Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer running extremely slow. [Solved]

Started by musikman , Mar 03 2009 05:34 PM

This topic is locked

#16
musikman

Posted 12 March 2009 - 07:04 PM

Member

Topic Starter
Member
81 posts

Not sure why the Malwarebytes log is in Spanish but I speak Spanish and from what I can see, there doesn't seem to be any malware/viruses on the report results.

(((((((((( MalwareBytes Log ))))))))))

Malwarebytes' Anti-Malware 1.34
Versión de la Base de Datos: 1841
Windows 5.1.2600 Service Pack 3

3/12/2009 8:50:04 PM
mbam-log-2009-03-12 (20-50-02).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 99776
Tiempo transcurrido: 1 hour(s), 13 minute(s), 55 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)

(((((((((( SUPERSpyware Log ))))))))))

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/11/2009 at 07:30 PM

Application Version : 4.25.1014

Core Rules Database Version : 3788
Trace Rules Database Version: 1745

Scan type : Complete Scan
Total Scan Time : 01:11:11

Memory items scanned : 377
Memory threats detected : 0
Registry items scanned : 4724
Registry threats detected : 0
File items scanned : 20020
File threats detected : 4

Adware.Tracking Cookie
C:\Documents and Settings\Tom Truong\Cookies\[email protected][1].txt
C:\Documents and Settings\Tom Truong\Cookies\tom_truong@doubleclick[1].txt
C:\Documents and Settings\Tom Truong\Cookies\tom_truong@atdmt[1].txt
C:\Documents and Settings\Tom Truong\Cookies\tom_truong@questionmarket[2].txt

(((((((((( KaperSky Log ))))))))))

KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, March 11, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, March 11, 2009 12:40:34
Records in database: 1888936
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\

Scan statistics:
Files scanned: 40637
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 02:05:00

No malware has been detected. The scan area is clean.

The selected area was scanned.

As far as PC performance.... it's a little quicker but it still seems to be very slow.

I'm not sure if it's related to hardware issue(s) or maybe even a lack of memory, but it seemed to be running much faster until I updated the system with Windows SP3... any ideas?

Edited by musikman, 12 March 2009 - 07:06 PM.

#17
andrewuk

Posted 12 March 2009 - 08:41 PM

Trusted Helper

Malware Removal
5,297 posts

Hello musikman

congratulations, your logs are clean and another fix is in the can

your logs appear clean. go through the instructions below, including the ideas to speed up your machine. let me know if your machine is still slow.

in this post we will clear away the fix tools (this is so that should you ever be re-infected, you will download updated versions and it will also remove the quarantined Malware from your computer), reset your restore points (there will be infections lurking in there) and i will leave you with some ideas on how to enhance the protection of your machine against future infection.

====STEP 1====
Follow these steps to uninstall Combofix, the tools used in the removal of malware and to flush your system restore points

Click START then RUN
Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.

you can remove malwarebytes via the add/remove programs in your control panel

====STEP 2====
Please download the OTCleanIt by OldTimer.

Save it to your desktop.
Please double-click OTCleanIT.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
Click on the CleanUp! button to begin the Cleanup process and remove these components, including this application.
You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

you can also clear away any other tools we used.

====IDEAS TO SPEED UP YOUR MACHINE====
this page http://users.telenet...owcomputer.html gives some good ideas on how to improve the efficiency of your machine and has one or two useful links to help you further.

====AND FINALLY====
The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

MBAM - Malware Bytes Anti Malware is an excellent tool for anyone's antimalware arsenal. This program should be updated and run often.
SpywareBlaster - Great prevention tool to keep nasties from installing on your system.
SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.
IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
Comodo Firewall - The use of a firewall is a personal preference, but its certainly a good idea. Comodo is free and light. Remember, never install more than 1 firewall.
Digsby or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
FireFox - Alternate web browser. Open source and quick, Firefox is usually the first thing I install on a new system.
NoScript - Addon for Firefox that stops all scripts from running on websites. Stops malicious software from invading via flash, java, javascript, and many other entry points.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein

best wishes

andrewuk

#18
musikman

Posted 14 March 2009 - 05:52 PM

Member

Topic Starter
Member
81 posts

Hello Andrew... first and foremost... let me thank you for all your help.

It seems my PC is free of viruses/malware/spyware now, however, I still seem to be having issues with SPEED. It does appear that the speed of my PC has improved somewhat, and I followed your suggestions and links on how to improve computer performance. I tweeked my PC as much as possible but again... there are still some issues in terms of performance for some reason. The PC is as clean and "simple" as possible in terms of how much stuff is in it since I only have basics programs installed such as MSN messenger, Windows Media Player, Winamp, etc, etc... in other words, nothing out of the ordinary and no resources hog programs.

