Logfile of random's system information tool 1.05 (written by random/random)
Run by Frank at 2009-02-26 21:27:11
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 84 GB (55%) free of 153 GB
Total RAM: 639 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:27:13 PM, on 2/26/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Frank.HAPPYGOLUCKY\Local Settings\Temporary Internet Files\Content.IE5\QL6169GB\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Frank.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.geekstogo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80205
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_customize.aspx?tbid=80205
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: C:\WINDOWS\system32\hsfd83jfdg.dll - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hsfd83jfdg.dll (file missing)
O2 - BHO: (no name) - {D44F5994-A1A9-47F1-BE84-C6A38F36FFB0} - C:\WINDOWS\system32\yayyXNGW.dll (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: The retnsrp - {CC304A4D-FC79-4CD3-9A67-46E3AF59319D} - C:\WINDOWS\retnsrp.dll (file missing)
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe
O4 - HKLM\..\Run: [wclock] "C:\Documents and Settings\TEMP.FAMILY_COMPUTER.004\Application Data\Google\yfijv17721328.exe" 2
O4 - HKLM\..\Run: [jsf8uiw3jnjgffght] C:\WINDOWS\TEMP\winlognn.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Trust Cleaner] "C:\Program Files\Trust Cleaner\Trust Cleaner.exe"
O4 - HKCU\..\Run: [TrustIn Popups] "C:\Program Files\TrustIn Popups\TrustInPopups.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [XP Antivirus] C:\Program Files\XP Antivirus\xpa.exe
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.36.0\Weather.exe" -auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [nepifadisi] Rundll32.exe "C:\WINDOWS\system32\dapavama.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [jsf8uiw3jnjgffght] C:\WINDOWS\TEMP\winlognn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [jsf8uiw3jnjgffght] C:\WINDOWS\TEMP\winlognn.exe (User 'Default user')
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSYYYYYYOHUS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/DinerDash2.1.0.0.68.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188662825063
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1188662933189
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/en-US/TSEasyInstallX.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} (CPlayFirstSweetopiaControl Object) - http://zone.msn.com/bingame/swet/default/Sweetopia.1.0.0.46.cab
O20 - Winlogon Notify: 682e3af4509 - C:\WINDOWS\System32\dataclen32.dll (file missing)
O20 - Winlogon Notify: awtsQIBt - awtsQIBt.dll (file missing)
O20 - Winlogon Notify: awtsRijh - awtsRijh.dll (file missing)
O20 - Winlogon Notify: cbXNEWpP - cbXNEWpP.dll (file missing)
O20 - Winlogon Notify: cedbeafcbffddcfebcfc - C:\WINDOWS\system32\cedbeafcbffddcfebcfc.dll (file missing)
O20 - Winlogon Notify: khfGyvtQ - khfGyvtQ.dll (file missing)
O20 - Winlogon Notify: nnnljkHy - nnnljkHy.dll (file missing)
O20 - Winlogon Notify: urqOIabY - urqOIabY.dll (file missing)
O20 - Winlogon Notify: wvUmjJyX - wvUmjJyX.dll (file missing)
O21 - SSODL: nopzet - {DBD86DC8-4284-4A3B-9096-FE97039831E2} - C:\WINDOWS\nopzet.dll (file missing)
O21 - SSODL: leorop - {31332C2A-02A4-4E4E-9B79-2A33E9BAFBE5} - C:\WINDOWS\leorop.dll (file missing)
O22 - SharedTaskScheduler: jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hsfd83jfdg.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe (file missing)
O23 - Service: Terminal Connections (terms) - Unknown owner - C:\WINDOWS\system32\terminals.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

--
End of file - 10609 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5BF49A2-94F3-42BD-F434-3604812C8955}]
C:\WINDOWS\system32\hsfd83jfdg.dll - C:\WINDOWS\system32\hsfd83jfdg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D44F5994-A1A9-47F1-BE84-C6A38F36FFB0}]
C:\WINDOWS\system32\yayyXNGW.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - SweetIM For Internet Explorer - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll []
