I have the "Extras.txt" log if you need it posted too.
Rooter:
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:238472 Mo/Free:1023 Mo)
D:\ [Fixed] - NTFS - (Total:238472 Mo/Free:933 Mo)
E:\ [Removable] (Total:0 Mo/Free:0 Mo)
F:\ [Removable] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:0 Mo/Free:0 Mo)
H:\ [Removable] (Total:0 Mo/Free:0 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)
J:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Tue 03/17/2009| 7:13
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Windows Defender\MsMpEng.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
---------- C:\WINDOWS\System32\hphmon04.exe
---------- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
---------- C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
---------- C:\Program Files\Winamp\winampa.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\PROGRA~1\AVG\AVG8\avgtray.exe
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
---------- C:\WINDOWS\RTHDCPL.EXE
---------- C:\WINDOWS\SOUNDMAN.EXE
---------- C:\Program Files\Windows Live\Family Safety\fsui.exe
---------- C:\Documents and Settings\Metcalf's\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
---------- C:\Program Files\Electronic Arts\EADM\Core.exe
---------- C:\program files\steam\steam.exe
---------- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
---------- C:\Program Files\DNA\btdna.exe
---------- C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Corel\WordPerfect Office 2000\Register\Remind32.exe
---------- C:\PROGRA~1\MICROS~3\rapimgr.exe
---------- C:\Program Files\palmOne\Hotsync.exe
---------- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
---------- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
---------- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\OpenOffice.org 3\program\soffice.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\Program Files\OpenOffice.org 3\program\soffice.bin
---------- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
---------- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
---------- C:\WINDOWS\system32\PnkBstrA.exe
---------- C:\WINDOWS\system32\PnkBstrB.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\PROGRA~1\AVG\AVG8\avgemc.exe
---------- C:\Program Files\AVG\AVG8\avgcsrvx.exe
---------- C:\WINDOWS\System32\HPHipm11.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\MSN\MSNCoreFiles\MSN.EXE
---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---------- C:\Program Files\Windows Live\Contacts\wlcomm.exe
---------- C:\WINDOWS\system32\drwtsn32.exe
---------- C:\WINDOWS\system32\drwtsn32.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
1 - "C:\Rooter$\Rooter_1.txt" - Tue 03/17/2009| 7:16
----------------------\\ Scan completed at 7:16
OTListIt Log:
OTListIt logfile created on: 3/17/2009 7:21:14 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.6.0 Folder = C:\Documents and Settings\Metcalf's\My Documents\My Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 73.00 Gb Free Space | 31.35% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 112.91 Gb Free Space | 48.48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FAMILY
Current User Name: Metcalf's
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
PRC - C:\WINDOWS\System32\hphmon04.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe ()
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Metcalf's\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
PRC - C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
PRC - C:\program files\steam\steam.exe (Valve Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Corel\WordPerfect Office 2000\Register\Remind32.exe (IntelliQuest Communications, Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Program Files\palmOne\Hotsync.exe (PalmSource, Inc)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
PRC - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe ()
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\system32\PnkBstrA.exe ()
PRC - C:\WINDOWS\system32\PnkBstrB.exe ()
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\System32\HPHipm11.exe (HP)
PRC - C:\Program Files\MSN\MSNCoreFiles\MSN.EXE (Microsoft Corporation)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\drwtsn32.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\drwtsn32.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Metcalf's\My Documents\My Downloads\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (aawservice [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8emc [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (fsssvc [Auto | Running]) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (GEST Service [Auto | Running]) -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe ()
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (ITGrdEngine [Auto | Stopped]) -- File not found
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Macromedia Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe (Macromedia)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPH11 [On_Demand | Running]) -- C:\WINDOWS\System32\HPHipm11.exe (HP)
SRV - (PnkBstrA [Auto | Running]) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (PnkBstrB [Auto | Running]) -- C:\WINDOWS\system32\PnkBstrB.exe ()
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (AFS2K [System | Running]) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (ALCXWDM [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALIEHCD [Auto | Stopped]) -- C:\WINDOWS\System32\Drivers\ALIEHCI.sys (ULi Corporation)
DRV - (AliIde [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (aliroothub [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\AliRtHub.sys (ULi Corporation)
DRV - (asbp2poa [On_Demand | Stopped]) -- C:\Documents and Settings\Metcalf's\Local Settings\Temp\asbp2poa.sys ()
DRV - (Aspi32 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (atksgt [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\atksgt.sys ()
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Dot4 HPH11 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\hphid411.sys (HP)
DRV - (Dot4Print HPH11 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\hphipr11.sys (HP)
DRV - (Dot4Storage HPH11 [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\hphs2k11.sys (Hewlett-Packard)
DRV - (Dot4Usb HPH11 [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\hphius11.sys (HP)
DRV - (es1371 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\es1371mp.sys (Creative Technology Ltd.)
