OTListIt logfile created on: 04/05/2009 2:13:00 AM - Run 3
OTListIt2 by OldTimer - Version 2.0.15.3     Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
 
958.48 Mb Total Physical Memory | 606.29 Mb Available Physical Memory | 63.26% Memory free
2.26 Gb Paging File | 2.10 Gb Available in Paging File | 92.93% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 224.37 Gb Total Space | 215.14 Gb Free Space | 95.89% Space Free | Partition Type: NTFS
Drive D: | 8.50 Gb Total Space | 1.13 Gb Free Space | 13.31% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SAFI
Current User Name: HP_Administrator
Logged in as Administrator.
 
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
 
[color=orange]========== Processes (SafeList) ==========[/color]
 
PRC - C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
PRC - C:\WINDOWS\NOTEPAD.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTListIt2.exe (OldTimer Tools)
PRC - C:\WINDOWS\notepad.exe (Microsoft Corporation)
PRC - C:\WINDOWS\notepad.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe (Mozilla Corporation)
PRC - C:\WINDOWS\notepad.exe (Microsoft Corporation)
 
[color=orange]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (ARSVC [Auto | Stopped]) -- C:\WINDOWS\arservice.exe (Microsoft)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Stopped]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ehRecvr [Auto | Stopped]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Stopped]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (LightScribeService [Auto | Stopped]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (McrdSvc [Auto | Stopped]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (MDM [Auto | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Boot | Stopped]) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (UMWdf [On_Demand | Stopped]) -- C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
SRV - (avast! Antivirus [Auto | Stopped]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (aswUpdSv [Auto | Stopped]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Stopped]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Stopped]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
 
[color=orange]========== Driver Services (SafeList) ==========[/color]
 
DRV - (ALCXWDM [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AmdK8 [System | Stopped]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (ati2mtag [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (bb-run [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\bb-run.sys (Promise Technology, Inc.)
DRV - (ftsata2 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys (Promise Technology, Inc.)
DRV - (HSFHWBS2 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (mdmxsdk [Auto | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (Ps2 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\PS2.sys (Hewlett-Packard Company)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTL8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys ()
DRV - (winachsf [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
 
[color=orange]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=orange]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=orange]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "google.ca"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5b4
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5b4\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX 3.5 BETA 4\COMPONENTS [2009/05/04 00:24:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5b4\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX 3.5 BETA 4\PLUGINS [2009/05/04 00:23:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Components: C:\PROGRAM FILES\NETSCAPE\NETSCAPE BROWSER\COMPONENTS [2009/05/04 00:16:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Plugins: C:\PROGRAM FILES\NETSCAPE\NETSCAPE BROWSER\PLUGINS [2005/11/12 12:24:24 | 00,000,000 | ---D | M]
 
[2009/05/04 00:24:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions
[2009/05/04 00:24:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/04 01:29:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Firefox\Profiles\intf9r9n.default\extensions
[2009/05/04 01:29:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\mozilla\Firefox\Profiles\intf9r9n.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
 
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE (Microsoft)
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
O4 - HKLM..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe (Digital Interactive Systems Corporation, Inc.)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PCDrProfiler]  File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html File not found
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html File not found
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html File not found
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html File not found
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.11,85.255.112.139
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{B71FB1C2-527B-4C52-B293-D3C467E3D866}\\NameServer = 85.255.112.11,85.255.112.139
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter:  - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/12 12:27:37 | 00,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 05:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
O34 - HKLM BootExecute: (aswBoot.exe) - C:\WINDOWS\system32\aswBoot.exe (ALWIL Software)
O34 - HKLM BootExecute: (/A:"*") -  File not found
O34 - HKLM BootExecute: (/L:"English") -  File not found
O34 - HKLM BootExecute: (/KBD:2) -  File not found
 