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
{CC304A4D-FC79-4CD3-9A67-46E3AF59319D} - The retnsrp - C:\WINDOWS\retnsrp.dll []
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Zune Launcher"=c:\Program Files\Zune\ZuneLauncher.exe [2008-04-29 158624]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"spywareguard"=C:\Program Files\Spyware Guard 2008\spywareguard.exe []
"wclock"=C:\Documents and Settings\TEMP.FAMILY_COMPUTER.004\Application Data\Google\yfijv17721328.exe 2 []
"jsf8uiw3jnjgffght"=C:\WINDOWS\TEMP\winlognn.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=~C:\Program Files\MSN Messenger\msnmsgr.exe /background []
"AIM"=C:\Program Files\AIM\aim.exe -cnetwait.odl []
"Trust Cleaner"=C:\Program Files\Trust Cleaner\Trust Cleaner.exe []
"TrustIn Popups"=C:\Program Files\TrustIn Popups\TrustInPopups.exe []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
"Aim6"= []
"XP Antivirus"=C:\Program Files\XP Antivirus\xpa.exe []
"WeatherDPA"=C:\Program Files\Zango\bin\10.3.36.0\Weather.exe -auto []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\Frank.HAPPYGOLUCKY\Start Menu\Programs\Startup
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\682e3af4509]
C:\WINDOWS\System32\dataclen32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtsQIBt]
awtsQIBt.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtsRijh]
awtsRijh.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbXNEWpP]
cbXNEWpP.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cedbeafcbffddcfebcfc]
C:\WINDOWS\system32\cedbeafcbffddcfebcfc.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khfGyvtQ]
khfGyvtQ.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\nnnljkHy]
nnnljkHy.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqOIabY]
urqOIabY.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvUmjJyX]
wvUmjJyX.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
nopzet - {DBD86DC8-4284-4A3B-9096-FE97039831E2} - C:\WINDOWS\nopzet.dll []
leorop - {31332C2A-02A4-4E4E-9B79-2A33E9BAFBE5} - C:\WINDOWS\leorop.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hsfd83jfdg.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\yayyXNGW
"notification packages"=scecli
C:\WINDOWS\system32\nezogeju.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\TurboTax\Basic 2007\32bit\ttax.exe"="C:\Program Files\TurboTax\Basic 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Basic 2007\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Basic 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.inf - open - e %1
.ini - open - notepad.exe %1
.txt - open - notepad.exe %1

======List of files/folders created in the last 3 months======

2009-02-26 21:26:40 ----D---- C:\rsit
2009-02-26 08:44:43 ----D---- C:\32788R22FWJFW
2009-02-26 06:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-02-25 22:16:58 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-25 22:09:16 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-25 20:20:39 ----D---- C:\WINDOWS\Prefetch
2009-02-25 20:14:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-02-25 20:14:00 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-02-25 20:13:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-02-25 20:13:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-02-25 20:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-25 20:13:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-02-25 20:13:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-02-25 20:13:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-02-25 20:13:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-25 20:13:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-02-25 20:12:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-02-25 20:12:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-02-25 20:12:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-02-25 20:12:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-02-25 20:12:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-02-25 20:12:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-02-25 20:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-02-25 20:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-02-25 20:12:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-02-25 20:11:54 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-02-25 20:11:48 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-02-25 20:07:17 ----D---- C:\WINDOWS\system32\scripting