I have noticed that when running Windows Update the following updates "failed" to install:

-Office 2003 Service Pack 3 (SP3)
-Update for Microsoft Office Outlook 2003 Junk Emailer Filter (KB962870)
-Update for Office 2003 (KB907417)

I know this is probably not related to this thread (malware/virus/spyware/hijackthis) but I was wondering if you could suggest where I could post this so that perhaps someone could help me with this issue.

In any case, I just wanted to thank you very much for your time and all the help you have provided.

Please let me know where or how I can get additional help regarding the Windows Update issues I'm having.

THANKS A MILLION FOR ALL YOUR HELP!!!

#19
andrewuk

Posted 14 March 2009 - 06:04 PM

Trusted Helper

Malware Removal
5,297 posts

lets take some final scans as a final check:

Please run the MGA Diagnostic Tool and post back the report it shall produce:

Download MGADiag to your desktop.
Double-click on MGADiag.exe to launch the program
Click "Continue"
Ensure that the "Windows" tab is selected (it should be by default).
Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
Paste the MGA Diagnostic Report back here in your next reply.

and:

Download OTListIt to your desktop.

Close all windows and open it by double clicking on the icon
Check the boxes beside LOP Check and Purity Check
Click Run Scan and let the program run uninterrupted
It will produce two logs for you, one will pop up called OTListIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
You may need to use two posts to get it all on the forum

andrewuk

#20
musikman

Posted 14 March 2009 - 07:13 PM

Member

Topic Starter
Member
81 posts

(((((((((( MGADiag ))))))))))

Diagnostic Report (1.9.0006.1):
-----------------------------------------
WGA Data-->
Validation Status: Genuine
Validation Code: 0
Online Validation Code: N/A
Cached Validation Code: N/A
Windows Product Key: *****-*****-T6DFB-Y934T-YD4YT
Windows Product Key Hash: 3g4CZGFEDgbKmn/oB4pa2FZsssU=
Windows Product ID: 55274-OEM-2211906-00102
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {F5E5F874-92F9-466B-97CE-0911680771EC}(3)
Is Admin: Yes
TestCab: 0x0
WGA Version: Registered, 1.8.31.9
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

WgaER Data-->
ThreatID(s): N/A
Version: N/A

WGA Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.8.31.9
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
WGATray.exe Signed By: Microsoft
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 114 Blocked VLK 2
Microsoft Office Professional Edition 2003 - 114 Blocked VLK 2
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{F5E5F874-92F9-466B-97CE-0911680771EC}</UGUID><Version>1.9.0006.1</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-YD4YT</PKey><PID>55274-OEM-2211906-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-73586283-602609370-725345543</SID><SYSTEM><Manufacturer>Dell Computer Corporation </Manufacturer><Model>DIM4400 </Model></SYSTEM><BIOS><Manufacturer>Intel Corp.</Manufacturer><Version>A02</Version><SMBIOSVersion major="2" minor="3"/><Date>20011212000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>E6F0308F0184C04E</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.8.31.9"/><File Name="WgaLogon.dll" Version="1.8.31.9"/></GANotification></MachineData><Software><Office><Result>114</Result><Products><Product GUID="{90110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>114</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>59D1605114E3500</Val><Hash>vfZmaSmFPIYrLWTcZSZErUQg+Fo=</Hash><Pid>73931-640-0000106-57356</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="11" Result="114"/><App Id="16" Version="11" Result="114"/><App Id="18" Version="11" Result="114"/><App Id="19" Version="11" Result="114"/><App Id="1A" Version="11" Result="114"/><App Id="1B" Version="11" Result="114"/><App Id="44" Version="11" Result="114"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1E840:Dell Inc|112D6:Dell Inc|112D6:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A

#21
musikman

Posted 14 March 2009 - 07:15 PM

Member

Topic Starter
Member
81 posts

(((((((((( OTList Log_01 ))))))))))

OTListIt logfile created on: 3/14/2009 8:57:21 PM - Run 2
OTListIt2 by OldTimer - Version 2.0.3.8 Folder = C:\Documents and Settings\Tom Truong\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

