[code] OTS logfile created on: 3/3/2010 1:06:17 AM - Run 1 OTS by OldTimer - Version 3.1.23.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 106.40 Gb Total Space | 23.27 Gb Free Space | 21.87% Space Free | Partition Type: NTFS Drive D: | 5.40 Gb Total Space | 0.70 Gb Free Space | 13.02% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LINDA Current User Name: Compaq_Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 90 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\OTS.exe -> [2010/03/03 01:01:17 | 000,634,368 | ---- | M] (OldTimer Tools) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010/02/19 20:06:29 | 000,908,248 | ---- | M] (Mozilla Corporation) airvideoserver.exe -> C:\Program Files\AirVideoServer\AirVideoServer.exe -> [2010/01/27 13:05:28 | 004,637,448 | ---- | M] () avgtray.exe -> C:\Program Files\AVG\AVG8\avgtray.exe -> [2009/12/26 08:48:27 | 002,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) tuneuputilitiesapp32.exe -> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe -> [2009/11/17 10:17:38 | 000,486,216 | ---- | M] (TuneUp Software) tuneuputilitiesservice32.exe -> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -> [2009/11/17 10:15:36 | 001,021,256 | ---- | M] (TuneUp Software) itouch-server-win.exe -> C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe -> [2009/10/23 14:59:56 | 000,228,352 | ---- | M] (Logitech, Inc.) avgrsx.exe -> C:\Program Files\AVG\AVG8\avgrsx.exe -> [2009/08/25 01:34:04 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) avgnsx.exe -> C:\Program Files\AVG\AVG8\avgnsx.exe -> [2009/08/25 01:33:50 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files\AVG\AVG8\avgwdsvc.exe -> [2009/08/25 01:33:28 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) off-helper.exe -> C:\Program Files\Hobbyist Software\Off-Helper\Off-Helper.exe -> [2009/07/04 23:48:56 | 000,223,744 | ---- | M] () flipshareservice.exe -> C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -> [2009/06/04 16:41:22 | 000,451,904 | ---- | M] () setpoint.exe -> C:\Program Files\Logitech\SetPoint\SetPoint.exe -> [2008/11/07 16:43:36 | 000,809,488 | ---- | M] (Logitech, Inc.) khalmnpr.exe -> C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe -> [2008/11/07 16:39:36 | 000,076,304 | ---- | M] (Logitech, Inc.) belkinwcui.exe -> C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe -> [2005/10/28 10:23:10 | 001,404,928 | ---- | M] (Belkin) explorer.exe -> C:\WINDOWS\explorer.exe -> [2004/08/04 11:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) unsecapp.exe -> C:\WINDOWS\system32\wbem\unsecapp.exe -> [2004/08/04 11:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) [Modules - Safe List] ots.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\OTS.exe -> [2010/03/03 01:01:17 | 000,634,368 | ---- | M] (OldTimer Tools) msvcr80.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll -> [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) lgscroll.dll -> C:\Program Files\Logitech\SetPoint\lgscroll.dll -> [2008/11/07 16:41:46 | 000,045,584 | ---- | M] (Logitech, Inc.) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll -> [2004/08/04 18:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) serwvdrv.dll -> C:\WINDOWS\system32\serwvdrv.dll -> [2004/08/04 11:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) umdmxfrm.dll -> C:\WINDOWS\system32\umdmxfrm.dll -> [2004/08/04 11:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped] -> C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -> [2009/12/03 03:05:37 | 000,435,016 | ---- | M] (TuneUp Software) (TuneUp.UtilitiesSvc) TuneUp Utilities Service [Auto | Running] -> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -> [2009/11/17 10:15:36 | 001,021,256 | ---- | M] (TuneUp Software) (UxTuneUp) TuneUp Theme Extension [Auto | Running] -> C:\WINDOWS\system32\uxtuneup.dll -> [2009/11/17 10:12:10 | 000,030,024 | ---- | M] (TuneUp Software) (avg8wd) AVG Free8 WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG8\avgwdsvc.exe -> [2009/08/25 01:33:28 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) (FlipShare Service) FlipShare Service [Auto | Running] -> C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -> [2009/06/04 16:41:22 | 000,451,904 | ---- | M] () (LBTServ) Logitech Bluetooth Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -> [2008/11/07 16:40:52 | 000,121,360 | ---- | M] (Logitech, Inc.) (WLSetupSvc) Windows Live Setup Service [On_Demand | Stopped] -> C:\Program Files\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) (usnjsvc) Messenger Sharing Folders USN Journal Reader service [On_Demand | Stopped] -> C:\Program Files\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 11:31:54 | 000,098,328 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -> [2010/02/17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2010/02/17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (SASENUM) SASENUM [Kernel | On_Demand | Stopped] -> C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -> [2010/02/17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) (TuneUpUtilitiesDrv) TuneUpUtilitiesDrv [Kernel | On_Demand | Running] -> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -> [2009/10/14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) (USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbaapl.sys -> [2009/08/28 18:42:52 | 000,040,448 | ---- | M] (Apple, Inc.) (AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgldx86.sys -> [2009/08/25 01:34:03 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> C:\WINDOWS\System32\Drivers\avgmfx86.sys -> [2009/08/25 01:34:03 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) (GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -> [2009/05/18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) (AvgTdiX) AVG Free8 Network Redirector [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgtdix.sys -> [2009/05/04 13:57:38 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) (LMouKE) SetPoint Mouse Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\LMouKE.Sys -> [2008/09/26 09:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) (LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\LMouFilt.Sys -> [2008/09/26 09:53:00 | 000,037,392 | ---- | M] (Logitech, Inc.) (LUsbFilt) Logitech SetPoint KMDF USB Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\LUsbFilt.sys -> [2008/09/26 09:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) (L8042mou) SetPoint PS/2 Mouse Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\L8042mou.Sys -> [2008/09/26 09:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) (LHidFilt) Logitech SetPoint KMDF HID Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\LHidFilt.Sys -> [2008/09/26 09:52:00 | 000,035,472 | ---- | M] (Logitech, Inc.) (L8042Kbd) Logitech SetPoint Keyboard Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\L8042Kbd.sys -> [2008/09/26 09:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) (LBeepKE) LBeepKE [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\LBeepKE.sys -> [2008/09/26 09:52:00 | 000,010,384 | ---- | M] (Logitech, Inc.) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2008/09/19 14:57:32 | 000,043,528 | ---- | M] (Sonic Solutions) (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BLKWGU.sys -> [2005/11/10 11:54:56 | 000,402,944 | R--- | M] (Belkin Corporation) (ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ALCXWDM.SYS -> [2005/04/20 11:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) (SiSkp) SiSkp [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\srvkp.sys -> [2005/04/12 11:42:16 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) (SiS315) SiS315 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sisgrp.sys -> [2005/04/12 11:08:44 | 000,247,296 | ---- | M] (Silicon Integrated Systems Corporation) (smserial) smserial [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\smserial.sys -> [2005/01/25 13:56:00 | 000,923,863 | ---- | M] (Motorola Inc.) (ZDPSp50) ZDPSp50 NDIS Protocol Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ZDPSp50.sys -> [2004/10/25 13:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\RTL8139.sys -> [2004/08/04 04:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2004/08/03 21:00:00 | 000,027,440 | ---- | M] () (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/03 21:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) (AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\agrsm.sys -> [2004/06/29 17:07:18 | 001,268,204 | ---- | M] (Agere Systems) (AmdK8) AMD Athlon64 Processor Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\AmdK8.sys -> [2004/05/08 17:21:44 | 000,035,840 | ---- | M] (Advanced Micro Devices) (fasttx2k) fasttx2k [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\fasttx2k.sys -> [2003/12/03 01:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) (Pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\pfc.sys -> [2003/09/19 09:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) (Iviaspi) IVI ASPI Shell [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\iviaspi.sys -> [2003/09/11 07:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) (SISAGP) SiS