2009-02-25 20:07:15 ----D---- C:\WINDOWS\l2schemas
2009-02-25 20:07:14 ----D---- C:\WINDOWS\system32\en
2009-02-25 19:57:46 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-02-24 22:48:17 ----D---- C:\myRTVAULT
2009-02-24 22:47:51 ----D---- C:\myRT
2009-02-24 17:41:58 ----D---- C:\WINDOWS\xx
2009-02-23 09:19:36 ----D---- C:\WINDOWS\BDOSCAN8
2009-02-21 12:07:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-02-21 12:07:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2009-02-21 12:07:28 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-02-21 12:07:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2009-02-21 12:07:12 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-02-21 12:06:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958215_0$
2009-02-21 12:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2009-02-21 12:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2009-02-21 12:06:06 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2009-02-21 12:05:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2009-02-21 12:05:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960714_0$
2009-02-21 12:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-02-21 12:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-02-21 12:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2009-02-21 12:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2009-02-21 12:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-21 12:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-02-21 12:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$
2009-02-21 12:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2009-02-21 12:01:53 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-02-21 12:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2009-02-21 12:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2009-02-21 12:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2009-02-21 12:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2009-02-21 12:01:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2009-02-21 12:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2009-02-21 12:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2009-02-21 12:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-02-21 12:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-02-20 15:13:51 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-02-20 15:13:47 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-02-20 15:13:45 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-02-20 15:13:45 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-02-20 15:13:40 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-02-20 15:13:34 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-02-20 15:13:33 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-02-20 15:13:26 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2009-02-20 15:13:24 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2009-02-20 15:13:23 ----N---- C:\WINDOWS\system32\slserv.exe
2009-02-20 15:13:23 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-02-20 15:13:23 ----N---- C:\WINDOWS\slrundll.exe
2009-02-20 15:13:18 ----N---- C:\WINDOWS\system32\setupn.exe
2009-02-20 15:13:14 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-02-20 15:13:11 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-02-20 15:13:11 ----N---- C:\WINDOWS\system32\qutil.dll
2009-02-20 15:13:09 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-02-20 15:13:09 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-02-20 15:13:09 ----N---- C:\WINDOWS\system32\qagent.dll
2009-02-20 15:13:07 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-02-20 15:13:02 ----N---- C:\WINDOWS\system32\onex.dll
2009-02-20 15:12:51 ----N---- C:\WINDOWS\system32\napstat.exe
