup.homepage_override.mstone -> "rv:1.9.0.5" -> extensions.enabledItems -> {0F2576E0-FC9F-4F29-AA50- CCF97C6B7C49}:1.0 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285- 3208198ce6fd}:3.0.5 -> < HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\System32\drive rs\etc\Hosts -> 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Softwa re\Microsoft\Windows\Curr entVersion\Explorer\Brows er Helper Objects\ -> {02478D38-C3F9-4efb-9B51- 7695ECA05670} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {38e9a8a2-6c5a-4e2a-8108- e2df1e41a415} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {3CA2F312-6F6E-4B53-A66E- 4E65E497C8C0} [HKLM] -> %ProgramFiles%\AVG\AVG8\a vgssie.dll [AVG Safe Search] -> [2008/12/15 14:09:09 | 00,455,960 | ---- | M] (AVG Technologies CZ, s.r.o.) {64C312FF-E16D-4BDE-880A- 6294D4687378} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {761497BB-D6F0-462C-B6EB- D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre6\ bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2008/12/02 13:19:09 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.) {A057A204-BACC-4D26-9990- 79A187E2698E} [HKLM] -> %ProgramFiles%\AVG\AVG8\a vgtoolbar.dll [AVG Security Toolbar] -> [2008/12/15 14:09:21 | 02,055,960 | ---- | M] (AVG, Technologies CZ, s.r.o ) {AA58ED58-01DD-4d91-8333- CF10577473F7} [HKLM] -> %ProgramFiles%\Google\Goo gleToolbar1.dll [Google Toolbar Helper] -> [2005/08/05 09:54:59 | 00,720,896 | R--- | M] (Google Inc.) {DBC80044-A445-435b-BC74- 9C25C1C588A9} [HKLM] -> %ProgramFiles%\Java\jre6\ bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2008/12/02 13:19:06 | 00,034,816 | ---- | M] (Sun Microsystems, Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18 -009027A5CD4F}" [HKLM] -> %ProgramFiles%\Google\Goo gleToolbar1.dll [&Google] -> [2005/08/05 09:54:59 | 00,720,896 | R--- | M] (Google Inc.) "{A057A204-BACC-4D26-9990 -79A187E2698E}" [HKLM] -> %ProgramFiles%\AVG\AVG8\a vgtoolbar.dll [AVG Security Toolbar] -> [2008/12/15 14:09:21 | 02,055,960 | ---- | M] (AVG, Technologies CZ, s.r.o ) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Softwar e\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{42CDD1BF- 3FFB-4238-8AD1-7859DF00B1 D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{2318C2B1-49 65-11D4-9B18-009027A5CD4F }" [HKLM] -> %ProgramFiles%\Google\Goo gleToolbar1.dll [&Google] -> [2005/08/05 09:54:59 | 00,720,896 | R--- | M] (Google Inc.) WebBrowser\\"{604BC32A-96 80-40D1-9AC6-E06B23A1BA4C }" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\"{A057A204-BA CC-4D26-9990-79A187E2698E }" [HKLM] -> %ProgramFiles%\AVG\AVG8\a vgtoolbar.dll [AVG Security Toolbar] -> [2008/12/15 14:09:21 | 02,055,960 | ---- | M] (AVG, Technologies CZ, s.r.o ) WebBrowser\\"{EF99BD32-C1 FB-11D2-892F-0090271D4F88 }" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows\Curr entVersion\Run -> "AVG8_TRAY" -> %ProgramFiles%\AVG\AVG8\a vgtray.exe [C:\PROGRA~1\AVG\AVG8\avg tray.exe] -> [2008/12/15 14:09:07 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.) "ehTray" -> %SystemRoot%\ehome\ehtray .exe [C:\WINDOWS\ehome\ehtray.exe] -> [2005/08/05 13:56:34 | 00,064,512 | ---- | M] (Microsoft Corporation) "HPBootOp" -> %ProgramFiles%\Hewlett-Pa ckard\HP Boot Optimizer\HPBootOp.exe ["C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run] -> [2005/02/25 22:34:02 | 00,245,760 | ---- | M] (Hewlett-Packard Company) "ISUSPM Startup" -> %CommonProgramFiles%\Inst allShield\UpdateService\I SUSPM.exe [C:\PROGRA~1\COMMON~1\INS TAL~1\UPDATE~1\ISUSPM.exe -startup] -> [2004/07/27 23:50:42 | 00,221,184 | ---- | M] (InstallShield Software Corporation) "LSBWatcher" -> %SystemDrive%\hp\drivers\ hplsbwatcher\LSBurnWatche r.exe [c:\hp\drivers\hplsbwatch er\lsburnwatcher.exe] -> [2005/05/10 17:50:42 | 00,253,952 | ---- | M] (Hewlett-Packard Company) "QuickTime Task" -> %ProgramFiles%\QuickTime\ qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2005/08/05 09:40:39 | 00,098,304 | ---- | M] (Apple Computer, Inc.) "SMSERIAL" -> %SystemRoot%\sm56hlpr.exe [sm56hlpr.exe] -> [2005/01/24 02:56:00 | 00,544,768 | ---- | M] (Motorola Inc.) "TkBellExe" -> %CommonProgramFiles%\Real \Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\real sched.exe" -osboot] -> [2005/08/05 09:28:21 | 00,180,269 | ---- | M] (RealNetworks, Inc.) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\Run -> "MSMSGS" -> %ProgramFiles%\Messenger\ msmsgs.exe ["C:\Program Files\Messenger\msmsgs.exe" /background] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) "PhotoShow Deluxe Media Manager" -> %ProgramFiles%\Walgreens\ Walgreens PhotoShow\data\Xtras\mssy smgr.exe [C:\PROGRA~1\WALGRE~1\WAL GRE~1\data\xtras\mssysmgr .exe] -> [2005/05/19 14:59:03 | 00,176,128 | ---- | M] (Simple Star, Inc.) "SUPERAntiSpyware" -> %ProgramFiles%\SUPERAntiS pyware\SUPERAntiSpyware.exe [C:\Program Files\SUPERAntiSpyware\SU PERAntiSpyware.exe] -> [2008/12/04 13:50:00 | 01,809,648 | ---- | M] (SUPERAntiSpyware.com) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> %ProgramFiles%\HP\Digital Imaging\bin\hpqtra08.exe -> [2005/05/11 23:23:26 | 00,282,624 | ---- | M] (Hewlett-Packard Co.) < Compaq_Administrator Startup Folder > -> C:\Documents and Settings\Compaq_Administr ator\Start Menu\Programs\Startup -> < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows\Curr entVersion\policies\Syste m -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows\Curr entVersion\policies\Syste m \\"dontdisplaylastusernam e" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"InstallVisualStyle" -> %SystemRoot%\Resources\Th emes\Royale\Royale.mss [C:\WINDOWS\Resources\The mes\Royale\Royale.msstyles] -> File not found \\"InstallTheme" -> %SystemRoot%\Resources\Th emes\Royale.the [C:\WINDOWS\Resources\The mes\Royale.theme] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\policies\Explor er -> HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\policies\Explor er \\"NoDriveTypeAutoRun" -> [145] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Softwar e\Microsoft\Internet Explorer\MenuExt\ -> &Google Search -> %ProgramFiles%\Google\Goo gleToolbar1.dll [res://C:\Program Files\Google\GoogleToolba r1.dll/cmsearch.html] -> [2005/08/05 09:54:59 | 00,720,896 | R--- | M] (Google Inc.) Backward Links -> %ProgramFiles%\Google\Goo gleToolbar1.dll [res://C:\Program Files\Google\GoogleToolba r1.dll/cmbacklinks.html] -> [2005/08/05 09:54:59 | 00,720,896 | R--- | M] (Google Inc.) Cached Snapshot of Page -> %ProgramFiles%\Google\Goo gleToolbar1.dll [res://C:\Program Files\Google\GoogleToolba r1.dll/cmcache.html] -> [2005/08/05 09:54:59 | 00,720,896 | R--- | M] (Google Inc.) E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MI1933 ~1\OFFICE11\EXCEL.EXE/3000] -> [2003/08/13 09:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation) Similar Pages -> %ProgramFiles%\Google\Goo gleToolbar1.dll [res://C:\Program Files\Google\GoogleToolba r1.dll/cmsimilar.html] -> [2005/08/05 09:54:59 | 00,720,896 | R--- | M] (Google Inc.) Translate into English -> %ProgramFiles%\Google\Goo gleToolbar1.dll [res://C:\Program Files\Google\GoogleToolba r1.dll/cmtrans.html] -> [2005/08/05 09:54:59 | 00,720,896 | R--- | M] (Google Inc.) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Internet Explorer\Extensions\ -> {92780B25-18CC-41C8-B9BE- 3C9C571A8263}:{FF059E31-C C5A-4E2E-BF3B-96E929D6550 3} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2003/07/15 05:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation) {E2D4D26B-0180-43a4-B05F- 462D6D54C789}:C:\WINDOWS\ PCHEALTH\HELPCTR\Vendors\ CN=Hewlett-Packard,L=Cupe rtino,S=Ca,C=US\IEButton\ support.htm [HKLM] -> %SystemRoot%\pchealth\hel pctr\Vendors\CN=Hewlett-P ackard,L=Cupertino,S=Ca,C =US\IEButton\support.htm [Button: Connection Help] -> [2008/12/19 22:06:05 | 00,000,735 | ---- | M] () {E2D4D26B-0180-43a4-B05F- 462D6D54C789}:C:\WINDOWS\ PCHEALTH\HELPCTR\Vendors\ CN=Hewlett-Packard,L=Cupe rtino,S=Ca,C=US\IEButton\ support.htm [HKLM] -> %SystemRoot%\pchealth\hel pctr\Vendors\CN=Hewlett-P ackard,L=Cupertino,S=Ca,C =US\IEButton\support.htm [Menu: Connection Help] -> [2008/12/19 22:06:05 | 00,000,735 | ---- | M] () {e2e2dd38-d088-4134-82b7- f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E- 00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\ msmsgs.exe [Button: Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E- 00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\ msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Softwar e\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4F CB-11CF-AAA5-00401C608501 }" [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found CmdMapping\\"{92780B25-18 CC-41C8-B9BE-3C9C571A8263 }" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2003/07/15 05:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation) CmdMapping\\"{E2D4D26B-01 80-43a4-B05F-462D6D54C789 }" [HKLM] -> [Connection Help] -> File not found CmdMapping\\"{FB5F1910-F1 10-11d2-BB9E-00C04F795683 }" [HKLM] -> %ProgramFiles%\Messenger\ msmsgs.exe [Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext... -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows\Curr entVersion\URL\DefaultPre fix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows\Curr entVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows\Curr entVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows\Curr entVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows\Curr entVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9- 00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_10... Plug-in 1.6.0_10] -> {B8BE5E93-A60C-4D26-A2DC- 220313175592} [HKLM] -> http://cdn2.zone.msn.com/binFramework/v10/ZInt ro.c... Games - Installer] -> {CAFEEFAC-0015-0000-0000- ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0-wi... Plug-in 1.5.0] -> {CAFEEFAC-0016-0000-0007- ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07... Plug-in 1.6.0_07] -> {CAFEEFAC-0016-0000-0010- ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_10... Plug-in 1.6.0_10] -> {CAFEEFAC-FFFF-FFFF-FFFF- ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_10... Plug-in 1.6.0_10] -> {D27CDB6E-AE6D-11CF-96B8- 444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/... Flash Object] -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Servic es\Tcpip\Parameters\Adapt ers\ -> {1699550F-1E3F-49A3-AE40- 1740C56EEF45} -> (1394 Net Adapter) -> {24C35E9D-43DE-47B3-8C8D- C6AC403DF807} -> (Realtek RTL8139 Family PCI Fast Ethernet NIC) -> {F78DF986-7E65-4D81-9500- 608956261930} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows NT\CurrentVersion\Windows \\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows NT\CurrentVersion\Windows \\AppInit_Dlls -> ipneyy.dll -> -> File not found avgrsstx.dll -> %SystemRoot%\system32\avg rsstx.dll -> [2008/12/15 14:09:36 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows NT\CurrentVersion\Winlogo n\Notify\ -> !SASWinLogon -> %ProgramFiles%\SUPERAntiS pyware\SASWINLO.dll -> [2008/12/03 14:56:38 | 00,352,256 | ---- | M] (SUPERAntiSpyware.com) AtiExtEvent -> %SystemRoot%\system32\ati 2evxx.dll -> [2005/06/07 22:39:38 | 00,046,080 | ---- | M] (ATI Technologies Inc.) ljJDSLBu -> -> File not found < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows\Curr entVersion\Explorer\Shell ExecuteHooks -> "{5AE067D3-9AFB-48E0-853A -EBB7F4A000DA}" [HKLM] -> %ProgramFiles%\SUPERAntiS pyware\SASSEH.DLL [] -> [2008/05/13 09:13:36 | 00,077,824 | ---- | M] (SuperAdBlocker.com) < LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Lsa\\Authentication Packages -> *LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Lsa\\Authentication Packages -> C:\WINDOWS\system32\mlJYo mnm -> -> File not found *MultiFile Done* -> -> < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Servic es\SharedAccess\Parameter s\FirewallPolicy\DomainPr ofile\AuthorizedApplicati ons\List -> "%ProgramFiles%\iTunes\iT unes.exe" -> C:\Program Files\iTunes\iTunes.exe [%ProgramFiles%\iTunes\iT unes.exe:*:enabled:iTunes] -> [2005/05/05 00:10:04 | 09,034,240 | ---- | M] (Apple Computer, Inc.) "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmg r.exe" -> C:\WINDOWS\system32\sessm gr.exe [%windir%\system32\sessmg r.