AGP Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -> [2003/07/18 16:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) (SISNIC) SiS PCI Fast Ethernet Adapter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sisnic.sys -> [2003/07/11 22:28:56 | 000,032,768 | ---- | M] (SiS Corporation) (Ps2) Ps2 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\PS2.sys -> [2002/07/29 21:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) (icm10blk) Intel(r) PC Camera CS630 Image Storage [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\icm10blk.sys -> [2001/10/05 15:01:56 | 000,014,182 | ---- | M] (Intel Corporation) (ICM10USB) Intel(r) PC Camera CS630 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ICM10USB.sys -> [2001/10/05 15:00:36 | 000,420,870 | ---- | M] (Intel Corporation) (MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\MODEMCSA.sys -> [2001/08/17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q105&bd=presario&pf=desktop -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q105&bd=presario&pf=desktop -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\] > -> -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q105&bd=presario&pf=desktop -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\: Main\\"Default_Search_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\: Main\\"Search Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q105&bd=presario&pf=desktop -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\: SearchURL\\"provider" -> -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\: "ProxyOverride" -> *.local -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\extensions -> -> HKLM\software\mozilla\Firefox\extensions\\{9513ABDE-0E05-4DB9-BF14-F97AF858C2CC} -> C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{9513ABDE-0E05-4DB9-BF14-F97AF858C2CC} [C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\LOCAL SETTINGS\APPLICATION DATA\{9513ABDE-0E05-4DB9-BF14-F97AF858C2CC}] -> [2009/04/17 17:55:48 | 000,000,000 | ---D | M] HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\Program Files\AVG\AVG8\Firefox [C:\PROGRAM FILES\AVG\AVG8\FIREFOX] -> [2009/12/26 08:49:36 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/02/19 20:06:34 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/02/19 20:06:34 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions -> [2009/04/04 00:59:55 | 000,000,000 | ---D | M] -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org -> [2009/04/04 00:59:55 | 000,000,000 | ---D | M] -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\2aoilg9b.Linda\extensions -> [2010/03/03 00:01:58 | 000,000,000 | ---D | M] Forecastfox -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\2aoilg9b.Linda\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} -> [2009/12/03 06:37:29 | 000,000,000 | ---D | M] Flagfox -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\2aoilg9b.Linda\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} -> [2010/01/28 02:59:45 | 000,000,000 | ---D | M] TwitterBar -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\2aoilg9b.Linda\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37} -> [2009/12/24 02:00:42 | 000,000,000 | ---D | M] Adblock Plus -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\2aoilg9b.Linda\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2009/12/24 02:00:42 | 000,000,000 | ---D | M] -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\2aoilg9b.Linda\extensions\Office2007Black@JBBS -> [2009/12/07 00:34:50 | 000,000,000 | ---D | M] -> C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Sunbird\Profiles\mv8h4qm3.default\extensions -> [2009/04/23 22:16:35 | 000,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2010/03/02 00:32:44 | 000,000,000 | ---D | M] < HOSTS File > ([2010/03/02 02:51:53 | 000,379,519 | R--- | M] - 13127 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> First 25 entries... Reset Hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG8\avgssie.dll [AVG Safe Search] -> [2009/12/26 08:48:29 | 001,111,320 | ---- | M] (AVG Technologies CZ, s.r.o.) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\] > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AGRSMMSG" -> C:\WINDOWS\AGRSMMSG.exe [AGRSMMSG.exe] -> [2004/06/29 17:06:38 | 000,088,363 | ---- | M] (Agere Systems) "AVG8_TRAY" -> C:\Program Files\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> [2009/12/26 08:48:27 | 002,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) "hpsysdrv" -> c:\WINDOWS\system\hpsysdrv.exe [c:\windows\system\hpsysdrv.exe] -> [1998/05/07 16:04:38 | 000,052,736 | ---- | M] (Hewlett-Packard Company) "iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2010/01/22 19:16:42 | 000,141,608 | ---- | M] (Apple Inc.) "KBD" -> C:\hp\KBD\kbd.exe [C:\HP\KBD\KBD.EXE] -> [2003/02/11 19:02:48 | 000,061,440 | ---- | M] (Hewlett-Packard Company) "Kernel and Hardware Abstraction Layer" -> C:\WINDOWS\KHALMNPR.Exe [KHALMNPR.EXE] -> [2008/10/10 14:46:26 | 000,069,632 | ---- | M] (Logitech, Inc.) "PS2" -> C:\WINDOWS\system32\ps2.EXE [C:\WINDOWS\system32\ps2.exe] -> [2003/09/12 19:13:20 | 000,098,304 | ---- | M] (Hewlett-Packard Company) "QuickTime Task" -> C:\Program Files\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2009/11/10 23:08:18 | 000,417,792 | ---- | M] (Apple Inc.) "Recguard" -> C:\WINDOWS\SMINST\Recguard.exe [C:\WINDOWS\SMINST\RECGUARD.EXE] -> [2004/04/14 20:43:46 | 000,233,472 | ---- | M] () < Run [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\] > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "" -> C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\vu7iqrvee.exe [C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\vu7iqrvee.exe] -> File not found "AirVideoServer" -> C:\Program Files\AirVideoServer\AirVideoServer.exe [C:\Program Files\AirVideoServer\AirVideoServer.exe] -> [2010/01/27 13:05:28 | 004,637,448 | ---- | M] () "dbf70700.exe" -> C:\Documents and Settings\Compaq_Owner\Application Data\A414921A559463DC758F354182D17517\dbf70700.exe [C:\Documents and Settings\Compaq_Owner\Application Data\A414921A559463DC758F354182D17517\dbf70700.exe] -> File not found "Hobbyist Software On-Off Helper" -> C:\Program Files\Hobbyist Software\Off-Helper\Off-Helper.exe [C:\Program Files\Hobbyist Software\Off-Helper\Off-Helper.exe /server] -> [2009/07/04 23:48:56 | 000,223,744 | ---- | M] () "iTap" -> C:\Program Files\HLW\iTap\iTap.exe [C:\Program Files\HLW\iTap\iTap.exe] -> [2009/08/06 23:37:10 | 005,898,240 | ---- | M] (Honeder Lacher Wallner Softwareentwicklung OEG) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Belkin Wireless USB Utility.lnk -> C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe -> [2005/10/28 10:23:10 | 001,404,928 | ---- | M] (Belkin) C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe -> [2008/11/07 16:43:36 | 000,809,488 | ---- | M] (Logitech, Inc.) < Compaq_Owner Startup Folder > -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE -> [2005/10/20 12:04:08 | 000,038,912 | ---- | M] () C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk -> C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe -> [2009/10/23 14:59:56 | 000,228,352 | ---- | M] (Logitech, Inc.) < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main \Main\\"DisableFirstRunCustomize" -> [1] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009] > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009] > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\] > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000] -> [2008/10/18 18:30:22 | 017,931,616 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}:Exec [HKLM] -> C:\Program Files\AIM\aim.exe [Button: AIM] -> [2006/08/01 14:35:36 | 000,067,112 | ---- | M] (America Online, Inc.) < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found CmdMapping\\"{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}" [HKLM] -> C:\Program Files\AIM\aim.exe [AIM] -> [2006/08/01 14:35:36 | 000,067,112 | ---- | M] (America Online, Inc.) CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found CmdMapping\\"{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}" [HKLM] -> C:\Program Files\AIM\aim.exe [AIM] -> [2006/08/01 14:35:36 | 000,067,112 | ---- | M] (America Online, Inc.) CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\] > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found CmdMapping\\"{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}" [HKLM] -> C:\Program Files\AIM\aim.exe [AIM] -> [2006/08/01 14:35:36 | 000,067,112 | ---- | M] (America Online, Inc.) CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6767 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6766 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6766 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\] > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6766 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\] > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225891412921 [WUWebControl Class] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab [Java Plug-in 1.6.0_10] -> {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Java Plug-in 1.4.2_03] -> {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab [Java Plug-in 1.6.0_10] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab [Java Plug-in 1.6.0_10] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 24.93.41.127 24.93.41.128 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {B05DCE09-5E16-4D8A-B492-0D2B4289B27E}\\DhcpNameServer -> 24.93.41.127 24.93.41.128 (Belkin Wireless G USB Network Adapter) -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> C:\WINDOWS\system32\zudorava.dll -> C:\WINDOWS\System32\zudorava.dll -> File not found C:\WINDOWS\system32\wepavira.dll -> C:\WINDOWS\System32\wepavira.dll -> File not found deyiluzu.dll -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2004/08/04 11:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> C:\Program Files\SUPERAntiSpyware\SASWINLO.dll -> [2009/09/03 14:21:42 | 000,548,352 | ---- | M] (SUPERAntiSpyware.com) avgrsstarter -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/08/25 01:34:04 | 000,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) LBTWlgn -> c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll -> [2008/11/07 16:41:22 | 000,072,208 | ---- | M] (Logitech, Inc.) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [] -> [2008/05/13 09:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%ProgramFiles%\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [%ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes] -> [2010/01/22 19:16:38 | 010,358,056 | ---- | M] (Apple Inc.) "C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 000,304,488 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe:*:Enabled:reader_sl] -> [2004/12/14 03:44:06 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) "C:\Program Files\AIM\aim.exe" -> C:\Program Files\AIM\aim.exe [C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger] -> [2006/08/01 14:35:36 | 000,067,112 | ---- | M] (America Online, Inc.) "C:\Program Files\AirVideoServer\AirVideoServer.exe" -> C:\Program Files\AirVideoServer\AirVideoServer.exe [C:\Program Files\AirVideoServer\AirVideoServer.exe:*:Enabled:Air Video Server] -> [2010/01/27 13:05:28 | 004,637,448 | ---- | M] () "C:\Program Files\AVG\AVG8\avgnsx.exe" -> C:\Program Files\AVG\AVG8\avgnsx.exe [C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe] -> [2009/08/25 01:33:50 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG8\avgupd.exe" -> C:\Program Files\AVG\AVG8\avgupd.exe [C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> [2009/12/26 08:48:07 | 001,143,064 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) "C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe" -> C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe [C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe:*:Enabled:BackWeb for Presario] -> [2005/02/26 15:03:16 | 000,045,056 | ---- | M] (Hewlett-Packard) "C:\Program Files\DNA\btdna.exe" -> C:\Program Files\DNA\btdna.exe [C:\Program Files\DNA\btdna.exe:*:Enabled:DNA] -> [2009/11/17 21:45:34 | 000,323,392 | ---- | M] (BitTorrent, Inc.) "C:\Program Files\Hobbyist Software\Off-Helper\Off-Helper.exe" -> C:\Program Files\Hobbyist Software\Off-Helper\Off-Helper.exe [C:\Program Files\Hobbyist Software\Off-Helper\Off-Helper.exe:*:Enabled:Off-Helper] -> [2009/07/04 23:48:56 | 000,223,744 | ---- | M] () "C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2010/01/22 19:16:38 | 010,358,056 | ---- | M] (Apple Inc.) "C:\Program Files\Java\jre6\bin\java.exe" -> C:\Program Files\Java\jre6\bin\java.exe [C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary] -> [2008/11/05 04:58:57 | 000,144,792 | ---- | M] (Sun Microsystems, Inc.) "C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2009/07/31 12:22:14 | 000,139,776 | ---- | M] (Lime Wire, LLC) "C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe" -> C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe [C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe:*:Enabled:Logitech] -> [2009/10/23 14:59:56 | 000,228,352 | ---- | M] (Logitech, Inc.) "C:\Program Files\Mozilla Firefox\firefox.exe" -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox] -> [2010/02/19 20:06:29 | 000,908,248 | ---- | M] (Mozilla Corporation) "C:\Program Files\Mozilla Sunbird\sunbird.exe" -> C:\Program Files\Mozilla Sunbird\sunbird.exe [C:\Program Files\Mozilla Sunbird\sunbird.exe:*:Enabled:Sunbird] -> [2009/04/23 22:10:32 | 006,354,540 | ---- | M] (Mozilla) "C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2009/03/27 08:55:06 | 024,103,720 | R--- | M] (Skype Technologies S.A.) "C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 000,304,488 | ---- | M] (Microsoft Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2005/01/27 04:53:38 | 000,000,000 | ---- | M] () D:\AUTOEXEC.BAT [] -> D:\AUTOEXEC.BAT [ FAT32 ] -> [2001/07/27 14:07:38 | 000,000,000 | -HS- | M] () D:\Autorun.inf [[autorun] | OPEN=setupSNK.exe | ICON=\SMRTNTKY\fcw.ico | ACTION=Wireless Network Setup Wizard | ] -> D:\Autorun.inf [ FAT32 ] -> [2008/08/29 00:57:38 | 000,000,090 | ---- | M] () D:\AUTORUN.FCB [[AUTORUN] | ShellExecute=Info.exe protect.ed 480 480 | ] -> D:\AUTORUN.FCB [ FAT32 ] -> [2004/04/30 06:01:14 | 000,000,053 | -HS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \D HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\Shell\AutoRun\command \D\Shell\AutoRun\command\\"" -> D:\setupSNK.exe [D:\setupSNK.exe] -> [2004/08/04 00:56:58 | 000,028,672 | ---- | M] (Microsoft Corporation) \{5f0b7f43-7371-11de-98bc-00173fb20db3} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f0b7f43-7371-11de-98bc-00173fb20db3}\Shell\AutoRun\command \{5f0b7f43-7371-11de-98bc-00173fb20db3}\Shell\AutoRun\command\\"" -> K:\MI.exe [K:\MI.exe] -> File not found \{68d0c5ea-ab2c-11dd-985c-806d6172696f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68d0c5ea-ab2c-11dd-985c-806d6172696f}\Shell\AutoRun\command \{68d0c5ea-ab2c-11dd-985c-806d6172696f}\Shell\AutoRun\command\\"" -> D:\setupSNK.exe [D:\setupSNK.exe] -> [2004/08/04 00:56:58 | 000,028,672 | ---- | M] (Microsoft Corporation) \{6f345e08-8694-11d9-a32a-806d6172696f} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f345e08-8694-11d9-a32a-806d6172696f}\Shell \{6f345e08-8694-11d9-a32a-806d6172696f}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f345e08-8694-11d9-a32a-806d6172696f}\Shell\AutoRun \{6f345e08-8694-11d9-a32a-806d6172696f}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found \{a0d7147f-b475-11dd-9869-00173fb20db3} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0d7147f-b475-11dd-9869-00173fb20db3}\Shell \{a0d7147f-b475-11dd-9869-00173fb20db3}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0d7147f-b475-11dd-9869-00173fb20db3}\Shell\AutoRun \{a0d7147f-b475-11dd-9869-00173fb20db3}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0d7147f-b475-11dd-9869-00173fb20db3}\Shell\AutoRun\command \{a0d7147f-b475-11dd-9869-00173fb20db3}\Shell\AutoRun\command\\"" -> J:\LaunchU3.exe [J:\LaunchU3.exe -a] -> File not found \{fc1c092e-7c35-11de-98bd-00173fb20db3} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc1c092e-7c35-11de-98bd-00173fb20db3}\Shell\AutoRun\command \{fc1c092e-7c35-11de-98bd-00173fb20db3}\Shell\AutoRun\command\\"" -> J:\Setup_FlipShare.exe [J:\Setup_FlipShare.exe] -> File not found \{fc1c092e-7c35-11de-98bd-00173fb20db3} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc1c092e-7c35-11de-98bd-00173fb20db3}\Shell\Setup FlipShare\command \{fc1c092e-7c35-11de-98bd-00173fb20db3}\Shell\Setup FlipShare\command\\"" -> J:\Setup_FlipShare.exe [J:\Setup_FlipShare.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Registry - Additional Scans - Safe List] < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2004/08/04 18:00:00 | 000,199,680 | ---- | M] (Intel Corporation) "msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2008/04/13 17:09:57 | 000,290,816 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.siren" -> C:\WINDOWS\System32\sirenacm.dll [sirenacm.dll] -> [2007/10/18 11:31:46 | 000,051,224 | ---- | M] (Microsoft Corporation) "msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008/04/13 17:10:50 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.) "msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2004/08/04 11:00:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.) "MSVideo8" -> C:\WINDOWS\System32\vfwwdm32.dll [VfWWDM32.dll] -> [2004/08/03 23:56:48 | 000,053,760 | ---- | M] (Microsoft Corporation) "vidc.3IV2" -> C:\WINDOWS\System32\3ivxVfWCodec.dll [3ivxVfWCodec.dll] -> [2008/02/18 23:33:26 | 000,335,760 | ---- | M] (3ivx Technologies Pty. Ltd.) "vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2004/08/04 11:00:00 | 000,080,384 | ---- | M] (Radius Inc.) "vidc.DIVX" -> C:\WINDOWS\System32\DivX.dll [DivX.dll] -> [2008/10/28 15:35:56 | 000,684,032 | ---- | M] (DivX, Inc.) "vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 11:00:00 | 000,199,168 | ---- | M] () "vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 11:00:00 | 000,199,168 | ---- | M] () "vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2004/08/04 18:00:00 | 000,848,384 | ---- | M] (Intel Corporation) "vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2004/08/04 11:00:00 | 000,755,200 | ---- | M] (Intel Corporation) "wave1" -> C:\WINDOWS\System32\serwvdrv.dll [serwvdrv.dll] -> [2004/08/04 11:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2007/04/19 14:10:30 | 000,116,576 | ---- | M] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {07B06095-5687-4D13-9E32-12B4259C9813} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\STSUPLD.DLL [STSUpld UploadCtl Class] -> [2007/04/19 14:10:28 | 000,185,696 | ---- | M] (Microsoft Corporation) {21C4E4B2-40F7-4E77-BF19-8BED7187BB55} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSSUPP.DLL [SharePoint Spreadsheet Launcher] -> [2007/04/19 14:10:18 | 000,099,680 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {4F07F79F-087F-42cf-8B36-7A88D06088E9} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgsc.8.5.1302.1018.dll [Reg Error: Value error.] -> [2007/10/18 11:32:08 | 000,241,176 | ---- | M] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2008/11/05 04:58:59 | 000,110,592 | ---- | M] (Sun Microsystems, Inc.) {62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Export Database Launcher] -> [2007/08/28 23:49:52 | 000,143,760 | ---- | M] (Microsoft Corporation) {65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\STSLIST.DLL [Microsoft Office List 11.0] -> [2007/05/10 13:42:52 | 002,839,904 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2008/11/05 04:58:59 | 000,320,920 | ---- | M] (Sun Microsystems, Inc.) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_10.dll [Java Plug-in 1.6.0_10] -> [2008/11/05 04:58:58 | 000,132,504 | ---- | M] (Sun Microsystems, Inc.) {9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint OpenDocuments Class] -> [2007/08/28 23:49:52 | 000,143,760 | ---- | M] (Microsoft Corporation) {9E385F0A-0BA2-430C-96AA-4399C5E40F6C} [HKLM] -> C:\Program Files\Skype\Phone\Skype.exe [] -> [2009/03/27 08:55:06 | 024,103,720 | R--- | M] (Skype Technologies S.A.) {9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSSUPP.DLL [SharePoint OpenDocuments Class] -> [2007/04/19 14:10:18 | 000,099,680 | ---- | M] (Microsoft Corporation) {a3c6dafc-e193-42fc-adca-5316b5d6d653} [HKLM] -> C:\Program Files\DNA\plugins\npbtdna.dll [BitTorrentDNA Class] -> [2009/11/17 21:45:43 | 000,054,592 | ---- | M] (BitTorrent, Inc.) {BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSClientEventSubscription Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSClientMiscApis Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADE40-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSClientCommentThread Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADE42-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSClientComment Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSBrowserUI Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWS Post Data] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [SharePoint Spreadsheet Launcher] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [Web Discussions] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [Web Discussions] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [Web Discussions] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSDiscussionServers Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSClientCollaboration Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OSE.Discussion] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OSE.Discussions] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OSE.DiscussionServer] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OSE.DiscussionServers] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OSE Global Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSDiscussionBar Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation) {BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSSUPP.DLL [SharePoint Stssync Handler] -> [2007/04/19 14:10:18 | 000,099,680 | ---- | M] (Microsoft Corporation) {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Stssync Handler] -> [2007/08/28 23:49:52 | 000,143,760 | ---- | M] (Microsoft Corporation) {C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2006/10/26 20:12:26 | 000,053,576 | ---- | M] (Microsoft Corporation) {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_10.dll [Java Plug-in 1.6.0_10] -> [2008/11/05 04:58:58 | 000,132,504 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_10.dll [Java Plug-in 1.6.0_10] -> [2008/11/05 04:58:58 | 000,132,504 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_10.dll [Java Plug-in 1.6.0_10] -> [2008/11/05 04:58:58 | 000,132,504 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deploytk.dll [Deployment Toolkit] -> [2008/11/05 04:58:57 | 000,410,976 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL [STSUpld CopyCtl Class] -> [2006/10/26 19:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/01/22 19:16:30 | 000,111,912 | ---- | M] (Apple Inc.) {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgsc.8.5.1302.1018.dll [Reg Error: Value error.] -> [2007/10/18 11:32:08 | 000,241,176 | ---- | M] (Microsoft Corporation) {E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\oisctrl.dll [OISClientLauncher Class] -> [2007/03/22 19:06:08 | 000,046,432 | ---- | M] (Microsoft Corporation) {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Portal\PortalConnectCore.dll [PersonalSite Class] -> [2007/09/06 17:50:34 | 000,485,232 | ---- | M] () {F06608C7-1874-4EEA-B3B2-DF99EBB144B8} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgsc.8.5.1302.1018.dll [Reg Error: Value error.] -> [2007/10/18 11:32:08 | 000,241,176 | ---- | M] (Microsoft Corporation) < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {BDD307C3-7BC0-4542-9F8F-A9611FE6C1BF} [HKLM] -> C:\WINDOWS\system32\proctexe.ocx [Additive Surface] -> [2004/08/03 21:00:00 | 000,081,920 | ---- | M] (Intel Corporation) < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> {00000000-6C30-11D8-9363-000AE6309654} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> [2003/11/03 22:17:44 | 000,054,248 | ---- | M] (Adobe Systems Incorporated) {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Triedit\DHTMLED.OCX [DHTML Edit Control Safe for Scripting for IE5] -> [2004/08/03 21:00:00 | 000,128,000 | ---- | M] (Microsoft Corporation) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG8\avgssie.dll [AVG Safe Search] -> [2009/12/26 08:48:29 | 001,111,320 | ---- | M] (AVG Technologies CZ, s.r.o.) {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2008/11/05 04:58:59 | 000,320,920 | ---- | M] (Sun Microsystems, Inc.) {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9CAAE8D0-646F-43AC-B5EE-A660CE30A9E2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AC9E2541-2814-11D5-BC6D-00B0D0A1DE45} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BF0118D4-63FF-4138-9327-F3028FB1A578} [HKLM] -> C:\WINDOWS\Web\Wallpaper\welcome\AWhelper.dll [Helper Class] -> [2003/08/12 21:25:22 | 000,028,672 | ---- | M] () {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash.ocx [Shockwave Flash Object] -> [2003/12/08 22:01:58 | 000,933,888 | ---- | M] (Macromedia, Inc.) {DBC80044-A445-435B-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2008/11/05 04:58:58 | 000,034,816 | ---- | M] (Sun Microsystems, Inc.) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2008/11/05 04:58:59 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) {F31D1897-7EFD-4647-8687-E05894E382AB} [HKLM] -> C:\WINDOWS\system32\runclose.ocx [Runclose Control] -> [2003/04/07 20:22:14 | 000,045,056 | ---- | M] (Hewlett-Packard Company) {FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Classes\\ -> .html [@ = FirefoxHTML] -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010/02/19 20:06:29 | 000,908,248 | ---- | M] (Mozilla Corporation) < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> Ias -> C:\WINDOWS\system32\ias -> [2008/11/05 03:13:03 | 000,000,000 | ---D | M] Iprip -> -> File not found Irmon -> -> File not found NWCWorkstation -> -> File not found Nwsapagent -> -> File not found UxTuneUp -> C:\WINDOWS\system32\uxtuneup.dll -> [2009/11/17 10:12:10 | 000,030,024 | ---- | M] (TuneUp Software) Wmi -> C:\WINDOWS\system32\wmi.dll -> [2004/08/04 11:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) WmdmPmSp -> -> File not found SSHNAS -> -> File not found *MultiFile Done* -> -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKLM] -> C:\Program Files\AVG\AVG8\avgpp.dll[XPLPPFilter Class] -> [2009/08/25 01:33:47 | 000,087,320 | ---- | M] (AVG Technologies CZ, s.r.o.) livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll[Reg Error: Value error.] -> [2007/10/18 11:31:54 | 000,066,072 | ---- | M] (Microsoft Corporation) ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 13:45:02 | 000,873,216 | ---- | M] (Microsoft Corporation) msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll[Reg Error: Value error.] -> [2007/10/18 11:31:54 | 000,066,072 | ---- | M] (Microsoft Corporation) skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\Program Files\Common Files\Skype\Skype4COM.dll[IEProtocolHandler Class] -> [2009/03/27 08:55:10 | 001,942,824 | R--- | M] (Skype Technologies) wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> C:\Program Files\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2007/10/23 11:14:52 | 000,858,136 | ---- | M] (Microsoft Corporation) < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group