[Andy L]

Hi, I'm posting on another computer because I got a virus that blocks me from basically ALL antivirus and help site, including geekstogo.com. I can't DL Hijackthis on my computer since thats blocked too. Any idea on how to remove this virus?

The most description I can give right now is, that I got the virus along with google redirect virus and fake antivirus ads and desktop changing. I fixed all those, but the one left is blocking me from Antivirus updates and sites.

I actually downloaded Hijackthis and sent it to my infected comp, so heres the log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:21:31 PM, on 8/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\program files\steam\steam.exe
C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Program Files\Winamp5.1\winamp.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Documents and Settings\Andy Lin\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - blank (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - blank (file missing)
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MilShieldSlave] "C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe" -logon
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O16 - DPF: Tegrity-WebLearner-2569 - http://tegrity.odyss...class/TWebS.CAB
O16 - DPF: Tegrity-WebLearner-2713 - http://tegrity.odyss...class/TWebS.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: MilShieldCleaner - Unknown owner - C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: Spyware Doctor Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)

--
End of file - 7317 bytes

Edited by Andy L, 27 August 2008 - 08:26 PM.

[Advertisements]

Also, I don't know if this will help, but I'll post a RSIT log too.

Logfile of random's system information tool (written by random/random)
Run by Andy Lin at 2008-08-28 18:04:08
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 26 GB (34%) free of 78 GB
Total RAM: 2559 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:04:15 PM, on 8/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\program files\steam\steam.exe
C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Andy Lin\Desktop\RSIT.exe
C:\Documents and Settings\Andy Lin\Desktop\Andy Lin.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - blank (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - blank (file missing)
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MilShieldSlave] "C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe" -logon
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O16 - DPF: Tegrity-WebLearner-2569 - http://tegrity.odyss...class/TWebS.CAB
O16 - DPF: Tegrity-WebLearner-2713 - http://tegrity.odyss...class/TWebS.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: MilShieldCleaner - Unknown owner - C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: Spyware Doctor Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)