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 17:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\Program Files\Compaq Connections\5577497\Progr am\Compaq Connections.exe" -> C:\Program Files\Compaq Connections\5577497\Progr am\Compaq Connections.exe [C:\Program Files\Compaq Connections\5577497\Progr am\Compaq Connections.exe:*:Enabled:Compaq Connections] -> [2005/08/05 09:46:22 | 00,036,903 | ---- | M] (Hewlett-Packard) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Servic es\SharedAccess\Parameter s\FirewallPolicy\Standard Profile\AuthorizedApplica tions\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmg r.exe" -> C:\WINDOWS\system32\sessm gr.exe [%windir%\system32\sessmg r.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 17:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\Program Files\AIM6\aim6.exe" -> C:\Program Files\AIM6\aim6.exe [C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM] -> File not found "C:\Program Files\AVG\AVG8\avgemc.exe" -> C:\Program Files\AVG\AVG8\avgemc.exe [C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe] -> [2008/12/15 14:09:07 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG8\avgupd.exe" -> C:\Program Files\AVG\AVG8\avgupd.exe [C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> [2008/12/15 14:09:07 | 00,641,304 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> File not found "C:\Program Files\Compaq Connections\5577497\Progr am\Compaq Connections.exe" -> C:\Program Files\Compaq Connections\5577497\Progr am\Compaq Connections.exe [C:\Program Files\Compaq Connections\5577497\Progr am\Compaq Connections.exe:*:Enabled:Compaq Connections] -> [2005/08/05 09:46:22 | 00,036,903 | ---- | M] (Hewlett-Packard) "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -> C:\Program Files\EarthLink TotalAccess\TaskPanl.exe [C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink] -> File not found "C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScann er.exe" -> C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScann er.exe [C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScann er.exe:*:Enabled:iolo AntiVirusŪ Email Protection] -> File not found "C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe" -> C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe [C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe:*:Enabled:iolo AntiVirusŪ] -> File not found "C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe" -> C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe [C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe:*:Enabled:iolo FirewallŪ] -> File not found "C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2005/05/05 00:10:04 | 09,034,240 | ---- | M] (Apple Computer, Inc.) "C:\Program Files\Yahoo!\Messenger\Ya hooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\Ya hooMessenger.exe [C:\Program Files\Yahoo!\Messenger\Ya hooMessenger.exe:*:Enabled:Yahoo! Messenger] -> File not found "C:\WINDOWS\system32\lxdd coms.exe" -> C:\WINDOWS\system32\lxddc oms.exe [C:\WINDOWS\system32\lxdd coms.exe:*:Enabled:2500 Series Server] -> [2007/05/25 02:41:37 | 00,537,520 | ---- | M] ( ) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Servic es\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> %SystemRoot%\system32\dri vers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 11:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2004/11/17 04:32:46 | 00,000,000 | ---- | M] () D:\AUTOEXEC.BAT [] -> D:\AUTOEXEC.BAT [ FAT32 ] -> [2001/07/28 05:07:38 | 00,000,000 | -HS- | M] () D:\Autorun.inf [[AUTORUN] | ShellExecute=Info.exe protect.ed 480 480 | ] -> D:\Autorun.inf [ FAT32 ] -> [2004/04/30 21:01:14 | 00,000,053 | -HS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\Explorer\MountP oints2 -> \{2a9a862c-7449-11dd-931f -806d6172696f} HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\Explorer\MountP