255.29 Mb Total Physical Memory | 124.68 Mb Available Physical Memory | 48.84% Memory free
832.43 Mb Paging File | 570.28 Mb Available in Paging File | 68.51% Paging File free
Paging file location(s): C:\pagefile.sys 600 768;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 16.51 Gb Free Space | 44.36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOM-PC
Current User Name: Tom Truong
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/03/02 18:08:15 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/03/08 23:21:47 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2003/06/18 10:54:10 | 00,294,972 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
PRC - [2006/10/22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2003/06/16 19:02:24 | 00,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
PRC - [2004/08/11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2009/03/02 18:08:29 | 00,484,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/03/02 18:08:30 | 00,592,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2001/08/17 23:36:42 | 00,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe
PRC - [2009/03/02 18:08:17 | 00,903,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2008/01/08 17:20:44 | 00,451,896 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/03/02 18:08:28 | 00,687,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2008/04/13 20:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009/03/14 20:41:36 | 01,561,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Tom Truong\Desktop\MGADiag.exe
PRC - [2009/03/14 20:56:03 | 00,498,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom Truong\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/03/02 18:08:17 | 00,903,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/03/02 18:08:15 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/03/08 23:21:47 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003/06/18 10:54:10 | 00,294,972 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS [Auto | Running])
SRV - [2009/03/10 00:03:29 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [On_Demand | Stopped])
SRV - [2008/01/18 10:31:46 | 00,012,800 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache [On_Demand | Stopped])
SRV - [2008/01/08 17:20:44 | 00,451,896 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice [Auto | Running])
SRV - [2006/10/22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2003/05/14 02:45:04 | 00,065,795 | R--- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2003/06/16 19:02:24 | 00,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe -- (spkrmon [Auto | Running])
SRV - [2004/08/11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2002/04/01 15:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Stopped])
DRV - [2004/10/07 21:16:04 | 00,035,840 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K [System | Running])
DRV - [2009/03/02 18:08:49 | 00,325,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/03/02 18:08:47 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/03/02 18:08:58 | 00,107,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2001/08/17 14:28:04 | 00,067,167 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys -- (basic2 [On_Demand | Stopped])
DRV - [2001/08/17 13:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\ctljystk.sys -- (ctljystk [On_Demand | Running])
DRV - [2003/06/18 10:53:08 | 00,036,826 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\DcCam.sys -- (DcCam [System | Running])
DRV - [2003/06/18 10:53:08 | 00,061,568 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\DcFpoint.sys -- (DcFpoint [On_Demand | Stopped])
DRV - [2003/06/18 10:53:08 | 00,038,997 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\dcfs2k.sys -- (DCFS2K [Auto | Running])
DRV - [2003/06/18 10:53:08 | 00,008,058 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\DcLps.sys -- (DcLps [On_Demand | Stopped])
DRV - [2003/06/18 10:53:08 | 00,063,002 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\DcPTP.sys -- (DcPTP [On_Demand | Stopped])
DRV - [2001/08/17 13:11:42 | 00,029,696 | ---- | M] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\DRIVERS\DM9PCI5.SYS -- (DM9102 [On_Demand | Running])
DRV - [2003/03/04 12:56:26 | 00,145,408 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2001/08/17 13:19:26 | 00,283,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k [On_Demand | Running])
DRV - [2001/08/17 13:19:28 | 00,006,912 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1 [On_Demand | Running])
DRV - [2003/06/18 10:53:08 | 00,138,485 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\exportit.sys -- (Exportit [System | Stopped])
DRV - [2001/08/17 14:28:06 | 00,289,887 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys -- (Fallback [Auto | Running])
DRV - [2001/08/17 14:28:06 | 00,115,807 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys -- (Fsks [Auto | Running])
DRV - [2008/04/13 14:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2003/05/14 02:19:52 | 00,051,056 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2003/05/14 02:19:54 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2003/05/14 02:17:54 | 00,021,488 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2004/08/04 01:41:46 | 00,220,032 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys -- (HSFHWBS2 [On_Demand | Running])
DRV - [2004/08/04 01:41:54 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys -- (HSF_DP [On_Demand | Running])
DRV - [2001/08/17 14:28:10 | 00,542,879 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys -- (hsf_msft [On_Demand | Stopped])
DRV - [2001/08/17 14:28:08 | 00,391,199 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys -- (K56 [Auto | Running])
DRV - [2009/03/07 21:45:35 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2004/08/04 01:41:55 | 00,011,868 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2006/10/22 12:22:00 | 03,994,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2001/08/22 09:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI [System | Running])
DRV - [2008/01/08 17:16:10 | 00,023,992 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\system32\DRIVERS\pnarp.sys -- (pnarp [Auto | Running])
DRV - [2002/09/03 15:52:41 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/01/08 17:16:10 | 00,025,272 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\system32\DRIVERS\purendis.sys -- (purendis [Auto | Running])
DRV - [2001/08/17 14:28:10 | 00,057,471 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys -- (Rksample [On_Demand | Stopped])
DRV - [2009/02/17 11:43:28 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/02/17 11:43:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/02/17 11:43:28 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2001/08/17 13:19:34 | 00,036,480 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman [On_Demand | Running])
DRV - [2003/06/18 15:52:18 | 00,578,176 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Stopped])
DRV - [2001/08/17 14:28:06 | 00,199,711 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys -- (SoftFax [Auto | Running])
DRV - [2001/08/17 14:28:12 | 00,050,751 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys -- (Tones [Auto | Running])
DRV - [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2001/08/17 14:28:12 | 00,488,383 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_V124.sys -- (V124 [Auto | Running])
DRV - [2004/08/04 01:41:48 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys -- (winachsf [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cnn.com/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/03/02 18:08:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/08 23:21:49 | 00,000,000 | ---D | M]
[2007/02/28 22:31:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\huho8g4c.default\extensions
[2007/02/28 22:31:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\huho8g4c.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2007/02/28 22:37:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\t1dysgez.alex\extensions
[2007/02/28 22:37:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\t1dysgez.alex\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2006/06/04 20:28:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\t1dysgez.alex\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/03 01:31:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/02 21:10:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/02 21:10:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]