--
End of file - 7405 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - blank []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-07-14 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2004-05-12 744960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - blank []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mxomssmenu"=C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2007-09-06 169264]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-05-15 185784]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"nwiz"=C:\WINDOWS\system32\nwiz.exe [2007-12-05 1626112]
"NvMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe [2004-03-18 131072]
"nForce Tray Options"=sstray.exe /r []
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-22 116040]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-04 158208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=c:\program files\steam\steam.exe [2008-04-01 1271032]
"MilShieldSlave"=C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe [2008-04-15 747008]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-08-19 1576176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-07-14 1232152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Program Files\DNA\btdna.exe [2008-04-24 288576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-09-18 171464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeadAIM]
C:\PROGRA~1\AIM\\DeadAIM.ocm []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regscan]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Valve\Steam\Steam.exe"="C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\half-life\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\World of Warcraft\WoW-1.1.1-patch-enUS-Downloader.exe"="C:\Program Files\World of Warcraft\WoW-1.1.1-patch-enUS-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\World of Warcraft\WoW-1.2.1-patch-enUS-Downloader.exe"="C:\Program Files\World of Warcraft\WoW-1.2.1-patch-enUS-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Xfire\ua_lsp_inst.exe"="C:\Program Files\Xfire\ua_lsp_inst.exe:*:Enabled:ua_lsp_inst"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Valve\Steam\SteamApps\shadowremed[email protected]\counter-strike source\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Ares Lite Edition\Ares.exe"="C:\Program Files\Ares Lite Edition\Ares.exe:*:Enabled:Ares"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\BitTornado\btdownloadgui.exe"="C:\Program Files\BitTornado\btdownloadgui.exe:*:Enabled:btdownloadgui"
"C:\Program Files\Media Player Classic\mplayerc.exe"="C:\Program Files\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\day of defeat\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Documents and Settings\Andy Lin\Desktop\utorrent.exe"="C:\Documents and Settings\Andy Lin\Desktop\utorrent.exe:*:Enabled:utorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Valve\Steam\SteamApps\rickytan77\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\rickytan77\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\half-life\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\team fortress classic\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\softnyx\GunBound\GunBound.gme"="C:\Program Files\softnyx\GunBound\GunBound.gme:*:Disabled:GunBound"
"C:\Program Files\MAIET\Gunz\Gunz.exe"="C:\Program Files\MAIET\Gunz\Gunz.exe:*:Disabled:Gunz"
"C:\Program Files\Wizet\Wizet\MapleStory\Patcher.exe"="C:\Program Files\Wizet\Wizet\MapleStory\Patcher.exe:*:Disabled:Patcher MFC ?? ????"
"C:\Program Files\Wizet\Wizet\MapleStory\NewPatcher.exe"="C:\Program Files\Wizet\Wizet\MapleStory\NewPatcher.exe:*:Disabled:Patcher MFC ?? ????"
"C:\Program Files\Softnyx\Rakion\Bin\Rakion.bin"="C:\Program Files\Softnyx\Rakion\Bin\Rakion.bin:*:Disabled:Rakion"
"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\team fortress classic\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Sierra\Empire Earth II\EE2.exe"="C:\Program Files\Sierra\Empire Earth II\EE2.exe:*:Enabled:Empire Earth II"
"C:\Program Files\Valve\Steam\SteamApps\csurmamacs\half-life\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\csurmamacs\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\poison_maniac\half-life\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\poison_maniac\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\poison_maniac\team fortress classic\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\poison_maniac\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\[email protected]\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\[email protected]\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Steam\steamapps\[email protected]\half-life\hl.exe"="C:\Program Files\Steam\steamapps\[email protected]\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Steam\steamapps\poison_maniac\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\poison_maniac\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Crazy Browser\Crazy Browser.exe"="C:\Program Files\Crazy Browser\Crazy Browser.exe:*:Enabled:Crazy Browser"
"C:\Program Files\Steam\steamapps\[email protected]\day of defeat\hl.exe"="C:\Program Files\Steam\steamapps\[email protected]\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Steam\steamapps\war master\half-life\hl.exe"="C:\Program Files\Steam\steamapps\war master\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\war master\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\war master\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\war master\ricochet\hl.exe"="C:\Program Files\Steam\steamapps\war master\ricochet\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\war master\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\war master\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\war master\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\war master\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\b3aa7ffdd89e8e4e433e5cf85f0fc50f\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\b3aa7ffdd89e8e4e433e5cf85f0fc50f\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\b3aa7ffdd89e8e4e433e5cf85f0fc50f\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\b3aa7ffdd89e8e4e433e5cf85f0fc50f\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\iamthehendrix\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\iamthehendrix\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\iamthehendrix\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\iamthehendrix\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\Andy Lin\Desktop\New Folder\warsow.exe"="C:\Documents and Settings\Andy Lin\Desktop\New Folder\warsow.exe:*:Enabled:Warsow"