2009-02-20 15:12:51 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-02-20 15:12:51 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-02-20 15:12:50 ----A---- C:\WINDOWS\system32\msxml6r.dll
2009-02-20 15:12:48 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-02-20 15:12:48 ----N---- C:\WINDOWS\system32\mssha.dll
2009-02-20 15:12:08 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-02-20 15:12:06 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-02-20 15:12:06 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-02-20 15:12:05 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-02-20 15:11:41 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-02-20 15:11:40 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-02-20 15:11:39 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-02-20 15:11:39 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-02-20 15:11:39 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-02-20 15:11:39 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-02-20 15:11:22 ----N---- C:\WINDOWS\system32\faxpatch.exe
2009-02-20 15:11:22 ----A---- C:\WINDOWS\002725_.tmp
2009-02-20 15:11:20 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-02-20 15:11:20 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-02-20 15:11:20 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-02-20 15:11:20 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-02-20 15:11:20 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-02-20 15:11:20 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-02-20 15:11:20 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-02-20 15:11:20 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-02-20 15:11:17 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-02-20 15:11:17 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-02-20 15:11:17 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-02-20 15:11:17 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-02-20 15:11:17 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-02-20 15:11:17 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-02-20 15:11:17 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-02-20 15:11:15 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-02-20 15:11:15 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-02-20 15:11:14 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-02-20 15:11:11 ----N---- C:\WINDOWS\system32\credssp.dll
2009-02-20 15:11:05 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-02-20 15:11:05 ----N---- C:\WINDOWS\system32\azroles.dll
2009-02-20 15:10:55 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-02-20 14:46:30 ----D---- C:\Documents and Settings\Frank.HAPPYGOLUCKY\Application Data\Malwarebytes
2009-02-18 16:48:36 ----A---- C:\Bug.txt
2009-02-18 16:48:35 ----A---- C:\WINDOWS\system32\cmd.execf
2009-02-17 23:36:27 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-02-17 23:22:37 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-02-17 23:22:37 ----A---- C:\WINDOWS\system32\irclass.dll
2009-02-17 21:22:39 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-02-17 21:22:38 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-02-17 21:22:35 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-02-17 21:20:54 ----A---- C:\WINDOWS\system32\write.exe
2009-02-17 21:20:53 ----A---- C:\WINDOWS\system32\winmine.exe
2009-02-17 21:20:53 ----A---- C:\WINDOWS\system32\sol.exe
2009-02-17 21:20:53 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-02-17 21:20:53 ----A---- C:\WINDOWS\system32\charmap.exe
2009-02-17 21:20:53 ----A---- C:\WINDOWS\system32\calc.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\tskill.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\tscon.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\shadow.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\reset.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\regini.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-02-17 21:20:52 ----A---- C:\WINDOWS\system32\freecell.exe
2009-02-17 21:20:51 ----A---- C:\WINDOWS\system32\msg.exe
2009-02-17 21:20:51 ----A---- C:\WINDOWS\system32\logoff.exe