O1 HOSTS File: (738 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {92F02779-6D88-4958-8AD3-83C12D86ADC7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp3.dll (Pure Networks, Inc.)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/03/30 19:45:14 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/14 20:55:48 | 00,498,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tom Truong\Desktop\OTListIt2.exe
[2009/03/14 20:42:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2009/03/14 20:41:27 | 01,561,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Tom Truong\Desktop\MGADiag.exe
[2009/03/14 10:14:28 | 00,088,566 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/14 10:14:25 | 00,017,056 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/03/14 10:14:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/03/14 10:12:41 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/03/14 10:09:14 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009/03/14 09:40:37 | 00,001,666 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\PC Pitstop Driver Alert.lnk
[2009/03/14 09:40:35 | 00,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2009/03/08 23:39:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/03/08 23:38:16 | 00,000,785 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/03/08 23:37:39 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/03/08 23:37:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom Truong\Application Data\SUPERAntiSpyware.com
[2009/03/08 23:35:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/03/08 23:21:38 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/03/08 16:16:08 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/03/08 05:00:19 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/03/08 05:00:16 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/03/08 05:00:00 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/03/08 04:56:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/03 19:18:48 | 00,001,739 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\HijackThis.lnk
[2009/03/03 19:18:45 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/03/03 01:37:07 | 00,000,991 | ---- | C] () -- C:\My Documents\My Sharing Folders.lnk
[2009/03/03 01:11:57 | 00,000,484 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/03 01:03:53 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/03 00:59:23 | 00,000,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/03 00:56:58 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/03/03 00:56:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/03/03 00:41:52 | 00,000,821 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\AusLogics Registry Defrag.lnk
[2009/03/03 00:21:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom Truong\Application Data\Auslogics
[2009/03/03 00:21:45 | 00,000,806 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\AusLogics Disk Defrag.lnk
[2009/03/03 00:21:43 | 00,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2009/03/02 23:50:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/03/02 23:10:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/03/02 23:09:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/03/02 23:09:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/03/02 21:58:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/03/02 21:56:45 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/02 21:56:45 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/02 21:56:43 | 06,066,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/03/02 21:56:43 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/02 21:56:43 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/02 21:56:43 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/03/02 21:56:42 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/03/02 21:56:42 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/02 21:56:41 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/02 21:55:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/03/02 21:55:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/03/02 21:53:01 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/03/02 21:52:15 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/03/02 21:50:58 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/03/02 21:48:48 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/03/02 21:42:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/03/02 20:32:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom Truong\Application Data\Malwarebytes
[2009/03/02 20:32:13 | 00,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/02 20:32:12 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/02 20:32:09 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/02 20:32:07 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/02 20:32:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/02 20:10:46 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/03/02 18:17:13 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/03/02 18:08:59 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/03/02 18:08:58 | 00,107,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/03/02 18:08:49 | 00,325,128 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/03/02 18:08:47 | 00,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/03/02 18:08:40 | 34,058,980 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/03/02 18:08:40 | 00,401,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/03/02 18:08:40 | 00,037,735 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/03/02 18:08:39 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/03/02 18:08:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/03/02 18:08:13 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/03/02 18:08:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/03/02 18:00:34 | 00,000,000 | ---D | C] -- C:\Setups
[2009/03/02 17:36:29 | 01,846,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2009/03/02 17:36:05 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/03/02 17:36:02 | 02,189,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/03/02 17:35:56 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/03/02 17:35:52 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/03/02 17:31:48 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/03/02 17:30:53 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/03/02 17:28:23 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/03/02 17:21:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/03/02 17:19:52 | 00,000,241 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\Shortcut to Add or Remove Programs.lnk
[2009/03/02 16:43:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/14 20:56:03 | 00,498,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom Truong\Desktop\OTListIt2.exe
[2009/03/14 20:42:00 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/14 20:41:36 | 01,561,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Tom Truong\Desktop\MGADiag.exe
[2009/03/14 20:14:45 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/14 20:14:45 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/14 20:14:44 | 00,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/14 20:10:35 | 00,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/14 20:09:51 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/14 20:09:43 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/14 17:25:08 | 00,000,352 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2009/03/14 09:40:37 | 00,001,666 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\PC Pitstop Driver Alert.lnk
[2009/03/14 08:28:48 | 34,058,980 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/03/13 20:02:21 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/03/13 20:02:20 | 00,000,487 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/13 20:02:20 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/13 09:44:12 | 00,037,735 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/03/11 03:12:01 | 00,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 03:04:08 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/10 00:03:39 | 00,000,484 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/08 23:38:16 | 00,000,785 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/03/08 14:16:23 | 00,000,738 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/07 21:45:35 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/07 21:26:44 | 00,000,211 | ---- | M] () -- C:\Boot.bak
[2009/03/03 19:18:49 | 00,001,739 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\HijackThis.lnk
[2009/03/03 01:37:07 | 00,000,991 | ---- | M] () -- C:\My Documents\My Sharing Folders.lnk
[2009/03/03 00:59:23 | 00,000,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/03 00:41:52 | 00,000,821 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\AusLogics Registry Defrag.lnk
[2009/03/03 00:21:45 | 00,000,806 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\AusLogics Disk Defrag.lnk
[2009/03/02 23:51:28 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/03/02 23:47:20 | 06,441,166 | -H-- | M] () -- C:\Documents and Settings\Tom Truong\Local Settings\Application Data\IconCache.db
[2009/03/02 22:59:24 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/03/02 22:10:19 | 00,000,081 | -HS- | M] () -- C:\My Documents\desktop.ini
[2009/03/02 20:32:13 | 00,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/02 18:10:56 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/03/02 18:08:59 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/03/02 18:08:58 | 00,107,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/03/02 18:08:49 | 00,325,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/03/02 18:08:47 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/03/02 18:08:40 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/03/02 17:19:52 | 00,000,241 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\Shortcut to Add or Remove Programs.lnk
[2009/02/25 16:54:59 | 24,768,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