"C:\Program Files\Steam\steamapps\iamthehendrix\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\iamthehendrix\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Steam\steamapps\iamthehendrix\half-life\hl.exe"="C:\Program Files\Steam\steamapps\iamthehendrix\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\G4BOX\Metin2\metin2.bin"="C:\Program Files\G4BOX\Metin2\metin2.bin:*:Enabled:metin2"
"C:\Documents and Settings\Andy Lin\Desktop\New Folder\Glider_148\fpj.exe"="C:\Documents and Settings\Andy Lin\Desktop\New Folder\Glider_148\fpj.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\New Folder\Glider_148\efkrocu.exe"="C:\Documents and Settings\Andy Lin\Desktop\New Folder\Glider_148\efkrocu.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\wfayhebnan.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\wfayhebnan.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\smrozvnmk.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\smrozvnmk.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\lkjyvydxf.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\lkjyvydxf.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\lnmzj.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\lnmzj.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\hnbybs.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\hnbybs.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jtsfgnk.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jtsfgnk.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\brcaddivo.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\brcaddivo.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kiefnc.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kiefnc.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\etldsm.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\etldsm.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\oqkbpjiw.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\oqkbpjiw.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ohbdl.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ohbdl.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\anizff.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\anizff.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dmgh.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dmgh.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\zwh.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\zwh.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\nryl.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\nryl.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\eqnleq.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\eqnleq.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kzpzbsp.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kzpzbsp.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jvz.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jvz.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ozfmbs.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ozfmbs.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mvmnthgz.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mvmnthgz.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\xxyckgudda.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\xxyckgudda.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jozcmks.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jozcmks.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\wfxcuw.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\wfxcuw.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mbncymyb.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mbncymyb.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dcuu.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dcuu.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\anf.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\anf.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\avjjxrddy.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\avjjxrddy.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kzcoms.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kzcoms.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\eabfi.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\eabfi.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\yajinnjsm.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\yajinnjsm.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ojlcsnxae.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ojlcsnxae.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\qgamldod.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\qgamldod.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dhewnegsui.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dhewnegsui.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\hjb.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\hjb.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kumubujl.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kumubujl.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\bcifs.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\bcifs.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\gzewdnz.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\gzewdnz.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\pfwfvqhs.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\pfwfvqhs.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ohgsxuifr.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ohgsxuifr.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mtc.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mtc.exe:*:Enabled: "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6046c3c2-5bce-11d9-9d0a-806d6172696f}]
shell\AutoRun\command - D:\ASUSACPI.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5dc1bbc-5bd0-11d9-aaa0-806d6172696f}]
shell\AutoRun\command - D:\Setup.exe