oints2\{2a9a862c-7449-11d d-931f-806d6172696f}\Shel l \{2a9a862c-7449-11dd-931f -806d6172696f}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWAR E\Microsoft\Windows\Curre ntVersion\Explorer\MountP oints2\{2a9a862c-7449-11d d-931f-806d6172696f}\Shel l\AutoRun \{2a9a862c-7449-11dd-931f -806d6172696f}\Shell\Auto Run\\"" -> [Auto&Play] -> File not found [Registry - Additional Scans - Safe List] < ContextMenuHandlers - * [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\Softwa re\Classes\*\shellex\Cont extMenuHandlers\ -> {CA8ACAFA-5FBB-467B-B348- 90DD488DE003} [HKLM] -> %ProgramFiles%\SUPERAntiS pyware\SASCTXMN.DLL [SASContextMenu Class] -> [2007/02/27 11:39:26 | 00,061,440 | ---- | M] (SUPERAntiSpyware.com) (AVG8 Shell Extension):{9F97547E-4609 -42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\AVG\AVG8\a vgse.dll [AVG8 Shell Extension Class] -> [2008/12/15 14:09:08 | 00,099,608 | ---- | M] (AVG Technologies CZ, s.r.o.) (Offline Files):{750fdf0e-2a26-11d 1-a3ea-080036587f03} [HKLM] -> %SystemRoot%\system32\csc ui.dll [Offline Files Menu] -> [2008/04/13 17:11:51 | 00,326,656 | ---- | M] (Microsoft Corporation) < ContextMenuHandlers - AllFilesystemObjects [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\Softwa re\Classes\AllFilesystemO bjects\shellex\ContextMen uHandlers\ -> (MBAMShlExt):{57CE581A-0C B6-4266-9CA0-19364C90A0B3 } [HKLM] -> %ProgramFiles%\Malwarebyt es' Anti-Malware\mbamext.dll [MBAMShlExt Class] -> [2008/12/03 19:58:32 | 00,073,360 | ---- | M] (Malwarebytes Corporation) < ContextMenuHandlers - Directory [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\Softwa re\Classes\Directory\shel lex\ContextMenuHandlers\ -> {CA8ACAFA-5FBB-467B-B348- 90DD488DE003} [HKLM] -> %ProgramFiles%\SUPERAntiS pyware\SASCTXMN.DLL [SASContextMenu Class] -> [2007/02/27 11:39:26 | 00,061,440 | ---- | M] (SUPERAntiSpyware.com) (Offline Files):{750fdf0e-2a26-11d 1-a3ea-080036587f03} [HKLM] -> %SystemRoot%\system32\csc ui.dll [Offline Files Menu] -> [2008/04/13 17:11:51 | 00,326,656 | ---- | M] (Microsoft Corporation) (Sharing):{f81e9010-6ea4- 11ce-a7ff-00aa003ca9f6} [HKLM] -> %SystemRoot%\system32\nts hrui.dll [Shell extensions for sharing] -> [2008/04/13 17:12:02 | 00,143,360 | ---- | M] (Microsoft Corporation) < ContextMenuHandlers - Folder [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\Softwa re\Classes\Folder\shellex \ContextMenuHandlers\ -> (AVG8 Shell Extension):{9F97547E-4609 -42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\AVG\AVG8\a vgse.dll [AVG8 Shell Extension Class] -> [2008/12/15 14:09:08 | 00,099,608 | ---- | M] (AVG Technologies CZ, s.r.o.) (MBAMShlExt):{57CE581A-0C B6-4266-9CA0-19364C90A0B3 } [HKLM] -> %ProgramFiles%\Malwarebyt es' Anti-Malware\mbamext.dll [MBAMShlExt Class] -> [2008/12/03 19:58:32 | 00,073,360 | ---- | M] (Malwarebytes Corporation) < Desktop Components > -> HKEY_CURRENT_USER\Softwar e\Microsoft\Internet Explorer\Desktop\Componen ts\ -> 0 -> [Key] -> 0 -> FriendlyName = My Current Home Page -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Shared Tools\MSConfig\state -> "bootini" -> 0 -> "services" -> 0 -> "startup" -> 0 -> "system.ini" -> 0 -> "win.ini" -> 0 -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Classes\ .bat [@ = batfile] -> "%1" %* -> .chm [@ = chm.file] -> %SystemRoot%\hh.exe -> [2008/04/13 17:12:21 | 00,010,752 | ---- | M] (Microsoft Corporation) .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .hlp [@ = hlpfile] -> %SystemRoot%\system32\win hlp32.exe -> [2004/08/10 19:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation) .hta [@ = htafile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) .html [@ = htmlfile] -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/10/15 00:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) .inf [@ = inffile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) .ini [@ = inifile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) .js [@ = JSFile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) .jse [@ = JSEFile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) .pif [@ = piffile] -> "%1" %* -> .reg [@ = regfile] -> %SystemRoot%\regedit.exe -> [2008/04/13 17:12:32 | 00,146,432 | ---- | M] (Microsoft Corporation) .scr [@ = scrfile] -> "%1" /S -> .txt [@ = txtfile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) .vbe [@ = VBEFile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) .vbs [@ = VBSFile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) .wsf [@ = WSFFile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) .wsh [@ = WSHFile] -> %SystemRoot%\system32\not epad.exe -> [2008/04/13 17:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) < HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWA RE\Microsoft\Windows NT\CurrentVersion\SvcHost \\netsvcs -> 6to4 -> [] -> HidServ -> [ValueNotFound] -> Ias -> [] -> Iprip -> [] -> Irmon -> [] -> NWCWorkstation -> [] -> Nwsapagent -> [] -> WmdmPmSp -> [] -> MHN -> C:\WINDOWS\system32\mhn.dll [C:\WINDOWS\system32\mhn.dll] -> [2004/08/10 19:11:50 | 00,085,504 | ---- | M] (Microsoft Corporation) helpsvc -> C:\WINDOWS\pchealth\helpc tr\binaries\pchsvc.dll [C:\WINDOWS\pchealth\help ctr\binaries\pchsvc.dll] -> [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Classes\PROTOCOLS\Filt er\ -> text/xml:{807553E5-5146-1 1D5-A672-00B0D022E945} [HKLM] -> %CommonProgramFiles%\Micr osoft Shared\OFFICE11\MSOXMLMF.DLL[Reg Error: Value does not exist or could not be read.] -> [2003/07/15 05:45:12 | 00,039,488 | ---- | M] (Microsoft Corporation) < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWA RE\Classes\PROTOCOLS\Hand ler\ -> ipp: [HKLM] -> No CLSID value ipp\0x00000001:{E1D2BF42- A96B-11d1-9C6B-0000F875AC 61} [HKLM] -> %CommonProgramFiles%\Syst em\Ole DB\MSDAIPP.DLL[Microsoft OLE DB Moniker Binder for Internet Publishing] -> [2003/07/11 09:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) linkscanner:{F274614C-63F 8-47D5-A4D1-FBDDE494F8D1} [HKLM] -> %ProgramFiles%\AVG\AVG8\a vgpp.dll[XPLPPFilter Class] -> [2008/12/15 14:09:17 | 00,079,128 | ---- | M] (AVG Technologies CZ, s.r.o.) msdaipp: [HKLM] -> No CLSID value msdaipp\0x00000001:{E1D2B F42-A96B-11d1-9C6B-0000F8 75AC61} [HKLM] -> %CommonProgramFiles%\Syst em\Ole DB\MSDAIPP.DLL[Microsoft OLE DB Moniker Binder for Internet Publishing] -> [2003/07/11 09:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) msdaipp\oledb:{E1D2BF40-A 96B-11d1-9C6B-0000F875AC6 1} [HKLM] -> %CommonProgramFiles%\Syst em\Ole DB\MSDAIPP.DLL[MSDAIPP.BINDER] -> [2003/07/11 09:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) ms-itss:{0A9007C0-4076-11 D3-8789-0000F8105754} [HKLM] -> %CommonProgramFiles%\Micr osoft Shared\Information Retrieval\msitss.dll[Microsoft Infotech Storage Protocol for IE 4.0] -> [2001/06/20 09:26:46 | 00,221,184 | ---- | M] (Microsoft Corporation) mso-offdap11:{32505114-59 02-49B2-880A-1F7738E5A384 } [HKLM] -> %CommonProgramFiles%\Micr osoft Shared\Web Components\11\OWC11.DLL[Data Page Plugable Protocal mso-offdap11 Handler] -> [2003/08/01 22:09:04 | 08,086,072 | ---- | M] (Microsoft Corporation) < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056- 444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1- 08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1- 08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1- 08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1- 08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1- 08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1- 08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1- 08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1- 08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1- 08002BE10318} -> System {4D36E980-E325-11CE-BFC1- 08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505- 00C04F79DEAF} -> Volume shadow copy {71A27CDD-812A-11D0-BEC7- 08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE- 00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> %SystemRoot%\pchealth\hel pctr\binaries\pchsvc.dll -> [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) PCI Configuration -> Driver Group PNP Filter -> Driver Group Primary disk -> Driver Group SCSI Class -> Driver Group sermouse.sys -> Driver System Bus Extender -> Driver Group vds -> Service vga.sys -> Driver < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056- 444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1- 08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1- 08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1- 08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1- 08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1- 08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1- 08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1- 08002BE10318} -> Net {4D36E973-E325-11CE-BFC1- 08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1- 08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1- 08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1- 08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1- 08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1- 08002BE10318} -> System {4D36E980-E325-11CE-BFC1- 08002BE10318} -> Floppy disk drive {71A27CDD-812A-11D0-BEC7- 08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE- 00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> %SystemRoot%\pchealth\hel pctr\binaries\pchsvc.dll -> [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) NDIS Wrapper -> Driver Group NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Primary disk -> Driver Group rdpdd.sys -> %SystemRoot%\System32\rdp dd.dll -> [2008/04/13 17:13:22 | 00,092,424 | ---- | M] (Microsoft Corporation) SCSI Class -> Driver Group sermouse.sys -> Driver Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group vga.sys -> Driver < Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Session Manager -> "BootExecute" -> autocheck autochk *; -> "ExcludeFromKnownDlls" -> -> *ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Session Manager\\ObjectDirectorie s -> \Windows -> -> File not found \RPC Control -> -> File not found *MultiFile Done* -> -> *PendingFileRenameOperati ons* -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Session Manager\\PendingFileRenam eOperations -> \??\C:\DOCUME~1\COMPAQ~1\ LOCALS~1\TEMPOR~1\Content .IE5\index.dat [\??\C:\DOCUME~1\COMPAQ~1 \LOCALS~1\TEMPOR~1\Conten t.IE5\index.dat] -> %UserProfile%\Local Settings\Temporary Internet Files\Content.IE5\index.dat [%UserProfile%\Local Settings\Temporary Internet Files\Content.IE5\index.dat] -> [2008/12/21 14:06:01 | 00,098,304 | ---- | M] () *MultiFile Done* -> -> < Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Session Manager\Environment -> "ComSpec" -> C:\WINDOWS\system32\cmd.exe -> [2008/04/13 17:12:14 | 00,389,120 | ---- | M] (Microsoft Corporation) "TEMP" -> %SystemRoot%\TEMP -> "TMP" -> %SystemRoot%\TEMP -> "windir" -> %SystemRoot% -> *Path* -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Session Manager\Environment\\Path -> %SystemRoot%\system32 -> %SystemRoot%\system32 -> [2008/12/20 01:49:13 | 00,000,000 | ---D | M] %SystemRoot% -> %SystemRoot% -> [2008/12/20 19:44:47 | 00,000,000 | ---D | M] %SystemRoot%\System32\Wbe m -> %SystemRoot%\system32\wbe m -> [2008/12/19 17:00:44 | 00,000,000 | ---D | M] c:\Python22 -> %SystemRoot%\system32\pyt hon22.dll -> [2003/05/31 01:12:14 | 00,847,920 | ---- | M] (PythonLabs at Zope Corporation) C:\Program Files\ATI Technologies\ATI Control Panel -> -> File not found *MultiFile Done* -> -> *PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Session Manager\Environment\\PATH EXT -> .COM -> -> File not found .EXE -> -> File not found .BAT -> -> File not found .CMD -> -> File not found .VBS -> -> File not found .VBE -> -> File not found .JS -> -> File not found .JSE -> -> File not found .WSF -> -> File not found .WSH -> -> File not found *MultiFile Done* -> -> < Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Session Manager\FileRenameOperati ons -> < Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Session Manager\KnownDlls -> "advapi32" -> C:\WINDOWS\system32\advap i32.dll -> [2008/04/13 17:11:48 | 00,617,472 | ---- | M] (Microsoft Corporation) "comdlg32" -> C:\WINDOWS\system32\comdl g32.dll -> [2008/04/13 17:11:51 | 00,276,992 | ---- | M] (Microsoft Corporation) "DllDirectory" -> C:\WINDOWS\system32 -> [2008/12/20 01:49:13 | 00,000,000 | ---D | M] "gdi32" -> C:\WINDOWS\system32\gdi32 .dll -> [2008/10/23 05:36:14 | 00,286,720 | ---- | M] (Microsoft Corporation) "imagehlp" -> C:\WINDOWS\system32\image hlp.dll -> [2008/04/13 17:11:54 | 00,144,384 | ---- | M] (Microsoft Corporation) "kernel32" -> C:\WINDOWS\system32\kerne l32.dll -> [2008/04/13 17:11:56 | 00,989,696 | ---- | M] (Microsoft Corporation) "lz32" -> C:\WINDOWS\system32\lz32.dll -> [2004/08/10 12:00:00 | 00,002,560 | ---- | M] (Microsoft Corporation) "ole32" -> C:\WINDOWS\system32\ole32 .dll -> [2008/04/13 17:12:02 | 01,287,168 | ---- | M] (Microsoft Corporation) "oleaut32" -> C:\WINDOWS\system32\oleau t32.dll -> [2008/04/13 17:12:02 | 00,551,936 | ---- | M] (Microsoft Corporation) "olecli32" -> C:\WINDOWS\system32\olecl i32.dll -> [2008/04/13 17:12:02 | 00,074,752 | ---- | M] (Microsoft Corporation) "olecnv32" -> C:\WINDOWS\system32\olecn v32.dll -> [2008/04/13 17:12:02 | 00,037,376 | ---- | M] (Microsoft Corporation) "olesvr32" -> C:\WINDOWS\system32\olesv r32.dll -> [2004/08/10 12:00:00 | 00,022,016 | ---- | M] (Microsoft Corporation) "olethk32" -> C:\WINDOWS\system32\oleth k32.dll -> [2004/08/10 12:00:00 | 00,069,120 | ---- | M] (Microsoft Corporation) "rpcrt4" -> C:\WINDOWS\system32\rpcrt 4.dll -> [2008/04/13 17:12:04 | 00,584,704 | ---- | M] (Microsoft Corporation) "shell32" -> C:\WINDOWS\system32\shell 32.dll -> [2008/04/13 17:12:05 | 08,461,312 | ---- | M] (Microsoft Corporation) "url" -> C:\WINDOWS\system32\url.dll -> [2008/10/16 13:38:39 | 00,105,984 | ---- | M] (Microsoft Corporation) "urlmon" -> C:\WINDOWS\system32\urlmo n.dll -> [2008/10/16 13:38:39 | 01,160,192 | ---- | M] (Microsoft Corporation) "user32" -> C:\WINDOWS\system32\user3 2.dll -> [2008/04/13 17:12:08 | 00,578,560 | ---- | M] (Microsoft Corporation) "version" -> C:\WINDOWS\system32\versi on.dll -> [2008/04/13 17:12:08 | 00,018,944 | ---- | M] (Microsoft Corporation) "wininet" -> C:\WINDOWS\system32\winin et.dll -> [2008/10/16 13:38:40 | 00,826,368 | ---- | M] (Microsoft Corporation) "wldap32" -> C:\WINDOWS\system32\wldap 32.dll -> [2008/04/13 17:12:09 | 00,172,032 | ---- | M] (Microsoft Corporation) < Session Manager SFC Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Contro l\Session Manager\SFC -> "CommonFilesDir" -> C:\Program Files\Common Files -> [2008/12/19 13:26:24 | 00,000,000 | ---D | M] "ProgramFilesDir" -> C:\Program Files -> [2008/12/20 21:56:29 | 00,000,000 | ---D | M] < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 12/20/2008 4:09:05 AM Computer Name = YOUR-B27FB1C401 | Source = MsiInstaller | ID = 11921 -> Description = Product: Authentium AntiVirus SDK - 2 -- Error 1921. Service 'dvpapi' (DvpApi) could not be stopped. Verify that you have sufficient privileges to stop system services. Application [ Error ] 12/20/2008 6:05:08 AM Computer Name = YOUR-B27FB1C401 | Source = MsiInstaller | ID = 11921 -> Description = Product: Authentium AntiVirus SDK - 2 -- Error 1921. Service 'dvpapi' (DvpApi) could not be stopped. Verify that you have sufficient privileges to stop system services. Application [ Error ] 12/20/2008 6:13:18 AM Computer Name = YOUR-B27FB1C401 | Source = MsiInstaller | ID = 11921 -> Description = Product: Authentium AntiVirus SDK - 2 -- Error 1921. Service 'dvpapi' (DvpApi) could not be stopped. Verify that you have sufficient privileges to stop system services. Application [ Error ] 12/20/2008 4:50:19 PM Computer Name = YOUR-B27FB1C401 | Source = MsiInstaller | ID = 11921 -> Description = Product: Authentium AntiVirus SDK - 2 -- Error 1921. Service 'dvpapi' (DvpApi) could not be stopped. Verify that you have sufficient privileges to stop system services. Application [ Error ] 12/20/2008 4:58:40 PM