2009-02-17 21:20:51 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-02-17 21:20:50 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-02-17 21:20:49 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-02-17 21:20:49 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-02-17 21:20:48 ----A---- C:\WINDOWS\system32\spider.exe
2009-02-17 21:20:48 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-02-17 21:20:48 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-02-17 21:20:48 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-02-17 21:20:47 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-02-17 21:20:47 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-02-17 21:20:47 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-02-17 21:20:47 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-02-17 21:20:47 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-02-17 21:20:46 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-02-13 09:06:20 ----D---- C:\WINDOWS\ERDNT
2009-02-12 08:50:36 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-02-12 08:50:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-11 20:17:01 ----A---- C:\WINDOWS\system32\TweakUI.exe
2009-02-10 21:28:16 ----RSHD---- C:\$RECYCLE.BIN
2009-02-10 21:27:29 ----HD---- C:\$AVG8.VAULT$
2009-01-13 08:47:15 ----A---- C:\WINDOWS\system32\rn.tmp
2009-01-12 23:23:17 ----ASH---- C:\WINDOWS\system32\mhenfheq.ini
2009-01-12 01:01:36 ----D---- C:\ebcdf5ab059e37cdc3939919
2009-01-11 23:19:38 ----ASH---- C:\WINDOWS\system32\cmiwqofs.ini
2009-01-10 23:21:11 ----ASH---- C:\WINDOWS\system32\vdumwpag.ini
2009-01-09 23:19:54 ----ASH---- C:\WINDOWS\system32\kssdhawd.ini
2009-01-08 22:52:41 ----ASH---- C:\WINDOWS\system32\aoolacrw.ini
2009-01-07 21:46:08 ----ASH---- C:\WINDOWS\system32\xowasfhf.ini
2009-01-07 16:50:52 ----D---- C:\Program Files\cheapestsoft
2009-01-06 21:19:13 ----ASH---- C:\WINDOWS\system32\fgidncyd.ini
2009-01-05 19:51:29 ----ASH---- C:\WINDOWS\system32\lqbbwjok.ini
2009-01-05 18:46:36 ----ASH---- C:\WINDOWS\system32\xqdkjvnl.ini
2009-01-04 18:38:36 ----ASH---- C:\WINDOWS\system32\oklwylmr.ini
2009-01-04 01:19:21 ----ASH---- C:\WINDOWS\system32\vfylamnh.ini
2009-01-03 01:22:04 ----ASH---- C:\WINDOWS\system32\forvldcx.ini
2009-01-02 01:05:25 ----ASH---- C:\WINDOWS\system32\dswptfoy.ini
2009-01-01 02:50:18 ----ASH---- C:\WINDOWS\system32\utajirab.ini
2009-01-01 00:49:17 ----ASH---- C:\WINDOWS\system32\ehbesegq.ini
2008-12-31 00:43:16 ----ASH---- C:\WINDOWS\system32\agpbhyfk.ini
2008-12-30 23:44:57 ----ASH---- C:\WINDOWS\system32\tbolsjag.ini
2008-12-29 22:02:47 ----ASH---- C:\WINDOWS\system32\noupvbvu.ini
2008-12-29 14:11:59 ----D---- C:\Program Files\Crawler
2008-12-29 14:11:24 ----D---- C:\Program Files\Inbox Toolbar
2008-12-28 18:12:18 ----ASH---- C:\WINDOWS\system32\tishryjm.ini
2008-12-27 17:57:48 ----ASH---- C:\WINDOWS\system32\xejkxend.ini
2008-12-27 11:31:49 ----ASH---- C:\WINDOWS\system32\utejageb.ini
2008-12-26 20:46:40 ----ASH---- C:\WINDOWS\system32\ctoiuene.ini
2008-12-25 16:41:20 ----ASH---- C:\WINDOWS\system32\bscibmdf.ini
2008-12-24 16:48:24 ----ASH---- C:\WINDOWS\system32\tybrcawm.ini
2008-12-22 22:58:12 ----ASH---- C:\WINDOWS\system32\klpsosab.ini
2008-12-21 14:57:34 ----ASH---- C:\WINDOWS\system32\svecntdk.ini
2008-12-20 12:03:19 ----ASH---- C:\WINDOWS\system32\xxsunfhd.ini
2008-12-19 10:04:43 ----ASH---- C:\WINDOWS\system32\mwwncllb.ini
2008-12-18 20:53:31 ----ASH---- C:\WINDOWS\system32\rpumxdfj.ini
2008-12-17 20:50:52 ----ASH---- C:\WINDOWS\system32\drlawqsu.ini
2008-12-17 18:07:04 ----ASH---- C:\WINDOWS\system32\igmcyfgo.ini
2008-12-17 15:07:42 ----ASH---- C:\WINDOWS\system32\nlhkealm.ini
2008-12-16 15:06:57 ----ASH---- C:\WINDOWS\system32\uspaffac.ini
2008-12-15 13:31:46 ----ASH---- C:\WINDOWS\system32\lyjvhagk.ini
2008-12-14 11:39:33 ----ASH---- C:\WINDOWS\system32\beqdvdnw.ini
2008-12-13 00:17:16 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Digsby
2008-12-13 00:06:03 ----ASH---- C:\WINDOWS\system32\yonkhojn.ini
2008-12-11 23:58:20 ----ASH---- C:\WINDOWS\system32\hljciebm.ini