PCI Configuration -> Driver Group PNP Filter -> Driver Group Primary disk -> Driver Group SCSI Class -> Driver Group sermouse.sys -> Driver System Bus Extender -> Driver Group vga.sys -> Driver WdfLoadGroup -> < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group NDIS Wrapper -> Driver Group NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Primary disk -> Driver Group SCSI Class -> Driver Group sermouse.sys -> Driver Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group vga.sys -> Driver WdfLoadGroup -> < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"FirstRunDisabled" -> [1] -> File not found \\"AntiVirusDisableNotify" -> [0] -> File not found \\"FirewallDisableNotify" -> [0] -> File not found \\"AntiVirusOverride" -> [0] -> File not found \\"FirewallOverride" -> [0] -> File not found \\"UpdatesDisableNotify" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"EnableFirewall" -> [1] -> File not found \\"DoNotAllowExceptions" -> [0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2008/12/12 10:11:44 | 000,147,456 | ---- | M] (Apple Inc.) < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {07287123-B8AC-41CE-8346-3D777245C35B} -> Bonjour {0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA} -> PC-Doctor for Windows {0C826C5B-B131-423A-A229-C71B3CACCD6A} -> CDDRV_Installer {0D3F9802-689F-9B6D-8E44-B55971F0CCBB} -> FlipShare {0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B} -> Microsoft Plus! Photo Story 2 LE {1451DE6B-ABE1-4F62-BE9A-B363A17588A2} -> QuickTime {184E7118-0295-43C4-B72C-1D54AA75AAF7} -> Windows Live Mail {24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} -> Skype™ 4.0 {26A24AE4-039D-4CA4-87B4-2F83216010FF} -> Java(TM) 6 Update 10 {2FCE4FC5-6930-40E7-A4F1-F862207424EF} -> InterVideo WinDVD Creator {3101CB58-3482-4D21-AF1A-7057FC935355} -> KhalInstallWrapper {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP {3AC54383-31D1-4907-961B-B12CBB1D0AE8} -> MobileMe Control Panel {3FA365DF-2D68-45ED-8F83-8C8A33E65143} -> Apple Application Support {416D80BA-6F6D-4672-B7CF-F54DA2F80B44} -> Microsoft Works {508CE775-4BA4-4748-82DF-FE28DA9F03B0} -> Windows Live Messenger {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Sonic Express Labeler {6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update {6E45BA47-383C-4C1E-8ED0-0D4845C293D7} -> Microsoft Plus! Digital Media Edition Installer {7148F0A8-6813-11D6-A77B-00B0D0142030} -> Java 2 Runtime Environment, SE v1.4.2_03 {716E0306-8318-4364-8B8F-0CC4E9376BAC} -> MSXML 4.0 SP2 Parser and SDK {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {767CC44C-9BBC-438D-BAD3-FD4595DD148B} -> VC80CRTRedist - 8.0.50727.762 {7B63B2922B174135AFC0E1377DD81EC2} -> DivX Codec {8ADFC4160D694100B5B8A22DE9DCABD9} -> DivX Player {90120000-0010-0409-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (English) 12 {90120000-0015-0409-0000-0000000FF1CE} -> Microsoft Office Access MUI (English) 2007 {90120000-0015-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007 {90120000-0016-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007 {90120000-0018-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-0019-0409-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (English) 2007 {90120000-0019-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007 {90120000-001A-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007 {90120000-001B-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-0409-0000-0000000FF1CE}_PROR_{3EC77D26-799B-4CD8-914F-C1565E796173} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007 {90120000-001F-040C-0000-0000000FF1CE}_PROR_{430971B1-C31E-45DA-81E0-72C095BAB72C} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007 {90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007 {90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007 {90120000-006E-0409-0000-0000000FF1CE}_PROR_{FAD8A83E-9BAC-4179-9268-A35948034D85} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007 {90120000-0115-0409-0000-0000000FF1CE}_PROR_{FAD8A83E-9BAC-4179-9268-A35948034D85} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {90120000-0117-0409-0000-0000000FF1CE} -> Microsoft Office Access Setup Metadata MUI (English) 2007 {90120000-0117-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {91120000-0014-0000-0000-0000000FF1CE} -> Microsoft Office Professional 2007 {91120000-0014-0000-0000-0000000FF1CE}_PROR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419} -> 2007 Microsoft Office Suite Service Pack 1 (SP1) {91120409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Standard Edition 2003 {91810AFC-A4F8-4EBA-A5AA-B198BBC81144} -> InterVideo WinDVD Player {9422C8EA-B0C6-4197-B8FC-DC797658CA00} -> Windows Live Sign-in Assistant {9541FED0-327F-4DF0-8B96-EF57EF622F19} -> Sonic RecordNow! {9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 {A49F249F-0C91-497F-86DF-B2585E8E76B7} -> Microsoft Visual C++ 2005 Redistributable {A6359CCF-215D-43D9-8366-479D231F2A72} -> Belkin Wireless USB Utility {A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320} -> Windows Live installer {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} -> Apple Mobile Device Support {AC76BA86-0000-0000-0000-6028747ADE01} -> Adobe Acrobat - Reader 6.0.2 Update {AC76BA86-7AD7-1033-7B44-A00000000001} -> Adobe Reader 6.0.1 {B13A7C41581B411290FBC0395694E2A9} -> DivX Converter {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy {B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player {C3F058C0-A21C-452D-8D99-95B1A45F417D} -> InterVideo DiscLabel {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware Free Edition {D0122362-6333-4DE4-93F6-A5A2F3CC101A} -> Compaq Organize {D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> TuneUp Utilities {DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38} -> HpSdpAppCoreApp {E56D39F8-2A9F-44B4-B068-A72E45A073E6} -> Safari {F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E} -> Logitech SetPoint {F439D7AF-03F3-4F8E-AEC4-571BFE977C61} -> iTunes {F5738877-7778-4FC3-B1CB-097D8A7B41CB} -> iTap 3.0 {FE3997D3-6B56-4AC4-A99C-9DDFC45359BF} -> TuneUp Utilities Language Pack (en-US) 26DC0ED6-93A7-43C1-8DC5-EC16079580F9 -> Orbital from Compaq (remove only) 29FF6D07-4A15-41F1-9D5E-E0F3A58012C6 -> Bounce Symphony from Compaq (remove only) 3ivx MPEG-4 5.0.3 -> 3ivx MPEG-4 5.0.3 (remove only) 66195170-D19D-46C5-8FB7-8A4630071ADC -> Tradewinds from Compaq (remove only) A2E85A38-C2D9-4EDF-AFDA-F76BCBFEBBC4 -> Road Ready Streetwise from Compaq (remove only) Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Agere Systems Soft Modem -> Agere Systems PCI Soft Modem Air Video Server -> Air Video Server 2.2.4 AVG8Uninstall -> AVG 8.5 BackWeb-6750491 Uninstaller -> Compaq Connections ERUNT_is1 -> ERUNT 1.1j Help and Support Additions -> Help and Support Additions InstallShield_{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA} -> PC-Doctor for Windows InstallShield_{A6359CCF-215D-43D9-8366-479D231F2A72} -> Belkin Wireless USB Utility KLiteCodecPack_is1 -> K-Lite Codec Pack 5.1.0 (Standard) LimeWire -> LimeWire 5.2.13 Logitech Touch Mouse Server -> Logitech Touch Mouse Server 1.0 Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1 Mozilla Firefox (3.5.8) -> Mozilla Firefox (3.5.8) MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP Off-Helper_is1 -> Off-Helper 1.03 PROR -> Microsoft Office Professional 2007 Trial PS2 -> PS2 Python 2.2.3 -> Python 2.2.3 pywin32-py2.2 -> Python 2.2 pywin32 extensions (build 203) RealPlayer 6.0 -> RealPlayer SiS VGA Driver -> SiS VGA Utilities SMSERIAL -> Motorola SM56 Speakerphone Modem TuneUp Utilities -> TuneUp Utilities Wdf01005 -> Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Windows Media Format Runtime -> Windows Media Format 11 runtime Windows Media Player -> Windows Media Player 11 WinRAR archiver -> WinRAR archiver WMFDist11 -> Windows Media Format 11 runtime wmp11 -> Windows Media Player 11 Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0 < Uninstall List [HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\] > -> HKEY_USERS\S-1-5-21-2371053212-3976394816-1779090822-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> Antimalware Doctor -> Antimalware Doctor BitTorrent DNA -> DNA < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 2/5/2010 6:09:12 AM Computer Name = LINDA | Source = Application Hang | ID = 1002 -> Description = Hanging application firefox.exe, version 1.9.1.3642, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 2/9/2010 5:58:38 AM Computer Name = LINDA | Source = Application Hang | ID = 1002 -> Description = Hanging application firefox.exe, version 1.9.1.3642, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 2/12/2010 5:02:14 AM Computer Name = LINDA | Source = Application Hang | ID = 1002 -> Description = Hanging application firefox.exe, version 1.9.1.3642, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 2/12/2010 5:41:54 AM Computer Name = LINDA | Source = Application Hang | ID = 1002 -> Description = Hanging application firefox.exe, version 1.9.1.3642, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 2/16/2010 6:28:43 AM Computer Name = LINDA | Source = Application Hang | ID = 1002 -> Description = Hanging application firefox.exe, version 1.9.1.3642, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 2/16/2010 6:28:45 AM Computer Name = LINDA | Source = Application Hang | ID = 1002 -> Description = Hanging application firefox.exe, version 1.9.1.3642, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 2/18/2010 3:21:47 AM Computer Name = LINDA | Source = Application Hang | ID = 1002 -> Description = Hanging application DivX Player.exe, version 6.8.2.