========== LOP Check ==========

[2009/03/14 20:42:03 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/03 00:59:39 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/03/08 14:27:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2004/03/30 20:19:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2004/03/30 20:40:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2009/03/02 17:16:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2009/03/03 00:56:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/03/02 17:23:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2007/12/10 19:14:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2009/03/02 20:32:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2007/11/30 22:08:48 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2005/02/09 18:07:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2009/03/14 20:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2008/07/11 17:15:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2005/02/02 23:06:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/03/08 23:39:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2006/10/11 13:20:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Support.com
[2004/03/30 20:23:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2006/06/08 20:30:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2007/09/22 12:34:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2009/03/02 17:41:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/03/08 23:37:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Tom Truong\Application Data
[2008/04/30 18:43:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Adobe
[2005/09/16 18:15:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Ahead
[2009/03/03 00:42:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Auslogics
[2006/10/17 16:25:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Creative
[2007/09/07 08:17:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\CyberLink
[2007/04/27 19:25:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Help
[2005/09/16 18:16:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Hewlett-Packard
[2004/03/30 19:49:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Identities
[2005/02/02 22:31:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\InterTrust
[2005/02/03 00:07:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Macromedia
[2009/03/02 20:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Malwarebytes
[2009/03/08 14:28:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Tom Truong\Application Data\Microsoft
[2005/02/02 22:39:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Mozilla
[2005/09/24 17:42:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\MSN6
[2005/02/11 02:56:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Sun
[2009/03/08 23:37:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\SUPERAntiSpyware.com
[2005/02/02 22:39:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Talkback
[2009/03/02 17:41:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Yahoo!
[2006/06/10 02:16:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Yahoo! Messenger
[2009/03/10 00:03:39 | 00,000,484 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2002/09/03 15:48:04 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/03/14 17:25:08 | 00,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\HP Usg Daily.job
[2009/03/14 20:09:51 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

< End of report >

#22
musikman

Posted 14 March 2009 - 07:17 PM

Member

Topic Starter
Member
81 posts

(((((((((( OTList Log 2 Desktop ))))))))))

OTListIt logfile created on: 3/14/2009 8:57:21 PM - Run 2
OTListIt2 by OldTimer - Version 2.0.3.8 Folder = C:\Documents and Settings\Tom Truong\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