List of files/folders created in the last three months

2008-08-28 18:04:08 ----D---- C:\rsit
2008-08-27 22:46:32 ----D---- C:\WINDOWS\system32\SuperAdBlocker.com
2008-08-27 19:20:12 ----D---- C:\Program Files\Trend Micro
2008-08-26 05:42:54 ----A---- C:\WINDOWS\system32\javaws.exe
2008-08-26 05:42:54 ----A---- C:\WINDOWS\system32\javaw.exe
2008-08-26 05:42:54 ----A---- C:\WINDOWS\system32\java.exe
2008-08-26 04:30:42 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-08-26 04:30:37 ----D---- C:\Program Files\SUPERAntiSpyware
2008-08-26 04:30:37 ----D---- C:\Documents and Settings\Andy Lin\Application Data\SUPERAntiSpyware.com
2008-08-26 04:13:01 ----A---- C:\WINDOWS\ntbtlog.txt
2008-08-26 01:51:28 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-08-26 01:25:33 ----A---- C:\bug.txt
2008-08-26 01:17:23 ----A---- C:\WINDOWS\system32\tmp.txt
2008-08-26 01:16:58 ----A---- C:\rapport.txt
2008-08-24 22:45:09 ----A---- C:\WINDOWS\ScUnin.exe
2008-08-24 22:44:44 ----D---- C:\Program Files\Starcraft
2008-08-23 18:05:02 ----D---- C:\Mp3 Output
2008-08-23 18:02:27 ----A---- C:\WINDOWS\system32\cc3270mt.dll
2008-08-23 18:00:25 ----D---- C:\Documents and Settings\Andy Lin\Application Data\AVS4YOU
2008-08-23 17:59:56 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-08-23 17:59:08 ----D---- C:\Program Files\Common Files\AVSMedia
2008-08-23 17:59:07 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-08-23 17:59:07 ----A---- C:\WINDOWS\system32\msvcr70.dll
2008-08-23 17:59:07 ----A---- C:\WINDOWS\system32\msvcp70.dll
2008-08-23 17:59:07 ----A---- C:\WINDOWS\system32\mfc70.dll
2008-08-20 08:57:37 ----A---- C:\WINDOWS\wb.ini
2008-08-20 08:57:37 ----A---- C:\WINDOWS\system32\wbsys.dll
2008-08-20 08:57:36 ----D---- C:\Program Files\Common Files\Stardock
2008-08-20 08:57:36 ----D---- C:\Program Files\AlienGUIse
2008-08-20 08:32:16 ----D---- C:\Program Files\Apple Software Update
2008-08-19 08:29:35 ----D---- C:\Program Files\Easy Video Splitter
2008-08-19 08:25:33 ----A---- C:\WINDOWS\system32\gdiplus.dll
2008-08-19 08:25:32 ----A---- C:\WINDOWS\system32\vorbis.dll
2008-08-19 08:25:32 ----A---- C:\WINDOWS\system32\ogg.dll
2008-08-19 08:25:32 ----A---- C:\WINDOWS\system32\FXDV1to2.dll
2008-08-19 08:25:31 ----A---- C:\WINDOWS\system32\OggDSuninst.exe
2008-08-19 08:25:31 ----A---- C:\WINDOWS\system32\OggDS.dll
2008-08-19 08:25:30 ----A---- C:\WINDOWS\system32\vorbisenc.dll
2008-08-19 05:46:05 ----D---- C:\Program Files\AviSynth 2.5
2008-08-19 05:45:59 ----D---- C:\Program Files\Red Kawa
2008-08-19 00:22:58 ----D---- C:\Program Files\Bonjour
2008-08-19 00:21:42 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-08-19 00:21:32 ----D---- C:\Program Files\Common Files\Apple
2008-08-19 00:21:32 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-08-19 00:10:01 ----D---- C:\Program Files\iTunes
2008-08-19 00:10:01 ----D---- C:\Program Files\iPod
2008-07-25 18:46:19 ----D---- C:\Program Files\Pidgin
2008-07-25 12:57:27 ----D---- C:\Documents and Settings\Andy Lin\Application Data\vlc
2008-07-25 12:48:08 ----D---- C:\Program Files\VideoLAN
2008-07-24 16:15:25 ----D---- C:\Documents and Settings\Andy Lin\Application Data\gtk-2.0
2008-07-24 16:13:43 ----D---- C:\Documents and Settings\Andy Lin\Application Data\.purple
2008-07-15 16:09:06 ----A---- C:\WINDOWS\system32\xfcodec.dll
2008-06-19 16:22:29 ----D---- C:\Documents and Settings\Andy Lin\Application Data\SPORE Creature Creator
2008-06-19 16:19:54 ----D---- C:\Program Files\Electronic Arts
2008-06-09 18:37:05 ----D---- C:\Program Files\WinPcap
2008-06-09 18:36:39 ----D---- C:\Program Files\WC3Banlist

List of drivers

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\system32\System32\Drivers\avgldx86.sys []
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\system32\System32\Drivers\avgmfx86.sys []
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\system32\System32\drivers\ws2ifsl.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2003-03-31 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-03-31 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
R3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
R3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 32512]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 nvax;Service for NVIDIA® nForce™ Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-10-22 53376]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 nvnforce;Service for NVIDIA® nForce™ Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-10-22 413824]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-03 37376]
S3 ao9o8kj7;ao9o8kj7; C:\WINDOWS\system32\drivers\ao9o8kj7.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\ANDYLI~1\LOCALS~1\Temp\catchme.sys []
S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys []
S3 IKFileFlt;File Filter Driver; C:\WINDOWS\system32\drivers\ikfileflt.sys [2007-04-19 39248]
S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2007-04-19 52304]
S3 IkSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2007-04-19 59984]
S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2007-04-19 83536]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
S3 npkcusb;npkcusb; \??\C:\WINDOWS\system32\npkcusb.sys []
S3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-11-27 80896]
S3 SABProcEnum;SABProcEnum; \??\C:\PROGRA~1\MOZILL~1\SABProcEnum.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-07-22 32000]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\System32\DRIVERS\sr.sys []

List of services

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-03-19 607576]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-14 231192]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 Maxtor Sync Service;Maxtor Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-09-28 156976]
R2 MilShieldCleaner;MilShieldCleaner; C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe [2008-04-15 331776]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-10-19 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-02 86016]
S3 sdAuxService;Spyware Doctor Auxiliary Service; C:\Program Files\Spyware Doctor\svcntaux.exe []
S3 sdCoreService;Spyware Doctor Service; C:\Program Files\Spyware Doctor\swdsvc.exe []
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

[Andy L]

Also, I don't know if this will help, but I'll post a RSIT log too.