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 3/1/2010 3:17:22 AM Computer Name = LINDA | Source = pctsSvc.exe | ID = 0 -> Description = Application [ Error ] 3/1/2010 5:30:07 AM Computer Name = LINDA | Source = Application Error | ID = 1000 -> Description = Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000. Application [ Error ] 3/1/2010 6:16:27 AM Computer Name = LINDA | Source = Application Error | ID = 1004 -> Description = Faulting application svchost.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000. System [ Error ] 3/2/2010 5:06:58 PM Computer Name = LINDA | Source = Service Control Manager | ID = 7023 -> Description = The Network Security service terminated with the following error: %%126 System [ Error ] 3/2/2010 5:06:59 PM Computer Name = LINDA | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: SABKUTIL System [ Error ] 3/2/2010 5:07:15 PM Computer Name = LINDA | Source = Ftdisk | ID = 262189 -> Description = The system could not sucessfully load the crash dump driver. System [ Error ] 3/2/2010 5:07:15 PM Computer Name = LINDA | Source = Ftdisk | ID = 262193 -> Description = Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. System [ Error ] 3/2/2010 5:08:57 PM Computer Name = LINDA | Source = Service Control Manager | ID = 7034 -> Description = The TuneUp Utilities Service service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 3/2/2010 6:08:31 PM Computer Name = LINDA | Source = DCOM | ID = 10010 -> Description = The server {000C1237-0000-0000-C000-000000000046} did not register with DCOM within the required timeout. System [ Error ] 3/2/2010 6:09:06 PM Computer Name = LINDA | Source = DCOM | ID = 10010 -> Description = The server {000C1237-0000-0000-C000-000000000046} did not register with DCOM within the required timeout. System [ Error ] 3/2/2010 7:50:37 PM Computer Name = LINDA | Source = Ftdisk | ID = 262189 -> Description = The system could not sucessfully load the crash dump driver. System [ Error ] 3/2/2010 11:20:07 PM Computer Name = LINDA | Source = Dhcp | ID = 1001 -> Description = Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00173FB20DB3. The following error occurred: %%1223. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. System [ Error ] 3/3/2010 3:06:27 AM Computer Name = LINDA | Source = Dhcp | ID = 1001 -> Description = Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00173FB20DB3. The following error occurred: %%1223. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. [Files/Folders - Created Within 90 Days] OTS.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\OTS.exe -> [2010/03/03 01:01:17 | 000,634,368 | ---- | C] (OldTimer Tools) ERDNT -> C:\WINDOWS\ERDNT -> [2010/03/03 00:57:55 | 000,000,000 | ---D | C] ERUNT -> C:\Program Files\ERUNT -> [2010/03/03 00:57:39 | 000,000,000 | ---D | C] spybotsd162.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\spybotsd162.exe -> [2010/03/02 02:16:54 | 016,409,960 | ---- | C] (Safer Networking Limited ) Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2010/03/02 01:47:12 | 000,000,000 | --SD | M] mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/03/01 01:15:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/03/01 01:15:34 | 000,019,160 | ---- | C] (Malwarebytes Corporation) mbam-setup.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup.exe -> [2010/03/01 00:41:37 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/02/28 20:24:48 | 000,000,000 | ---D | C] AdobeUM -> C:\Documents and Settings\NetworkService\Application Data\AdobeUM -> [2010/02/28 19:33:45 | 000,000,000 | ---D | M] Adobe -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe -> [2010/02/28 19:33:44 | 000,000,000 | ---D | M] Adobe -> C:\Documents and Settings\NetworkService\Application Data\Adobe -> [2010/02/28 19:33:16 | 000,000,000 | ---D | M] Sun -> C:\Documents and Settings\NetworkService\Application Data\Sun -> [2010/02/28 19:33:03 | 000,000,000 | ---D | M] A414921A559463DC758F354182D17517 -> C:\Documents and Settings\Compaq_Owner\Application Data\A414921A559463DC758F354182D17517 -> [2010/02/28 19:23:52 | 000,000,000 | ---D | C] Logitech Touch Mouse Server -> C:\Program Files\Logitech Touch Mouse Server -> [2010/02/08 06:34:42 | 000,000,000 | ---D | C] Incomplete -> C:\Documents and Settings\Compaq_Owner\My Documents\Incomplete -> [2010/01/30 21:31:23 | 000,000,000 | ---D | C] AirVideoServer -> C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\AirVideoServer -> [2010/01/28 01:06:01 | 000,000,000 | ---D | C] jexepackres -> C:\jexepackres -> [2010/01/28 01:05:56 | 000,000,000 | -H-D | C] AirVideoServer -> C:\Program Files\AirVideoServer -> [2010/01/28 01:05:48 | 000,000,000 | ---D | C] My eBooks -> C:\Documents and Settings\Compaq_Owner\My Documents\My eBooks -> [2009/12/09 15:29:32 | 000,000,000 | ---D | C] My Received Files -> C:\Documents and Settings\Compaq_Owner\My Documents\My Received Files -> [2009/12/03 06:16:25 | 000,000,000 | ---D | C] TuneUp Software -> C:\Documents and Settings\LocalService\Application Data\TuneUp Software -> [2009/12/03 04:00:11 | 000,000,000 | ---D | M] TURegOpt.exe -> C:\WINDOWS\System32\TURegOpt.exe -> [2009/12/03 03:05:41 | 000,029,512 | ---- | C] (TuneUp Software) uxtuneup.dll -> C:\WINDOWS\System32\uxtuneup.dll -> [2009/12/03 03:05:38 | 000,030,024 | ---- | C] (TuneUp Software) TuneUp Software -> C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software -> [2009/12/03 03:04:33 | 000,000,000 | ---D | C] TuneUp Utilities 2010 -> C:\Program Files\TuneUp Utilities 2010 -> [2009/12/03 03:03:52 | 000,000,000 | ---D | C] TuneUp Software -> C:\Documents and Settings\All Users\Application Data\TuneUp Software -> [2009/12/03 03:03:25 | 000,000,000 | ---D | C] {D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> [2009/12/03 03:03:02 | 000,000,000 | -HSD | C] Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2009/04/23 02:20:39 | 000,000,000 | --SD | M] Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2009/04/23 02:20:39 | 000,000,000 | ---D | M] Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2009/04/23 02:20:39 | 000,000,000 | ---D | M] Mozilla -> C:\Documents and Settings\LocalService\Application Data\Mozilla -> [2008/11/04 12:06:12 | 000,000,000 | ---D | M] Mozilla -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla -> [2008/11/04 12:05:54 | 000,000,000 | ---D | M] Apple -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple -> [2007/09/20 08:45:00 | 000,000,000 | ---D | M] IsolatedStorage -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\IsolatedStorage -> [2007/08/05 16:50:49 | 000,000,000 | ---D | M] IsolatedStorage -> C:\Documents and Settings\LocalService\Local Settings\Application Data\IsolatedStorage -> [2007/03/03 15:02:57 | 000,000,000 | ---D | M] 6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files/Folders - Modified Within 90 Days] OTS.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\OTS.exe -> [2010/03/03 01:01:17 | 000,634,368 | ---- | M] (OldTimer Tools) ERUNT AutoBackup.lnk -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2010/03/03 00:57:46 | 000,000,775 | ---- | M] () NTREGOPT.lnk -> C:\Documents and Settings\Compaq_Owner\Desktop\NTREGOPT.lnk -> [2010/03/03 00:57:39 | 000,000,619 | ---- | M] () ERUNT.lnk -> C:\Documents and Settings\Compaq_Owner\Desktop\ERUNT.lnk -> [2010/03/03 00:57:39 | 000,000,600 | ---- | M] () The_Comedian.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\The_Comedian.exe -> [2010/03/03 00:56:44 | 000,794,112 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/03/03 00:47:54 | 000,142,848 | ---- | M] () ntuser.dat -> C:\Documents and Settings\Compaq_Owner\ntuser.dat -> [2010/03/03 00:44:29 | 007,864,320 | ---- | M] () Automatic troubleshooting.job -> C:\WINDOWS\tasks\Automatic troubleshooting.job -> [2010/03/02 20:00:21 | 000,000,500 | ---- | M] () incavi.avm -> C:\WINDOWS\System32\drivers\Avg\incavi.avm -> [2010/03/02 18:30:42 | 056,574,676 | ---- | M] () hpsysdrv.dat -> C:\WINDOWS\System\hpsysdrv.dat -> [2010/03/02 14:07:18 | 000,000,249 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/03/02 14:06:51 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/03/02 14:06:48 | 000,002,048 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/03/02 14:06:47 | 1543,032,832 | -HS- | M] () ntuser.ini -> C:\Documents and Settings\Compaq_Owner\ntuser.ini -> [2010/03/02 04:40:45 | 000,000,178 | -HS- | M] () lsrslt.ini -> C:\WINDOWS\lsrslt.ini -> [2010/03/02 03:25:25 | 000,001,898 | ---- | M] () hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2010/03/02 02:51:53 | 000,379,519 | R--- | M] () Spybot - Search & Destroy.lnk -> C:\Documents and Settings\Compaq_Owner\Desktop\Spybot - Search & Destroy.lnk -> [2010/03/02 02:18:30 | 000,000,941 | ---- | M] () spybotsd162.