2008-12-10 18:17:16 ----ASH---- C:\WINDOWS\system32\camclygk.ini
2008-12-09 18:12:42 ----ASH---- C:\WINDOWS\system32\ciwgfmss.ini
2008-12-09 15:08:54 ----ASH---- C:\WINDOWS\system32\cxamclin.ini
2008-12-09 15:05:48 ----ASH---- C:\WINDOWS\system32\tBLRuBeg.ini2
2008-12-09 15:05:47 ----ASH---- C:\WINDOWS\system32\tBLRuBeg.ini
2008-12-08 18:11:32 ----ASH---- C:\WINDOWS\system32\kqvncwnk.ini
2008-12-07 18:15:25 ----ASH---- C:\WINDOWS\system32\ycirvduw.ini
2008-12-06 18:10:01 ----ASH---- C:\WINDOWS\system32\dwahxqhc.ini
2008-12-05 15:40:44 ----ASH---- C:\WINDOWS\system32\hbytknao.ini
2008-12-04 10:50:34 ----ASH---- C:\WINDOWS\system32\uvrrlmnw.ini
2008-12-03 00:12:14 ----ASH---- C:\WINDOWS\system32\cepuecui.ini
2008-12-02 00:15:15 ----ASH---- C:\WINDOWS\system32\hbxteicu.ini
2008-12-01 16:15:19 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-01 16:10:41 ----D---- C:\Program Files\Bonjour
2008-12-01 00:10:23 ----ASH---- C:\WINDOWS\system32\oqtlvwfh.ini
2008-11-30 00:08:54 ----ASH---- C:\WINDOWS\system32\otcrbytw.ini
2008-11-28 15:46:36 ----ASH---- C:\WINDOWS\system32\lkdvnxyi.ini
2008-11-27 15:45:29 ----ASH---- C:\WINDOWS\system32\efxijxll.ini
2008-11-27 03:57:44 ----ASH---- C:\WINDOWS\system32\nlhunenu.ini

======List of files/folders modified in the last 3 months======

2009-02-26 21:26:53 ----RSHD---- C:\WINDOWS\Temp
2009-02-26 09:10:03 ----SHD---- C:\WINDOWS\Installer
2009-02-26 09:10:03 ----SHD---- C:\Config.Msi
2009-02-26 09:10:02 ----D---- C:\WINDOWS\WinSxS
2009-02-26 09:10:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-02-26 09:09:45 ----RAD---- C:\Program Files
2009-02-26 09:09:34 ----D---- C:\WINDOWS\system32\drivers
2009-02-26 09:09:34 ----D---- C:\WINDOWS
2009-02-26 09:09:34 ----AD---- C:\WINDOWS\system32
2009-02-26 09:09:32 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg7
2009-02-26 08:40:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-26 08:39:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-26 08:35:46 ----A---- C:\WINDOWS\OEWABLog.txt
2009-02-26 06:03:27 ----HD---- C:\WINDOWS\inf
2009-02-26 06:03:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-26 06:02:51 ----A---- C:\WINDOWS\imsins.BAK
2009-02-26 06:02:38 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-26 06:01:20 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-26 05:19:46 ----D---- C:\WINDOWS\system32\en-US
2009-02-26 05:19:45 ----D---- C:\WINDOWS\Help
2009-02-26 05:19:45 ----D---- C:\Program Files\Internet Explorer
2009-02-25 22:59:16 ----HDC---- C:\WINDOWS\ie7
2009-02-25 20:25:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-25 20:20:57 ----A---- C:\WINDOWS\setuplog.txt
2009-02-25 20:20:06 ----D---- C:\WINDOWS\system32\Setup
2009-02-25 20:20:06 ----D---- C:\WINDOWS\AppPatch
2009-02-25 20:20:06 ----D---- C:\Program Files\Messenger
2009-02-25 20:20:05 ----RSD---- C:\WINDOWS\Fonts
2009-02-25 20:20:05 ----D---- C:\WINDOWS\system32\wbem
2009-02-25 20:18:46 ----D---- C:\WINDOWS\security
2009-02-25 20:07:45 ----D---- C:\Program Files\Windows Media Player
2009-02-25 20:07:33 ----D---- C:\WINDOWS\network diagnostic
2009-02-25 20:07:33 ----D---- C:\WINDOWS\ime
2009-02-25 20:07:18 ----D---- C:\WINDOWS\system32\usmt
2009-02-25 20:07:14 ----D---- C:\WINDOWS\system32\bits
2009-02-25 20:07:14 ----D---- C:\WINDOWS\peernet
2009-02-25 20:07:14 ----D---- C:\Program Files\Movie Maker
2009-02-25 20:04:10 ----D---- C:\WINDOWS\system32\Restore
2009-02-25 20:04:10 ----D---- C:\WINDOWS\system32\npp
2009-02-25 20:04:09 ----D---- C:\WINDOWS\msagent
2009-02-25 20:04:07 ----D---- C:\WINDOWS\srchasst
2009-02-25 20:04:06 ----D---- C:\Program Files\NetMeeting
2009-02-25 20:04:05 ----D---- C:\WINDOWS\system32\Com
2009-02-25 20:04:02 ----D---- C:\Program Files\Windows NT
2009-02-25 20:04:02 ----D---- C:\Program Files\Outlook Express
2009-02-25 20:03:58 ----D---- C:\Program Files\Common Files\System
2009-02-25 20:03:41 ----D---- C:\WINDOWS\system32\oobe
2009-02-25 20:03:38 ----D---- C:\WINDOWS\system
2009-02-25 19:57:44 ----D---- C:\WINDOWS\EHome
2009-02-24 23:12:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-23 09:19:39 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-23 09:13:34 ----D---- C:\Program Files\Mozilla Firefox