Logfile of random's system information tool (written by random/random)
Run by Andy Lin at 2008-08-28 18:04:08
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 26 GB (34%) free of 78 GB
Total RAM: 2559 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:04:15 PM, on 8/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\program files\steam\steam.exe
C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Andy Lin\Desktop\RSIT.exe
C:\Documents and Settings\Andy Lin\Desktop\Andy Lin.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - blank (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - blank (file missing)
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MilShieldSlave] "C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe" -logon
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_10650.dll
O16 - DPF: Tegrity-WebLearner-2569 - http://tegrity.odyss...class/TWebS.CAB
O16 - DPF: Tegrity-WebLearner-2713 - http://tegrity.odyss...class/TWebS.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: MilShieldCleaner - Unknown owner - C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: Spyware Doctor Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)

--
End of file - 7405 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - blank []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-07-14 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2004-05-12 744960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - blank []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mxomssmenu"=C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2007-09-06 169264]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-05-15 185784]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"nwiz"=C:\WINDOWS\system32\nwiz.exe [2007-12-05 1626112]
"NvMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe [2004-03-18 131072]
"nForce Tray Options"=sstray.exe /r []
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-22 116040]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-04 158208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=c:\program files\steam\steam.exe [2008-04-01 1271032]
"MilShieldSlave"=C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe [2008-04-15 747008]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-08-19 1576176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-07-14 1232152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Program Files\DNA\btdna.exe [2008-04-24 288576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-09-18 171464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeadAIM]
C:\PROGRA~1\AIM\\DeadAIM.ocm []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regscan]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Valve\Steam\Steam.exe"="C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\half-life\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\World of Warcraft\WoW-1.1.1-patch-enUS-Downloader.exe"="C:\Program Files\World of Warcraft\WoW-1.1.1-patch-enUS-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\World of Warcraft\WoW-1.2.1-patch-enUS-Downloader.exe"="C:\Program Files\World of Warcraft\WoW-1.2.1-patch-enUS-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Xfire\ua_lsp_inst.exe"="C:\Program Files\Xfire\ua_lsp_inst.exe:*:Enabled:ua_lsp_inst"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\Program Files\Valve\Steam\SteamApps\shadowremed[email protected]\counter-strike source\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Ares Lite Edition\Ares.exe"="C:\Program Files\Ares Lite Edition\Ares.exe:*:Enabled:Ares"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\BitTornado\btdownloadgui.exe"="C:\Program Files\BitTornado\btdownloadgui.exe:*:Enabled:btdownloadgui"
"C:\Program Files\Media Player Classic\mplayerc.exe"="C:\Program Files\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\day of defeat\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Documents and Settings\Andy Lin\Desktop\utorrent.exe"="C:\Documents and Settings\Andy Lin\Desktop\utorrent.exe:*:Enabled:utorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Valve\Steam\SteamApps\rickytan77\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\rickytan77\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\half-life\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\team fortress classic\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\softnyx\GunBound\GunBound.gme"="C:\Program Files\softnyx\GunBound\GunBound.gme:*:Disabled:GunBound"
"C:\Program Files\MAIET\Gunz\Gunz.exe"="C:\Program Files\MAIET\Gunz\Gunz.exe:*:Disabled:Gunz"
"C:\Program Files\Wizet\Wizet\MapleStory\Patcher.exe"="C:\Program Files\Wizet\Wizet\MapleStory\Patcher.exe:*:Disabled:Patcher MFC ?? ????"
"C:\Program Files\Wizet\Wizet\MapleStory\NewPatcher.exe"="C:\Program Files\Wizet\Wizet\MapleStory\NewPatcher.exe:*:Disabled:Patcher MFC ?? ????"
"C:\Program Files\Softnyx\Rakion\Bin\Rakion.bin"="C:\Program Files\Softnyx\Rakion\Bin\Rakion.bin:*:Disabled:Rakion"
"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Valve\Steam\SteamApps\[email protected]\team fortress classic\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\[email protected]\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Sierra\Empire Earth II\EE2.exe"="C:\Program Files\Sierra\Empire Earth II\EE2.exe:*:Enabled:Empire Earth II"
"C:\Program Files\Valve\Steam\SteamApps\csurmamacs\half-life\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\csurmamacs\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\poison_maniac\half-life\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\poison_maniac\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\poison_maniac\team fortress classic\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\poison_maniac\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\[email protected]\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\[email protected]\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Steam\steamapps\[email protected]\half-life\hl.exe"="C:\Program Files\Steam\steamapps\[email protected]\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Steam\steamapps\poison_maniac\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\poison_maniac\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Crazy Browser\Crazy Browser.exe"="C:\Program Files\Crazy Browser\Crazy Browser.exe:*:Enabled:Crazy Browser"