DRV - (fssfltr [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (gdrv [On_Demand | Running]) -- C:\WINDOWS\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (ip100xp [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ipfnd51.sys (IC Plus Corp. )
DRV - (lirsgt [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\lirsgt.sys ()
DRV - (msloop [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\loop.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (PalmUSBD [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\PalmUSBD.sys (PalmSource, Inc.)
DRV - (pgfilter [On_Demand | Stopped]) -- C:\Program Files\PeerGuardian2\pgfilter.sys ()
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTLE8023xp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SONYPVU1 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS (Sony Corporation)
DRV - (wceusbsh [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\wceusbsh.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/02/04 11:06:55 | 00,000,000 | ---D | M]
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun (Microsoft Corporation)
O4 - HKLM..\Run: [GEST] = File not found
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [HPHmon04] C:\WINDOWS\System32\hphmon04.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" (Hewlett-Packard)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" (ScanSoft, Inc.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" ()
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent (Electronic Arts)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [SansaDispatch] C:\Documents and Settings\Metcalf's\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [Steam] "c:\program files\steam\steam.exe" -silent (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Corel Registration.lnk = C:\Program Files\Corel\WordPerfect Office 2000\Register\Remind32.exe (IntelliQuest Communications, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\palmOne\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Metcalf's\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Metcalf's\Start Menu\Programs\Startup\palmOne Registration.lnk = C:\Program Files\palmOne\register.exe (palmOne/Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: //@mail.mar@ ([]msn in Local intranet)
O15 - HKCU\..Trusted Sites: //@signup.mar@ ([]msn in My Computer)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - D:\AUTOEXEC.BAT () - [ NTFS ]
O33 - MountPoints2\{1cab0305-92f6-11dd-b965-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{1cab0305-92f6-11dd-b965-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1cab0305-92f6-11dd-b965-806d6172696f}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{c414aaf2-a294-11dd-a81c-00508d7e8105}\Shell\AutoRun\command - "" = K:\wd_windows_tools\WDSetup.exe -- File not found
========== Files/Folders - Created Within 30 Days ==========
[3 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/17 07:13:05 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/03/17 06:50:47 | 00,001,743 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Desktop\HijackThis.lnk
[2009/03/17 06:50:46 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/03/16 12:27:41 | 00,166,552 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Desktop\left4dead0001.JPG
[2009/03/16 12:22:34 | 03,246,739 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Desktop\left4dead.JPG
[2009/03/11 21:55:20 | 00,000,873 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
[2009/03/11 21:54:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Application Data\OpenOffice.org
[2009/03/11 21:54:08 | 00,000,905 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.0.lnk
[2009/03/11 21:53:25 | 00,000,000 | ---D | C] -- C:\Program Files\JRE
[2009/03/11 21:53:21 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2009/03/11 21:52:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Desktop\OpenOffice.org 3.0 (en-US) Installation Files
[2009/03/11 21:18:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\My Documents\My Weblog Posts
[2009/03/11 21:18:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Local Settings\Application Data\Windows Live Writer
[2009/03/11 21:18:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Application Data\Windows Live Writer
[2009/03/11 11:19:51 | 00,080,605 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Desktop\Jaran Driving Record.pdf
[2009/03/10 23:14:03 | 00,055,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2009/03/10 23:13:05 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/03/10 23:12:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/03/10 23:12:48 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/03/10 23:05:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009/03/10 17:12:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Local Settings\Application Data\Fallout3
[2009/03/10 17:03:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fallout3
[2009/03/10 17:01:58 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/03/10 17:00:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/03/10 16:59:41 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/03/10 16:59:21 | 00,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2009/03/10 16:58:04 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/03/10 16:57:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/03/10 16:56:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2009/03/10 16:35:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Local Settings\Application Data\Electronic Arts
[2009/03/10 16:12:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\My Documents\Electronic Arts
[2009/03/08 21:53:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Desktop\Zack!