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[1 C:\WINDOWS\System32\*.tmp files]
[2009/05/04 01:57:49 | 00,078,336 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\Agent.OMZ.Fix.exe
[2009/05/04 01:40:38 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/05/04 01:40:38 | 00,001,720 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/05/04 01:40:37 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/05/04 01:40:37 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/05/04 01:40:35 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/05/04 01:40:34 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/05/04 01:40:34 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/05/04 01:40:34 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/05/04 01:40:34 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/05/04 01:40:19 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/05/04 01:40:19 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/05/04 01:40:17 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/05/04 01:26:10 | 00,093,297 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\netcrafttoolbar-1.1.1.7-fx.xpi
[2009/05/04 01:25:01 | 00,093,297 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\netcrafttoolbar-1.1.1.7-fx.xpi
[2009/05/04 01:19:25 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2009/05/04 01:19:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Yahoo!
[2009/05/04 01:19:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/05/04 01:09:40 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\desktop.ini
[2009/05/04 01:09:38 | 00,000,087 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\desktop.ini
[2009/05/04 01:09:38 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\desktop.ini
[2009/05/04 01:09:36 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\desktop.ini
[2009/05/04 01:09:36 | 00,000,000 | --SD | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files
[2009/05/04 01:09:36 | 00,000,000 | --SD | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\History
[2009/05/04 01:09:36 | 00,000,000 | --SD | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft
[2009/05/04 01:09:36 | 00,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Pictures
[2009/05/04 01:09:36 | 00,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Music
[2009/05/04 01:09:36 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data
[2009/05/04 01:09:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Temp
[2009/05/04 01:09:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Symantec
[2009/05/04 01:09:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Real
[2009/05/04 01:09:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Intuit
[2009/05/04 01:09:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Identities
[2009/05/04 01:09:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Digital Interactive Systems Corporation
[2009/05/04 01:09:35 | 00,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Videos
[2009/05/04 01:08:23 | 00,001,828 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\eBay.lnk
[2009/05/04 01:08:23 | 00,001,646 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AOL.lnk
[2009/05/04 01:08:23 | 00,001,532 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Extended Service Plans.lnk
[2009/05/04 01:08:22 | 00,001,977 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\My HP Games.lnk
[2009/05/04 01:08:22 | 00,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Office 2003 Edition 60 Days Trial Welcome Tour.lnk
[2009/05/04 01:08:22 | 00,000,908 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2009/05/04 01:08:17 | 00,001,844 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Easy Internet Sign-up.lnk
[2009/05/04 01:06:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/05/04 01:06:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/05/04 01:04:39 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2009/05/04 01:04:37 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2009/05/04 01:04:33 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2009/05/04 01:04:14 | 00,002,940 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2009/05/04 01:03:46 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/05/04 00:45:51 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2009/05/04 00:45:51 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2009/05/04 00:45:51 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2009/05/04 00:45:51 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2009/05/04 00:45:51 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2009/05/04 00:45:51 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2009/05/04 00:45:51 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2009/05/04 00:45:51 | 00,080,384 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2009/05/04 00:45:51 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2009/05/04 00:45:51 | 00,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2009/05/04 00:45:51 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2009/05/04 00:45:51 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2009/05/04 00:45:51 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2009/05/04 00:40:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads
[2009/05/04 00:38:07 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/05/04 00:30:47 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/04 00:30:47 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/04 00:30:45 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/04 00:30:44 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/05/04 00:30:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/04 00:24:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/05/04 00:24:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
[2009/05/04 00:23:58 | 00,001,716 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 3.5 Beta 4.lnk
[2009/05/04 00:23:56 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 3.5 Beta 4
[2009/05/04 00:18:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
[2009/05/04 00:16:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Netscape
[2009/05/04 00:07:49 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2009/05/04 00:07:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/05/04 00:03:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/05/04 00:03:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/05/04 00:02:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/05/04 00:02:00 | 00,000,248 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/05/04 00:00:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\I386
[2009/05/03 23:58:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Downloads
[2009/05/03 23:52:39 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009/05/03 23:52:28 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2009/05/03 23:52:25 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2009/05/03 23:52:12 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2009/05/03 23:51:07 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/05/03 23:51:03 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/05/03 23:49:52 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/05/03 23:49:51 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/05/03 23:45:21 | 00,000,681 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2009/05/03 23:45:21 | 00,000,000 | ---D | C] -- C:\Program Files\Autorun Eater
[2009/05/03 23:45:00 | 01,302,891 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\aesetup2[1].3.zip
[2009/05/03 23:43:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/05/03 22:16:54 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2009/05/03 22:11:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2009/05/03 21:56:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/05/03 21:33:29 | 58,729,136 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\my real registry.reg
[2009/05/03 21:17:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Macromedia
[2009/05/03 21:14:44 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/05/03 21:12:43 | 00,000,211 | RHS- | C] () -- C:\BOOT.BAK
[2009/05/03 21:12:39 | 00,260,272 | RHS- | C] () -- C:\cmldr
[2009/05/03 21:12:36 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/05/03 21:12:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2009/05/03 21:12:26 | 00,001,879 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2009/05/03 21:12:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2009/05/03 21:11:24 | 00,001,860 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_EL466AA-ABA a1330n_YC_0Pavi_QCN7547_E61NAemMPC1_48_IAmberine M_SASUSTek Computer INC._V1.03_B3.13_T051115_WXP2_L409_M959_J250_7AMD_8Athlon 64_92.39_#060213_N10EC8139_Z14F12F20_G10025954.MRK
[2009/05/03 21:10:52 | 00,000,480 | ---- | C] () -- C:\WINDOWS\tasks\Easy Internet Sign-up.job
[2005/11/12 12:56:06 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/12 12:35:51 | 00,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2005/11/12 12:30:47 | 00,014,317 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/11/12 12:30:37 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/11/12 12:28:15 | 00,000,054 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/11/12 12:24:58 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/12 12:20:28 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/11/12 12:20:28 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/11/12 12:20:28 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/11/12 12:20:28 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/11/12 12:20:28 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/11/12 12:20:28 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/11/12 12:14:27 | 00,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/11/12 12:13:30 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2005/11/12 12:01:14 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/11/12 11:45:27 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/11/12 11:38:59 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/11/12 11:38:59 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/11/12 11:38:40 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/10/05 16:50:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/31 08:02:00 | 00,000,593 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/31 00:52:36 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/06 01:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/03 03:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/08/10 08:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/10 08:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/07/26 18:51:38 | 00,000,537 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/08 02:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 02:30:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
 