"C:\Program Files\Steam\steamapps\[email protected]\day of defeat\hl.exe"="C:\Program Files\Steam\steamapps\[email protected]\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Steam\steamapps\war master\half-life\hl.exe"="C:\Program Files\Steam\steamapps\war master\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\war master\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\war master\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\war master\ricochet\hl.exe"="C:\Program Files\Steam\steamapps\war master\ricochet\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\war master\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\war master\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\war master\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\war master\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\b3aa7ffdd89e8e4e433e5cf85f0fc50f\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\b3aa7ffdd89e8e4e433e5cf85f0fc50f\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\b3aa7ffdd89e8e4e433e5cf85f0fc50f\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\b3aa7ffdd89e8e4e433e5cf85f0fc50f\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\iamthehendrix\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\iamthehendrix\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\iamthehendrix\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\iamthehendrix\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\Andy Lin\Desktop\New Folder\warsow.exe"="C:\Documents and Settings\Andy Lin\Desktop\New Folder\warsow.exe:*:Enabled:Warsow"
"C:\Program Files\Steam\steamapps\iamthehendrix\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\iamthehendrix\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Steam\steamapps\iamthehendrix\half-life\hl.exe"="C:\Program Files\Steam\steamapps\iamthehendrix\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\G4BOX\Metin2\metin2.bin"="C:\Program Files\G4BOX\Metin2\metin2.bin:*:Enabled:metin2"
"C:\Documents and Settings\Andy Lin\Desktop\New Folder\Glider_148\fpj.exe"="C:\Documents and Settings\Andy Lin\Desktop\New Folder\Glider_148\fpj.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\New Folder\Glider_148\efkrocu.exe"="C:\Documents and Settings\Andy Lin\Desktop\New Folder\Glider_148\efkrocu.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\wfayhebnan.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\wfayhebnan.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\smrozvnmk.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\smrozvnmk.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\lkjyvydxf.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\lkjyvydxf.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\lnmzj.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\lnmzj.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\hnbybs.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\hnbybs.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jtsfgnk.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jtsfgnk.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\brcaddivo.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\brcaddivo.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kiefnc.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kiefnc.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\etldsm.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\etldsm.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\oqkbpjiw.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\oqkbpjiw.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ohbdl.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ohbdl.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\anizff.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\anizff.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dmgh.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dmgh.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\zwh.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\zwh.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\nryl.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\nryl.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\eqnleq.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\eqnleq.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kzpzbsp.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kzpzbsp.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jvz.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jvz.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ozfmbs.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ozfmbs.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mvmnthgz.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mvmnthgz.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\xxyckgudda.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\xxyckgudda.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jozcmks.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\jozcmks.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\wfxcuw.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\wfxcuw.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mbncymyb.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mbncymyb.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dcuu.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dcuu.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\anf.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\anf.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\avjjxrddy.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\avjjxrddy.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kzcoms.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kzcoms.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\eabfi.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\eabfi.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\yajinnjsm.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\yajinnjsm.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ojlcsnxae.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ojlcsnxae.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\qgamldod.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\qgamldod.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dhewnegsui.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\dhewnegsui.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\hjb.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\hjb.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kumubujl.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\kumubujl.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\bcifs.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\bcifs.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\gzewdnz.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\gzewdnz.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\pfwfvqhs.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\pfwfvqhs.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ohgsxuifr.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\ohgsxuifr.exe:*:Enabled: "
"C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mtc.exe"="C:\Documents and Settings\Andy Lin\Desktop\ah\Glider_148\mtc.exe:*:Enabled: "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6046c3c2-5bce-11d9-9d0a-806d6172696f}]
shell\AutoRun\command - D:\ASUSACPI.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5dc1bbc-5bd0-11d9-aaa0-806d6172696f}]
shell\AutoRun\command - D:\Setup.exe