2009-02-20 14:50:54 ----D---- C:\WINDOWS\Debug
2009-02-20 14:47:41 ----SHD---- C:\System Volume Information
2009-02-20 08:49:37 ----D---- C:\WINDOWS\SoftwareDistribution
2009-02-18 21:02:22 ----RSHD---- C:\temp
2009-02-18 00:19:11 ----D---- C:\WINDOWS\Registration
2009-02-18 00:13:14 ----D---- C:\WINDOWS\system32\config
2009-02-17 23:37:49 ----A---- C:\WINDOWS\ODBCINST.INI
2009-02-17 23:37:17 ----D---- C:\WINDOWS\system32\ias
2009-02-17 23:36:32 ----RD---- C:\WINDOWS\Web
2009-02-17 23:36:17 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-02-17 23:36:03 ----A---- C:\WINDOWS\win.ini
2009-02-17 23:33:33 ----SH---- C:\boot.ini
2009-02-17 23:22:44 ----A---- C:\WINDOWS\system.ini
2009-02-17 23:22:28 ----ASH---- C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini
2009-02-17 21:46:40 ----A---- C:\WINDOWS\system32\wpa.bak
2009-02-17 11:18:35 ----D---- C:\WINDOWS\Media
2009-02-17 11:13:21 ----D---- C:\WINDOWS\twain_32
2009-02-17 11:11:57 ----D---- C:\WINDOWS\system32\icsxml
2009-02-17 11:11:09 ----D---- C:\WINDOWS\system32\1033
2009-02-17 11:09:50 ----D---- C:\WINDOWS\Driver Cache
2009-02-17 06:52:23 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-02-17 06:52:18 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-02-17 06:52:14 ----HDC---- C:\WINDOWS\$NtUninstallKB914388_0$
2009-02-17 06:52:14 ----HDC---- C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$
2009-02-17 06:52:12 ----HDC---- C:\WINDOWS\$NtUninstallKB896428_0$
2009-02-17 06:52:12 ----HDC---- C:\WINDOWS\$NtUninstallKB896423_0$
2009-02-17 06:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB885836_0$
2009-02-17 06:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB835732$
2009-02-17 06:50:31 ----HDC---- C:\WINDOWS\$MSI30UninstallMSI30-KB884016$
2009-02-17 05:11:50 ----D---- C:\Program Files\WinZip
2009-02-17 05:11:46 ----D---- C:\Program Files\WinRAR
2009-02-17 05:11:45 ----D---- C:\Program Files\WinPcap
2009-02-17 05:11:37 ----D---- C:\Program Files\Windows Media Connect 2
2009-02-17 05:11:37 ----D---- C:\Program Files\Windows Live Toolbar
2009-02-17 05:11:36 ----D---- C:\Program Files\WhatPulse
2009-02-17 05:11:35 ----D---- C:\Program Files\Warning Banner Creator
2009-02-17 05:10:50 ----D---- C:\Program Files\SWiSHmax
2009-02-17 05:10:47 ----D---- C:\Program Files\STOPzilla!
2009-02-17 05:10:47 ----D---- C:\Program Files\Source Edit
2009-02-17 05:10:46 ----D---- C:\Program Files\SiSLan
2009-02-17 05:10:43 ----D---- C:\Program Files\RRIM
2009-02-17 05:10:41 ----D---- C:\Program Files\Rhapsody
2009-02-17 05:10:26 ----D---- C:\Program Files\QuickTime
2009-02-17 05:10:15 ----D---- C:\Program Files\Napster
2009-02-17 05:10:03 ----D---- C:\Program Files\Microsoft IntelliType Pro
2009-02-17 05:08:24 ----D---- C:\Program Files\LimeWire
2009-02-17 05:08:23 ----D---- C:\Program Files\Last.fm
2009-02-17 05:08:12 ----D---- C:\Program Files\ItsDeductibleEX
2009-02-17 05:08:11 ----D---- C:\Program Files\ItsDeductible2006
2009-02-17 05:08:07 ----D---- C:\Program Files\ItsDeductible2005
2009-02-17 05:05:45 ----D---- C:\Program Files\in2site 1and1 us
2009-02-17 05:05:03 ----D---- C:\Program Files\GoldPocket
2009-02-17 05:05:02 ----D---- C:\Program Files\GameSpot
2009-02-17 05:05:01 ----D---- C:\Program Files\FileZilla
2009-02-17 05:04:52 ----D---- C:\Program Files\Digsby
2009-02-17 05:04:12 ----D---- C:\Program Files\CamStudio
2009-02-17 05:04:09 ----D---- C:\Program Files\C-Media 3D Audio
2009-02-17 05:04:08 ----D---- C:\Program Files\Best Buy Digital Music Store Powered by Rhapsody
2009-02-17 05:04:05 ----D---- C:\Program Files\AdwareFilter
2009-02-17 05:03:28 ----D---- C:\Program Files\ActiveX Control Pad
2009-02-17 05:03:26 ----D---- C:\GFactory
2009-02-16 05:37:03 ----A---- C:\WINDOWS\system32\java.exe
2009-02-15 18:13:49 ----D---- C:\Program Files\MSN Messenger
2009-01-16 21:35:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-13 08:49:30 ----D---- C:\Documents and Settings
2009-01-10 20:59:37 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-25 15:10:47 ----D---- C:\Program Files\Adobe