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\spybotsd162.exe -> [2010/03/02 02:17:02 | 016,409,960 | ---- | M] (Safer Networking Limited ) MP Scheduled Scan.job -> C:\WINDOWS\tasks\MP Scheduled Scan.job -> [2010/03/02 01:56:00 | 000,000,330 | -H-- | M] () atapi.sys -> C:\WINDOWS\System32\dllcache\atapi.sys -> [2010/03/01 04:26:00 | 000,095,360 | ---- | M] (Microsoft Corporation) Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/03/01 01:15:40 | 000,000,704 | ---- | M] () SUPERAntiSpyware Free Edition.lnk -> C:\Documents and Settings\Compaq_Owner\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2010/03/01 00:43:55 | 000,000,788 | ---- | M] () SUPERAntiSpyware.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\SUPERAntiSpyware.exe -> [2010/03/01 00:43:12 | 007,757,856 | ---- | M] () mbam-setup.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup.exe -> [2010/03/01 00:41:38 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2010/02/19 17:10:04 | 000,000,284 | ---- | M] () Logitech Touch Mouse Server.lnk -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk -> [2010/02/08 06:34:47 | 000,000,870 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/02/01 03:22:10 | 000,001,158 | ---- | M] () microavi.avg -> C:\WINDOWS\System32\drivers\Avg\microavi.avg -> [2010/01/19 23:58:20 | 000,142,495 | ---- | M] () win.ini -> C:\WINDOWS\win.ini -> [2010/01/18 23:21:19 | 000,000,731 | ---- | M] () Veale Daniel 414878.jpg -> C:\Documents and Settings\All Users\Documents\Veale Daniel 414878.jpg -> [2010/01/12 00:27:34 | 000,011,011 | ---- | M] () mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/01/07 16:07:04 | 000,019,160 | ---- | M] (Malwarebytes Corporation) wklnhst.dat -> C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat -> [2009/12/19 16:59:46 | 000,001,948 | ---- | M] () food handlers certificate.jpg -> C:\Documents and Settings\All Users\Documents\food handlers certificate.jpg -> [2009/12/17 17:16:47 | 000,064,720 | ---- | M] () hosts.20100302-025153.backup -> C:\WINDOWS\System32\drivers\etc\hosts.20100302-025153.backup -> [2009/12/06 18:07:06 | 000,360,797 | R--- | M] () hosts.20091206-180706.backup -> C:\WINDOWS\System32\drivers\etc\hosts.20091206-180706.backup -> [2009/12/06 18:06:47 | 000,360,797 | R--- | M] () hosts.20091206-180647.backup -> C:\WINDOWS\System32\drivers\etc\hosts.20091206-180647.backup -> [2009/12/06 18:05:36 | 000,360,797 | R--- | M] () hosts.20091203-224440.backup -> C:\WINDOWS\System32\drivers\etc\hosts.20091203-224440.backup -> [2009/12/03 22:44:40 | 000,000,217 | R--- | M] () hosts.20091206-180535.backup -> C:\WINDOWS\System32\drivers\etc\hosts.20091206-180535.backup -> [2009/12/03 22:44:40 | 000,000,175 | R--- | M] () Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2009/12/03 03:44:30 | 000,001,610 | ---- | M] () 6 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 22 C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp -> 22 C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp -> 22 C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\*.tmp -> 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files - No Company Name] ERUNT AutoBackup.lnk -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2010/03/03 00:57:46 | 000,000,775 | ---- | C] () NTREGOPT.lnk -> C:\Documents and Settings\Compaq_Owner\Desktop\NTREGOPT.lnk -> [2010/03/03 00:57:39 | 000,000,619 | ---- | C] () ERUNT.lnk -> C:\Documents and Settings\Compaq_Owner\Desktop\ERUNT.lnk -> [2010/03/03 00:57:39 | 000,000,600 | ---- | C] () The_Comedian.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\The_Comedian.exe -> [2010/03/03 00:56:43 | 000,794,112 | ---- | C] () hiberfil.sys -> C:\hiberfil.sys -> [2010/03/02 04:23:40 | 1543,032,832 | -HS- | C] () Spybot - Search & Destroy.lnk -> C:\Documents and Settings\Compaq_Owner\Desktop\Spybot - Search & Destroy.lnk -> [2010/03/02 02:18:30 | 000,000,941 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/03/01 01:15:40 | 000,000,704 | ---- | C] () SUPERAntiSpyware Free Edition.lnk -> C:\Documents and Settings\Compaq_Owner\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2010/03/01 00:43:55 | 000,000,788 | ---- | C] () SUPERAntiSpyware.exe -> C:\Documents and Settings\Compaq_Owner\Desktop\SUPERAntiSpyware.exe -> [2010/03/01 00:42:35 | 007,757,856 | ---- | C] () lsrslt.ini -> C:\WINDOWS\lsrslt.ini -> [2010/02/28 19:44:26 | 000,001,898 | ---- | C] () Logitech Touch Mouse Server.lnk -> C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk -> [2010/02/08 06:34:47 | 000,000,870 | ---- | C] () Veale Daniel 414878.jpg -> C:\Documents and Settings\All Users\Documents\Veale Daniel 414878.jpg -> [2010/01/12 00:27:33 | 000,011,011 | ---- | C] () food handlers certificate.jpg -> C:\Documents and Settings\All Users\Documents\food handlers certificate.jpg -> [2009/12/17 17:16:47 | 000,064,720 | ---- | C] () Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2009/12/03 03:44:30 | 000,001,610 | ---- | C] () Automatic troubleshooting.job -> C:\WINDOWS\tasks\Automatic troubleshooting.job -> [2009/12/03 03:06:10 | 000,000,500 | ---- | C] () unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2009/09/11 18:21:48 | 000,178,176 | ---- | C] () VGAunistlog.ini -> C:\WINDOWS\System32\VGAunistlog.ini -> [2008/11/05 04:36:21 | 000,095,285 | ---- | C] () qt-dx331.dll -> C:\WINDOWS\System32\qt-dx331.dll -> [2008/09/19 14:57:34 | 003,596,288 | ---- | C] () dtu100.dll.manifest -> C:\WINDOWS\System32\dtu100.dll.manifest -> [2008/09/19 14:55:10 | 000,000,416 | ---- | C] () dpl100.dll.manifest -> C:\WINDOWS\System32\dpl100.dll.manifest -> [2008/09/19 14:55:10 | 000,000,416 | ---- | C] () DivXWMPExtType.dll -> C:\WINDOWS\System32\DivXWMPExtType.dll -> [2008/09/19 14:54:18 | 000,012,288 | ---- | C] () WB.ini -> C:\WINDOWS\WB.ini -> [2008/09/06 12:19:33 | 000,000,000 | ---- | C] () MegaManager.INI -> C:\WINDOWS\MegaManager.INI -> [2008/06/18 12:33:35 | 000,000,050 | ---- | C] () cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2008/02/27 01:24:21 | 000,000,050 | ---- | C] () OpenQuicktimeLib.dll -> C:\WINDOWS\System32\OpenQuicktimeLib.dll -> [2008/02/18 23:33:34 | 000,446,352 | ---- | C] () uccspecc.sys -> C:\WINDOWS\uccspecc.sys -> [2007/10/16 06:18:09 | 000,000,031 | -H-- | C] () iPlayer.INI -> C:\WINDOWS\iPlayer.INI -> [2005/10/19 22:38:44 | 000,000,000 | ---- | C] () wwwbatch.ini -> C:\WINDOWS\wwwbatch.ini -> [2005/07/31 04:25:33 | 000,000,037 | ---- | C] () InsDrvZD64.DLL -> C:\WINDOWS\System32\InsDrvZD64.DLL -> [2005/07/12 14:44:42 | 000,015,872 | ---- | C] () PestPatrol5.INI -> C:\WINDOWS\PestPatrol5.INI -> [2005/05/31 22:44:59 | 000,000,000 | ---- | C] () OpPrintServer.INI -> C:\WINDOWS\OpPrintServer.INI -> [2005/05/15 12:57:59 | 000,000,000 | ---- | C] () VGAsetup.ini -> C:\WINDOWS\VGAsetup.ini -> [2005/04/29 14:42:07 | 000,103,579 | ---- | C] () smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2005/02/26 15:34:40 | 000,000,061 | ---- | C] () IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2005/02/26 15:30:37 | 000,204,800 | ---- | C] () IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2005/02/26 15:30:37 | 000,200,704 | ---- | C] () IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2005/02/26 15:30:37 | 000,192,512 | ---- | C] () IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2005/02/26 15:30:37 | 000,192,512 | ---- | C] () IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2005/02/26 15:30:37 | 000,188,416 | ---- | C] () IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2005/02/26 15:30:37 | 000,020,480 | ---- | C] () CHODDI.SYS -> C:\WINDOWS\System32\CHODDI.SYS -> [2005/02/26 15:02:17 | 000,013,973 | ---- | C] () hpreg.dll -> C:\WINDOWS\System32\hpreg.dll -> [2005/02/26 15:02:12 | 000,045,056 | ---- | C] () ssmute.ini -> C:\WINDOWS\System32\ssmute.ini -> [2005/02/26 15:01:51 | 000,002,154 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2005/02/26 14:58:52 | 000,000,376 | ---- | C] () fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2005/02/26 14:47:37 | 000,001,793 | ---- | C] () sm56spn.dll -> C:\WINDOWS\sm56spn.dll -> [2005/02/26 14:45:40 | 000,065,536 | ---- | C] () sm56itl.dll -> C:\WINDOWS\sm56itl.dll -> [2005/02/26 14:45:40 | 000,065,536 | ---- | C] () sm56ger.dll -> C:\WINDOWS\sm56ger.dll -> [2005/02/26 14:45:40 | 000,065,536 | ---- | C] () sm56fra.dll -> C:\WINDOWS\sm56fra.dll -> [2005/02/26 14:45:40 | 000,065,536 | ---- | C] () sm56eng.dll -> C:\WINDOWS\sm56eng.dll -> [2005/02/26 14:45:40 | 000,065,536 | ---- | C] () sm56brz.dll -> C:\WINDOWS\sm56brz.dll -> [2005/02/26 14:45:40 | 000,065,536 | ---- | C] () sm56jpn.dll -> C:\WINDOWS\sm56jpn.dll -> [2005/02/26 14:45:40 | 000,049,152 | ---- | C] () sm56cht.dll -> C:\WINDOWS\sm56cht.dll -> [2005/02/26 14:45:40 | 000,045,056 | ---- | C] () sm56chs.dll -> C:\WINDOWS\sm56chs.dll -> [2005/02/26 14:45:40 | 000,045,056 | ---- | C] () orun32.ini -> C:\WINDOWS\orun32.ini -> [2005/02/26 14:34:55 | 000,000,780 | ---- | C] () secdrv.sys -> C:\WINDOWS\System32\drivers\secdrv.sys -> [2005/02/26 03:38:46 | 000,027,440 | ---- | C] () pythoncom22.dll -> C:\WINDOWS\System32\pythoncom22.dll -> [2005/02/25 01:49:48 | 000,323,584 | ---- | C] () pywintypes22.dll -> C:\WINDOWS\System32\pywintypes22.dll -> [2005/02/25 01:49:48 | 000,094,208 | ---- | C] () bcbmm.dll -> C:\WINDOWS\System32\bcbmm.dll -> [2005/02/25 01:49:28 | 000,016,896 | ---- | C] () px.ini -> C:\WINDOWS\System32\px.ini -> [2004/09/13 23:35:56 | 000,000,000 | ---- | C] () PcdrKernelModeServices.dll -> C:\WINDOWS\System32\PcdrKernelModeServices.dll -> [2004/08/20 03:14:46 | 000,086,016 | ---- | C] () ProgressTrace.dll -> C:\WINDOWS\System32\ProgressTrace.dll -> [2004/08/20 03:14:46 | 000,065,536 | ---- | C] () ogorifejelap.dll -> C:\WINDOWS\ogorifejelap.dll -> [2004/08/04 11:00:00 | 000,165,888 | ---- | C] () oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2004/06/16 04:38:00 | 000,000,572 | ---- | C] () InsDrvZD.dll -> C:\WINDOWS\System32\InsDrvZD.dll -> [2004/03/23 16:38:00 | 000,028,672 | ---- | C] () JAWTAccessBridge.dll -> C:\WINDOWS\System32\JAWTAccessBridge.dll -> [2003/04/10 23:04:00 | 000,028,672 | ---- | C] () OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 23:05:08 | 000,002,695 | ---- | C] () [File - Lop Check] Amazon -> C:\Documents and Settings\All Users\Application Data\Amazon -> [2007/03/03 15:02:32 | 000,000,000 | ---D | M] Azureus -> C:\Documents and Settings\All Users\Application Data\Azureus -> [2007/10/06 05:05:28 | 000,000,000 | ---D | M] CA -> C:\Documents and Settings\All Users\Application Data\CA -> [2005/05/31 09:47:14 | 000,000,000 | ---D | M] CanonBJ -> C:\Documents and Settings\All Users\Application Data\CanonBJ -> [2009/09/11 18:18:35 | 000,000,000 | -H-D | M] Flip Video -> C:\Documents and Settings\All Users\Application Data\Flip Video -> [2009/09/11 16:25:25 | 000,000,000 | ---D | M] Messenger Plus! -> C:\Documents and Settings\All Users\Application Data\Messenger Plus! -> [2008/06/20 08:37:46 | 000,000,000 | ---D | M] Pure Digital Technologies -> C:\Documents and Settings\All Users\Application Data\Pure Digital Technologies -> [2009/08/31 02:10:55 | 000,000,000 | ---D | M] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2010/03/01 00:18:23 | 000,000,000 | ---D | M] TuneUp Software -> C:\Documents and Settings\All Users\Application Data\TuneUp Software -> [2009/12/03 03:03:54 | 000,000,000 | ---D | M] Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2005/11/24 23:13:25 | 000,000,000 | ---D | M] {00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} -> C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} -> [2009/03/17 00:46:15 | 000,000,000 | ---D | M] {3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> [2008/10/08 01:28:03 | 000,000,000 | ---D | M] {755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2009/09/13 21:38:28 | 000,000,000 | ---D | M] {8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} -> C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} -> [2009/04/10 16:23:24 | 000,000,000 | ---D | M] {D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> [2009/12/03 03:03:02 | 000,000,000 | -HSD | M] A414921A559463DC758F354182D17517 -> C:\Documents and Settings\Compaq_Owner\Application Data\A414921A559463DC758F354182D17517 -> [2010/03/02 23:51:24 | 000,000,000 | ---D | M] Aim -> C:\Documents and Settings\Compaq_Owner\Application Data\Aim -> [2009/04/02 23:50:27 | 000,000,000 | ---D | M] DNA -> C:\Documents and Settings\Compaq_Owner\Application Data\DNA -> [2009/12/07 00:39:24 | 000,000,000 | ---D | M] GetRightToGo -> C:\Documents and Settings\Compaq_Owner\Application Data\GetRightToGo -> [2008/11/23 10:22:12 | 000,000,000 | ---D | M] InterMute -> C:\Documents and Settings\Compaq_Owner\Application Data\InterMute -> [2005/02/26 15:18:11 | 000,000,000 | ---D | M] LimeWire -> C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire -> [2010/02/04 02:46:02 | 000,000,000 | ---D | M] SampleView -> C:\Documents and Settings\Compaq_Owner\Application Data\SampleView -> [2005/02/26 15:13:38 | 000,000,000 | ---D | M] SuperAdBlocker.com -> C:\Documents and Settings\Compaq_Owner\Application Data\SuperAdBlocker.com -> [2008/11/11 03:38:07 | 000,000,000 | ---D | M] Template -> C:\Documents and Settings\Compaq_Owner\Application Data\Template -> [2008/11/21 01:39:02 | 000,000,000 | ---D | M] TuneUp Software -> C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software -> [2009/12/03 03:04:33 | 000,000,000 | ---D | M] InterMute -> C:\Documents and Settings\Default User\Application Data\InterMute -> [2005/02/26 15:18:11 | 000,000,000 | ---D | M] SampleView -> C:\Documents and Settings\Default User\Application Data\SampleView -> [2005/02/26 15:13:38 | 000,000,000 | ---D | M] Azureus -> C:\Documents and Settings\delete\Application Data\Azureus -> [2007/10/06 05:20:43 | 000,000,000 | ---D | M] InterMute -> C:\Documents and Settings\delete\Application Data\InterMute -> [2005/02/26 15:18:11 | 000,000,000 | ---D | M] InterVideo -> C:\Documents and Settings\delete\Application Data\InterVideo -> [2007/10/10 23:15:10 | 000,000,000 | ---D | M] LimeWire -> C:\Documents and Settings\delete\Application Data\LimeWire -> [2007/10/25 03:01:39 | 000,000,000 | ---D | M] SampleView -> C:\Documents and Settings\delete\Application Data\SampleView -> [2005/02/26 15:13:38 | 000,000,000 | ---D | M] Template -> C:\Documents and Settings\delete\Application Data\Template -> [2007/08/19 01:04:17 | 000,000,000 | ---D | M] TuneUp Software -> C:\Documents and Settings\LocalService\Application Data\TuneUp Software -> [2009/12/03 04:00:11 | 000,000,000 | ---D | M] Automatic troubleshooting.job -> C:\WINDOWS\Tasks\Automatic troubleshooting.job -> [2010/03/02 20:00:21 | 000,000,500 | ---- | M] () MP Scheduled Scan.job -> C:\WINDOWS\Tasks\MP Scheduled Scan.job -> [2010/03/02 01:56:00 | 000,000,330 | -H-- | M] () [File - Purity Scan] [Custom Scans] < netsvcs > < %SYSTEMDRIVE%\*.exe > < MD5 Scans Start> < %systemdrive%\AGP440.SYS /md5 /s > AGP440.sys : .cab file -> C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:AGP440.sys -> [2008/09/15 00:00:35 | 023,852,652 | ---- | M] () AGP440.sys : .cab file -> C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys -> [2004/08/04 18:00:00 | 018,738,937 | ---- | M] () AGP440.sys : .cab file -> C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys -> [2008/11/05 23:48:06 | 023,852,652 | ---- | M] () AGP440.sys : .cab file -> C:\WINDOWS\I386\sp2.cab:AGP440.sys -> [2004/08/03 21:00:00 | 018,738,937 | ---- | M] () AGP440.sys : .cab file -> C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys -> [2008/11/05 23:48:06 | 023,852,652 | ---- | M] () < %systemdrive%\ATAPI.SYS /md5 /s > atapi.sys : .cab file -> C:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys -> [2008/09/15 00:00:35 | 023,852,652 | ---- | M] () atapi.sys : .cab file -> C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys -> [2004/08/04 18:00:00 | 018,738,937 | ---- | M] () atapi.sys : .cab file -> C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys -> [2008/11/05 23:48:06 | 023,852,652 | ---- | M] () atapi.sys : .cab file -> C:\WINDOWS\I386\sp2.cab:atapi.sys -> [2004/08/03 21:00:00 | 018,738,937 | ---- | M] () atapi.sys : .cab file -> C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys -> [2008/11/05 23:48:06 | 023,852,652 | ---- | M] () atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys -> [2004/08/03 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\dllcache\atapi.sys -> [2010/03/01 04:26:00 | 000,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\drivers\atapi.sys -> [2010/03/01 04:26:00 | 000,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys -> [2004/08/03 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) < %systemdrive%\EVENTLOG.DLL /md5 /s > eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll -> [2004/08/04 11:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\system32\dllcache\eventlog.dll -> [2004/08/04 11:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\system32\eventlog.dll -> [2004/08/04 11:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) < %systemdrive%\NETLOGON.DLL /md5 /s > netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll -> [2004/08/04 11:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\system32\dllcache\netlogon.dll -> [2004/08/04 11:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\system32\netlogon.dll -> [2004/08/04 11:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) < %systemdrive%\SCECLI.DLL /md5 /s > scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll -> [2004/08/04 11:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\system32\dllcache\scecli.dll -> [2004/08/04 11:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\system32\scecli.dll -> [2004/08/04 11:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) < MD5 Scans End> < %systemroot%\*. /mp /s > Restore point Set: OTS Restore Point (0) < %systemroot%\system32\*.dll /lockedfiles > 1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > default.sav -> C:\WINDOWS\system32\config\default.sav -> [2005/01/26 20:45:52 | 000,094,208 | ---- | M] () software.sav -> C:\WINDOWS\system32\config\software.sav -> [2005/01/26 20:45:52 | 000,634,880 | ---- | M] () system.sav -> C:\WINDOWS\system32\config\system.sav -> [2005/01/26 20:45:52 | 000,872,448 | ---- | M] () [Alternate Data Streams] @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > [/code]