List of files/folders created in the last three months

2008-08-28 18:04:08 ----D---- C:\rsit
2008-08-27 22:46:32 ----D---- C:\WINDOWS\system32\SuperAdBlocker.com
2008-08-27 19:20:12 ----D---- C:\Program Files\Trend Micro
2008-08-26 05:42:54 ----A---- C:\WINDOWS\system32\javaws.exe
2008-08-26 05:42:54 ----A---- C:\WINDOWS\system32\javaw.exe
2008-08-26 05:42:54 ----A---- C:\WINDOWS\system32\java.exe
2008-08-26 04:30:42 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-08-26 04:30:37 ----D---- C:\Program Files\SUPERAntiSpyware
2008-08-26 04:30:37 ----D---- C:\Documents and Settings\Andy Lin\Application Data\SUPERAntiSpyware.com
2008-08-26 04:13:01 ----A---- C:\WINDOWS\ntbtlog.txt
2008-08-26 01:51:28 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-08-26 01:25:33 ----A---- C:\bug.txt
2008-08-26 01:17:23 ----A---- C:\WINDOWS\system32\tmp.txt
2008-08-26 01:16:58 ----A---- C:\rapport.txt
2008-08-24 22:45:09 ----A---- C:\WINDOWS\ScUnin.exe
2008-08-24 22:44:44 ----D---- C:\Program Files\Starcraft
2008-08-23 18:05:02 ----D---- C:\Mp3 Output
2008-08-23 18:02:27 ----A---- C:\WINDOWS\system32\cc3270mt.dll
2008-08-23 18:00:25 ----D---- C:\Documents and Settings\Andy Lin\Application Data\AVS4YOU
2008-08-23 17:59:56 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-08-23 17:59:08 ----D---- C:\Program Files\Common Files\AVSMedia
2008-08-23 17:59:07 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-08-23 17:59:07 ----A---- C:\WINDOWS\system32\msvcr70.dll
2008-08-23 17:59:07 ----A---- C:\WINDOWS\system32\msvcp70.dll
2008-08-23 17:59:07 ----A---- C:\WINDOWS\system32\mfc70.dll
2008-08-20 08:57:37 ----A---- C:\WINDOWS\wb.ini
2008-08-20 08:57:37 ----A---- C:\WINDOWS\system32\wbsys.dll
2008-08-20 08:57:36 ----D---- C:\Program Files\Common Files\Stardock
2008-08-20 08:57:36 ----D---- C:\Program Files\AlienGUIse
2008-08-20 08:32:16 ----D---- C:\Program Files\Apple Software Update
2008-08-19 08:29:35 ----D---- C:\Program Files\Easy Video Splitter
2008-08-19 08:25:33 ----A---- C:\WINDOWS\system32\gdiplus.dll
2008-08-19 08:25:32 ----A---- C:\WINDOWS\system32\vorbis.dll
2008-08-19 08:25:32 ----A---- C:\WINDOWS\system32\ogg.dll
2008-08-19 08:25:32 ----A---- C:\WINDOWS\system32\FXDV1to2.dll
2008-08-19 08:25:31 ----A---- C:\WINDOWS\system32\OggDSuninst.exe
2008-08-19 08:25:31 ----A---- C:\WINDOWS\system32\OggDS.dll
2008-08-19 08:25:30 ----A---- C:\WINDOWS\system32\vorbisenc.dll
2008-08-19 05:46:05 ----D---- C:\Program Files\AviSynth 2.5
2008-08-19 05:45:59 ----D---- C:\Program Files\Red Kawa
2008-08-19 00:22:58 ----D---- C:\Program Files\Bonjour
2008-08-19 00:21:42 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-08-19 00:21:32 ----D---- C:\Program Files\Common Files\Apple
2008-08-19 00:21:32 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-08-19 00:10:01 ----D---- C:\Program Files\iTunes
2008-08-19 00:10:01 ----D---- C:\Program Files\iPod
2008-07-25 18:46:19 ----D---- C:\Program Files\Pidgin
2008-07-25 12:57:27 ----D---- C:\Documents and Settings\Andy Lin\Application Data\vlc
2008-07-25 12:48:08 ----D---- C:\Program Files\VideoLAN
2008-07-24 16:15:25 ----D---- C:\Documents and Settings\Andy Lin\Application Data\gtk-2.0
2008-07-24 16:13:43 ----D---- C:\Documents and Settings\Andy Lin\Application Data\.purple
2008-07-15 16:09:06 ----A---- C:\WINDOWS\system32\xfcodec.dll
2008-06-19 16:22:29 ----D---- C:\Documents and Settings\Andy Lin\Application Data\SPORE Creature Creator
2008-06-19 16:19:54 ----D---- C:\Program Files\Electronic Arts
2008-06-09 18:37:05 ----D---- C:\Program Files\WinPcap
2008-06-09 18:36:39 ----D---- C:\Program Files\WC3Banlist