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
 
[1 C:\WINDOWS\System32\*.tmp files]
[2009/05/04 01:58:43 | 00,002,940 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2009/05/04 01:40:38 | 00,001,720 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/05/04 01:40:34 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/05/04 01:34:29 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\desktop.ini
[2009/05/04 01:34:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/04 01:33:28 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/04 01:26:11 | 00,093,297 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\netcrafttoolbar-1.1.1.7-fx.xpi
[2009/05/04 01:25:01 | 00,093,297 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\netcrafttoolbar-1.1.1.7-fx.xpi
[2009/05/04 01:09:21 | 00,192,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/04 01:08:32 | 00,001,063 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/05/04 01:08:10 | 00,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2009/05/04 01:04:56 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/04 00:43:12 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/04 00:32:03 | 00,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/05/04 00:24:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/05/04 00:23:58 | 00,001,716 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 3.5 Beta 4.lnk
[2009/05/03 23:45:21 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Autorun Eater.lnk
[2009/05/03 23:45:08 | 01,302,891 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\aesetup2[1].3.zip
[2009/05/03 22:41:44 | 00,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/03 22:41:44 | 00,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/03 21:33:35 | 58,729,136 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\my real registry.reg
[2009/05/03 21:30:08 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/03 21:14:13 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/03 21:12:45 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/05/03 21:12:26 | 00,001,879 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2009/05/03 21:11:36 | 00,000,087 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\desktop.ini
[2009/05/03 21:11:26 | 00,001,860 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_EL466AA-ABA a1330n_YC_0Pavi_QCN7547_E61NAemMPC1_48_IAmberine M_SASUSTek Computer INC._V1.03_B3.13_T051115_WXP2_L409_M959_J250_7AMD_8Athlon 64_92.39_#060213_N10EC8139_Z14F12F20_G10025954.MRK
[2009/05/03 21:10:53 | 00,000,480 | ---- | M] () -- C:\WINDOWS\tasks\Easy Internet Sign-up.job
[2009/05/03 21:10:52 | 00,001,844 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Easy Internet Sign-up.lnk
[2009/04/30 01:36:37 | 00,075,776 | ---- | M] () -- C:\WINDOWS\System32\WS2Fix.exe
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
< End of report >