255.29 Mb Total Physical Memory | 124.68 Mb Available Physical Memory | 48.84% Memory free
832.43 Mb Paging File | 570.28 Mb Available in Paging File | 68.51% Paging File free
Paging file location(s): C:\pagefile.sys 600 768;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 16.51 Gb Free Space | 44.36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOM-PC
Current User Name: Tom Truong
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/03/02 18:08:15 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/03/08 23:21:47 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2003/06/18 10:54:10 | 00,294,972 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
PRC - [2006/10/22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2003/06/16 19:02:24 | 00,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
PRC - [2004/08/11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2009/03/02 18:08:29 | 00,484,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/03/02 18:08:30 | 00,592,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2001/08/17 23:36:42 | 00,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe
PRC - [2009/03/02 18:08:17 | 00,903,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2008/01/08 17:20:44 | 00,451,896 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/03/02 18:08:28 | 00,687,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2008/04/13 20:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009/03/14 20:41:36 | 01,561,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Tom Truong\Desktop\MGADiag.exe
PRC - [2009/03/14 20:56:03 | 00,498,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom Truong\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/03/02 18:08:17 | 00,903,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/03/02 18:08:15 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/03/08 23:21:47 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2003/06/18 10:54:10 | 00,294,972 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS [Auto | Running])
SRV - [2009/03/10 00:03:29 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [On_Demand | Stopped])
SRV - [2008/01/18 10:31:46 | 00,012,800 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache [On_Demand | Stopped])
SRV - [2008/01/08 17:20:44 | 00,451,896 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice [Auto | Running])
SRV - [2006/10/22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2003/05/14 02:45:04 | 00,065,795 | R--- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2003/06/16 19:02:24 | 00,061,440 | ---- | M] () -- C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe -- (spkrmon [Auto | Running])
SRV - [2004/08/11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2002/04/01 15:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Stopped])
DRV - [2004/10/07 21:16:04 | 00,035,840 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K [System | Running])
DRV - [2009/03/02 18:08:49 | 00,325,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/03/02 18:08:47 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/03/02 18:08:58 | 00,107,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2001/08/17 14:28:04 | 00,067,167 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys -- (basic2 [On_Demand | Stopped])
DRV - [2001/08/17 13:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\ctljystk.sys -- (ctljystk [On_Demand | Running])
DRV - [2003/06/18 10:53:08 | 00,036,826 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\DcCam.sys -- (DcCam [System | Running])
DRV - [2003/06/18 10:53:08 | 00,061,568 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\DcFpoint.sys -- (DcFpoint [On_Demand | Stopped])
DRV - [2003/06/18 10:53:08 | 00,038,997 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\dcfs2k.sys -- (DCFS2K [Auto | Running])
DRV - [2003/06/18 10:53:08 | 00,008,058 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\DcLps.sys -- (DcLps [On_Demand | Stopped])
DRV - [2003/06/18 10:53:08 | 00,063,002 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\DcPTP.sys -- (DcPTP [On_Demand | Stopped])
DRV - [2001/08/17 13:11:42 | 00,029,696 | ---- | M] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\DRIVERS\DM9PCI5.SYS -- (DM9102 [On_Demand | Running])
DRV - [2003/03/04 12:56:26 | 00,145,408 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2001/08/17 13:19:26 | 00,283,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k [On_Demand | Running])
DRV - [2001/08/17 13:19:28 | 00,006,912 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1 [On_Demand | Running])
DRV - [2003/06/18 10:53:08 | 00,138,485 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\System32\DRIVERS\exportit.sys -- (Exportit [System | Stopped])
DRV - [2001/08/17 14:28:06 | 00,289,887 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys -- (Fallback [Auto | Running])
DRV - [2001/08/17 14:28:06 | 00,115,807 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys -- (Fsks [Auto | Running])
DRV - [2008/04/13 14:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2003/05/14 02:19:52 | 00,051,056 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2003/05/14 02:19:54 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2003/05/14 02:17:54 | 00,021,488 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2004/08/04 01:41:46 | 00,220,032 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys -- (HSFHWBS2 [On_Demand | Running])
DRV - [2004/08/04 01:41:54 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys -- (HSF_DP [On_Demand | Running])
DRV - [2001/08/17 14:28:10 | 00,542,879 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys -- (hsf_msft [On_Demand | Stopped])
DRV - [2001/08/17 14:28:08 | 00,391,199 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys -- (K56 [Auto | Running])
DRV - [2009/03/07 21:45:35 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2004/08/04 01:41:55 | 00,011,868 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2006/10/22 12:22:00 | 03,994,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2001/08/22 09:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI [System | Running])
DRV - [2008/01/08 17:16:10 | 00,023,992 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\system32\DRIVERS\pnarp.sys -- (pnarp [Auto | Running])
DRV - [2002/09/03 15:52:41 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/01/08 17:16:10 | 00,025,272 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\system32\DRIVERS\purendis.sys -- (purendis [Auto | Running])
DRV - [2001/08/17 14:28:10 | 00,057,471 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys -- (Rksample [On_Demand | Stopped])
DRV - [2009/02/17 11:43:28 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/02/17 11:43:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/02/17 11:43:28 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])
DRV - [2001/08/17 13:19:34 | 00,036,480 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman [On_Demand | Running])
DRV - [2003/06/18 15:52:18 | 00,578,176 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Stopped])
DRV - [2001/08/17 14:28:06 | 00,199,711 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys -- (SoftFax [Auto | Running])
DRV - [2001/08/17 14:28:12 | 00,050,751 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys -- (Tones [Auto | Running])
DRV - [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2001/08/17 14:28:12 | 00,488,383 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\HSF_V124.sys -- (V124 [Auto | Running])
DRV - [2004/08/04 01:41:48 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys -- (winachsf [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....e...-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cnn.com/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/03/02 18:08:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/08 23:21:49 | 00,000,000 | ---D | M]
[2007/02/28 22:31:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\huho8g4c.default\extensions
[2007/02/28 22:31:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\huho8g4c.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2007/02/28 22:37:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\t1dysgez.alex\extensions
[2007/02/28 22:37:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\t1dysgez.alex\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2006/06/04 20:28:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\mozilla\Firefox\Profiles\t1dysgez.alex\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/03 01:31:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/02 21:10:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/02 21:10:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]