2008-12-20 17:15:41 ----A---- C:\WINDOWS\system32\wininet.dll
2008-12-20 17:15:40 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-12-20 17:15:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-12-20 17:15:39 ----A---- C:\WINDOWS\system32\url.dll
2008-12-20 17:15:38 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-12-20 17:15:38 ----N---- C:\WINDOWS\system32\occache.dll
2008-12-20 17:15:32 ----N---- C:\WINDOWS\system32\mstime.dll
2008-12-20 17:15:31 ----N---- C:\WINDOWS\system32\msrating.dll
2008-12-20 17:15:30 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-12-20 17:15:24 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-12-20 17:15:23 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-12-20 17:15:23 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-12-20 17:15:22 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-12-20 17:15:21 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-12-20 17:15:21 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-12-20 17:15:16 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-12-20 17:15:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-12-20 17:15:14 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-12-20 17:15:14 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-12-20 17:15:13 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-12-20 17:15:13 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-12-20 17:15:13 ----A---- C:\WINDOWS\system32\icardie.dll
2008-12-20 17:15:12 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-12-20 17:15:11 ----A---- C:\WINDOWS\system32\advpack.dll
2008-12-20 01:58:37 ----A---- C:\WINDOWS\_GEAREXT.WO_IDENT.TXT
2008-12-19 03:10:15 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-12-19 03:10:15 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-12-18 23:23:56 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-12-16 23:31:46 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP
2008-12-16 21:40:30 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2008-12-09 15:06:13 ----A---- C:\WINDOWS\system32\630dfe25-.txt
2008-12-01 16:16:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-01 16:16:33 ----D---- C:\Program Files\iTunes
2008-12-01 16:15:31 ----D---- C:\Program Files\iPod

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2008-02-09 821856]
R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2008-02-09 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2008-02-09 27776]
R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2008-02-09 10760]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2005-11-20 16512]
R2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys [2006-05-17 8413]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\DRIVERS\zumbus.sys [2008-04-29 40704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2004-08-03 32768]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 is-SQGERdrv;is-SQGERdrv; C:\WINDOWS\system32\DRIVERS\66490597.sys []
S1 seneka;seneka; C:\WINDOWS\system32\drivers\senekajlnnqvns.sys []
S3 Bridge;MAC Bridge; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-12-15 1368000]
S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2004-08-04 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbcm;USB Cable Modem 351000 NDIS Driver; C:\WINDOWS\System32\DRIVERS\usbcm.sys [2002-04-11 13335]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZD1211BU(WLAN);IEEE 802.11g USB Wireless LAN(WLAN); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-06-27 450560]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 ZuneBusEnum;Zune Bus Enumerator; c:\WINDOWS\system32\ZuneBusEnum.exe [2008-04-29 61856]
R2 ZuneNetworkSvc;Zune Network Sharing Service; c:\Program Files\Zune\ZuneNss.exe [2008-04-29 5065120]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 NNServ;NNServ; C:\Program Files\NewDotNet\nnrun.exe C:\Program Files\NewDotNet\nncore.dll ServiceStart []
S2 terms;Terminal Connections; C:\WINDOWS\system32\terminals.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; c:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2008-04-29 245664]

-----------------EOF-----------------