List of drivers

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\system32\System32\Drivers\avgldx86.sys []
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\system32\System32\Drivers\avgmfx86.sys []
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\system32\System32\drivers\ws2ifsl.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2003-03-31 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-03-31 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
R3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
R3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 32512]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 nvax;Service for NVIDIA® nForce™ Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-10-22 53376]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 nvnforce;Service for NVIDIA® nForce™ Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-10-22 413824]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-03 37376]
S3 ao9o8kj7;ao9o8kj7; C:\WINDOWS\system32\drivers\ao9o8kj7.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\ANDYLI~1\LOCALS~1\Temp\catchme.sys []
S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys []
S3 IKFileFlt;File Filter Driver; C:\WINDOWS\system32\drivers\ikfileflt.sys [2007-04-19 39248]
S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2007-04-19 52304]
S3 IkSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2007-04-19 59984]
S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2007-04-19 83536]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
S3 npkcusb;npkcusb; \??\C:\WINDOWS\system32\npkcusb.sys []
S3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-11-27 80896]
S3 SABProcEnum;SABProcEnum; \??\C:\PROGRA~1\MOZILL~1\SABProcEnum.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-07-22 32000]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\System32\DRIVERS\sr.sys []

List of services

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-03-19 607576]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-14 231192]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 Maxtor Sync Service;Maxtor Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-09-28 156976]
R2 MilShieldCleaner;MilShieldCleaner; C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe [2008-04-15 331776]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-10-19 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-02 86016]
S3 sdAuxService;Spyware Doctor Auxiliary Service; C:\Program Files\Spyware Doctor\svcntaux.exe []
S3 sdCoreService;Spyware Doctor Service; C:\Program Files\Spyware Doctor\swdsvc.exe []
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------