O1 HOSTS File: (738 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5AA06644-BC46-4220-A460-47A6EB47C96D} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {92F02779-6D88-4958-8AD3-83C12D86ADC7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp3.dll (Pure Networks, Inc.)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/03/30 19:45:14 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/14 20:55:48 | 00,498,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tom Truong\Desktop\OTListIt2.exe
[2009/03/14 20:42:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2009/03/14 20:41:27 | 01,561,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Tom Truong\Desktop\MGADiag.exe
[2009/03/14 10:14:28 | 00,088,566 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/14 10:14:25 | 00,017,056 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2009/03/14 10:14:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/03/14 10:12:41 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/03/14 10:09:14 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009/03/14 09:40:37 | 00,001,666 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\PC Pitstop Driver Alert.lnk
[2009/03/14 09:40:35 | 00,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2009/03/08 23:39:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/03/08 23:38:16 | 00,000,785 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/03/08 23:37:39 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/03/08 23:37:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom Truong\Application Data\SUPERAntiSpyware.com
[2009/03/08 23:35:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/03/08 23:21:38 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/03/08 16:16:08 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/03/08 05:00:19 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/03/08 05:00:16 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/03/08 05:00:00 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/03/08 04:56:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/03 19:18:48 | 00,001,739 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\HijackThis.lnk
[2009/03/03 19:18:45 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/03/03 01:37:07 | 00,000,991 | ---- | C] () -- C:\My Documents\My Sharing Folders.lnk
[2009/03/03 01:11:57 | 00,000,484 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/03 01:03:53 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/03 00:59:23 | 00,000,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/03 00:56:58 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/03/03 00:56:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/03/03 00:41:52 | 00,000,821 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\AusLogics Registry Defrag.lnk
[2009/03/03 00:21:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom Truong\Application Data\Auslogics
[2009/03/03 00:21:45 | 00,000,806 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\AusLogics Disk Defrag.lnk
[2009/03/03 00:21:43 | 00,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2009/03/02 23:50:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/03/02 23:10:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/03/02 23:09:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/03/02 23:09:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/03/02 21:58:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2009/03/02 21:56:45 | 00,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/03/02 21:56:45 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/03/02 21:56:43 | 06,066,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/03/02 21:56:43 | 00,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2009/03/02 21:56:43 | 00,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/03/02 21:56:43 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2009/03/02 21:56:42 | 02,455,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2009/03/02 21:56:42 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2009/03/02 21:56:41 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2009/03/02 21:55:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/03/02 21:55:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/03/02 21:53:01 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2009/03/02 21:52:15 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2009/03/02 21:50:58 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2009/03/02 21:48:48 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmllite.dll
[2009/03/02 21:42:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/03/02 20:32:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Tom Truong\Application Data\Malwarebytes
[2009/03/02 20:32:13 | 00,000,701 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/02 20:32:12 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/02 20:32:09 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/02 20:32:07 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/02 20:32:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/02 20:10:46 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/03/02 18:17:13 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/03/02 18:08:59 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/03/02 18:08:58 | 00,107,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/03/02 18:08:49 | 00,325,128 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/03/02 18:08:47 | 00,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/03/02 18:08:40 | 34,058,980 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/03/02 18:08:40 | 00,401,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/03/02 18:08:40 | 00,037,735 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/03/02 18:08:39 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/03/02 18:08:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/03/02 18:08:13 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/03/02 18:08:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/03/02 18:00:34 | 00,000,000 | ---D | C] -- C:\Setups
[2009/03/02 17:36:29 | 01,846,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2009/03/02 17:36:05 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/03/02 17:36:02 | 02,189,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/03/02 17:35:56 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/03/02 17:35:52 | 02,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/03/02 17:31:48 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/03/02 17:30:53 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/03/02 17:28:23 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/03/02 17:21:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/03/02 17:19:52 | 00,000,241 | ---- | C] () -- C:\Documents and Settings\Tom Truong\Desktop\Shortcut to Add or Remove Programs.lnk
[2009/03/02 16:43:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/14 20:56:03 | 00,498,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom Truong\Desktop\OTListIt2.exe
[2009/03/14 20:42:00 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/14 20:41:36 | 01,561,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Tom Truong\Desktop\MGADiag.exe
[2009/03/14 20:14:45 | 00,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/14 20:14:45 | 00,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/14 20:14:44 | 00,356,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/14 20:10:35 | 00,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/14 20:09:51 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/14 20:09:43 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/14 17:25:08 | 00,000,352 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2009/03/14 09:40:37 | 00,001,666 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\PC Pitstop Driver Alert.lnk
[2009/03/14 08:28:48 | 34,058,980 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/03/13 20:02:21 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/03/13 20:02:20 | 00,000,487 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/03/13 20:02:20 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/03/13 09:44:12 | 00,037,735 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/03/11 03:12:01 | 00,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 03:04:08 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/10 00:03:39 | 00,000,484 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/08 23:38:16 | 00,000,785 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/03/08 14:16:23 | 00,000,738 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/03/07 21:45:35 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/03/07 21:26:44 | 00,000,211 | ---- | M] () -- C:\Boot.bak
[2009/03/03 19:18:49 | 00,001,739 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\HijackThis.lnk
[2009/03/03 01:37:07 | 00,000,991 | ---- | M] () -- C:\My Documents\My Sharing Folders.lnk
[2009/03/03 00:59:23 | 00,000,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/03/03 00:41:52 | 00,000,821 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\AusLogics Registry Defrag.lnk
[2009/03/03 00:21:45 | 00,000,806 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\AusLogics Disk Defrag.lnk
[2009/03/02 23:51:28 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/03/02 23:47:20 | 06,441,166 | -H-- | M] () -- C:\Documents and Settings\Tom Truong\Local Settings\Application Data\IconCache.db
[2009/03/02 22:59:24 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/03/02 22:10:19 | 00,000,081 | -HS- | M] () -- C:\My Documents\desktop.ini
[2009/03/02 20:32:13 | 00,000,701 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/03/02 18:10:56 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/03/02 18:08:59 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/03/02 18:08:58 | 00,107,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/03/02 18:08:49 | 00,325,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/03/02 18:08:47 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/03/02 18:08:40 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/03/02 17:19:52 | 00,000,241 | ---- | M] () -- C:\Documents and Settings\Tom Truong\Desktop\Shortcut to Add or Remove Programs.lnk
[2009/02/25 16:54:59 | 24,768,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

========== LOP Check ==========

[2009/03/14 20:42:03 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/03 00:59:39 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
[2009/03/08 14:27:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2004/03/30 20:19:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2004/03/30 20:40:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2009/03/02 17:16:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kodak
[2009/03/03 00:56:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/03/02 17:23:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2007/12/10 19:14:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2009/03/02 20:32:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2007/11/30 22:08:48 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2005/02/09 18:07:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2009/03/14 20:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2008/07/11 17:15:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2005/02/02 23:06:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2009/03/08 23:39:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2006/10/11 13:20:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Support.com
[2004/03/30 20:23:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2006/06/08 20:30:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2007/09/22 12:34:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2009/03/02 17:41:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/03/08 23:37:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Tom Truong\Application Data
[2008/04/30 18:43:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Adobe
[2005/09/16 18:15:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Ahead
[2009/03/03 00:42:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Auslogics
[2006/10/17 16:25:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Creative
[2007/09/07 08:17:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\CyberLink
[2007/04/27 19:25:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Help
[2005/09/16 18:16:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Hewlett-Packard
[2004/03/30 19:49:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Identities
[2005/02/02 22:31:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\InterTrust
[2005/02/03 00:07:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Macromedia
[2009/03/02 20:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Malwarebytes
[2009/03/08 14:28:05 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Tom Truong\Application Data\Microsoft
[2005/02/02 22:39:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Mozilla
[2005/09/24 17:42:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\MSN6
[2005/02/11 02:56:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Sun
[2009/03/08 23:37:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\SUPERAntiSpyware.com
[2005/02/02 22:39:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Talkback
[2009/03/02 17:41:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Yahoo!
[2006/06/10 02:16:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Tom Truong\Application Data\Yahoo! Messenger
[2009/03/10 00:03:39 | 00,000,484 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2002/09/03 15:48:04 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/03/14 17:25:08 | 00,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\HP Usg Daily.job
[2009/03/14 20:09:51 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

< End of report >

#23
andrewuk

Posted 14 March 2009 - 07:36 PM

Trusted Helper

Malware Removal
5,297 posts

the issue you have with your Office updates is to do with your Office software. you should go to the microsoft forums Microsoft Office Forum and post your problem. they will be able to help you. you will need to post the MGA Diagnostic in your first post to them.

also, you no longer need the OTListIT program. double click the icon on the desk top to open the program and then click Cleanup the clear the program off your machine.

as for the speed issues, you could try uninstalling and reinstalling your AVG. a long shot, but perhaps worth a try. also, make sure all your drivers are fully updated.

andrewuk

#24
andrewuk

Posted 22 March 2009 - 09:43 AM

Trusted Helper

Malware Removal
5,297 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.