[2009/03/08 04:16:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\My Documents\WBGames
[2009/03/07 22:41:22 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/03/07 22:41:21 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/03/07 22:41:21 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/03/07 22:41:21 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/03/07 14:57:42 | 00,111,360 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys
[2009/03/07 14:57:42 | 00,009,728 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/03/07 14:57:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2009/03/07 14:53:59 | 00,000,553 | R--- | C] () -- C:\WINDOWS\USetup.iss
[2009/03/07 14:53:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2009/03/07 14:52:58 | 02,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2009/03/07 14:52:55 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/03/07 14:47:12 | 00,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2009/03/07 14:47:12 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009/03/07 14:47:05 | 00,000,000 | ---D | C] -- C:\Intel
[2009/03/07 14:46:45 | 00,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2009/03/07 14:41:22 | 00,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbuhci.sys
[2009/03/07 14:41:22 | 00,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2009/03/07 14:40:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2009/03/07 14:40:54 | 00,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2009/03/04 21:51:12 | 00,051,200 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/04 18:54:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Local Settings\Application Data\PunkBuster
[2009/03/04 18:49:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Application Data\id Software
[2009/03/04 18:48:27 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/03/04 18:48:26 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Application Data\PnkBstrK.sys
[2009/03/04 18:48:08 | 00,107,832 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/03/04 18:48:05 | 02,246,144 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/03/04 18:48:05 | 00,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/03/04 18:48:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\id Software
[2009/03/03 23:33:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/03/03 23:32:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/03/03 23:27:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/03/03 23:27:35 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/02/26 18:49:04 | 01,069,293 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Desktop\Marcia 3.jpg
[2009/02/26 18:48:00 | 01,403,184 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Desktop\Marcia.jpg
[2009/02/23 18:48:34 | 00,000,000 | ---D | C] -- C:\Program Files\SEGA
[2009/02/22 00:04:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Desktop\Trip Pics
[2009/02/21 11:52:32 | 00,000,000 | ---D | C] -- C:\Program Files\Sierra Entertainment
[2009/02/20 00:25:07 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2009/02/20 00:24:53 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2009/02/20 00:22:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Local Settings\Application Data\Microsoft Help
[2009/02/20 00:22:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/02/20 00:22:18 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2009/02/19 23:23:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Desktop\Downloads
[2009/02/19 23:23:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\Application Data\GetRightToGo
[2009/02/19 23:09:54 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2009/02/19 21:45:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Metcalf's\My Documents\WINDOWSMOBILE40 My Documents
[2009/02/19 21:41:51 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Metcalf's\Application Data\$_hpcst$.hpc
========== Files - Modified Within 30 Days ==========
[3 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/03/17 06:57:47 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/03/17 06:50:47 | 00,001,743 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Desktop\HijackThis.lnk
[2009/03/17 06:38:53 | 00,000,812 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Start Menu\Programs\Startup\palmOne Registration.lnk
[2009/03/17 06:37:34 | 00,198,568 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/03/17 06:37:31 | 00,012,692 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/03/17 06:37:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/03/17 06:37:27 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/03/16 12:27:41 | 00,166,552 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Desktop\left4dead0001.JPG
[2009/03/16 12:22:35 | 03,246,739 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Desktop\left4dead.JPG
[2009/03/16 12:22:11 | 00,054,780 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2009/03/16 11:05:01 | 34,098,246 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/03/15 11:15:25 | 00,037,975 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/03/12 12:08:02 | 00,055,376 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/12 12:07:45 | 00,227,208 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/11 21:55:20 | 00,000,873 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
[2009/03/11 21:54:08 | 00,000,905 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.0.lnk
[2009/03/11 11:19:51 | 00,080,605 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Desktop\Jaran Driving Record.pdf
[2009/03/11 00:57:40 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/03/10 23:23:48 | 00,503,200 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/10 23:23:48 | 00,428,254 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/10 23:23:48 | 00,066,928 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/03/10 23:13:42 | 00,000,924 | ---- | M] () -- C:\Documents and Settings\Metcalf's\My Documents\My Sharing Folders.lnk
[2009/03/10 16:35:05 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/03/09 22:33:54 | 01,576,144 | -H-- | M] () -- C:\Documents and Settings\Metcalf's\Local Settings\Application Data\IconCache.db
[2009/03/08 10:53:44 | 00,039,936 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/07 22:46:58 | 00,000,204 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
[2009/03/07 22:38:55 | 00,012,692 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2009/03/04 21:51:12 | 00,051,200 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Application Data\GDIPFONTCACHEV1.DAT
[2009/03/04 18:48:26 | 00,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/03/04 18:48:26 | 00,022,328 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Application Data\PnkBstrK.sys
[2009/03/04 18:48:15 | 00,107,832 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/03/04 18:48:05 | 02,246,144 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/03/04 18:48:05 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/02/26 18:49:06 | 01,069,293 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Desktop\Marcia 3.jpg
[2009/02/26 18:48:01 | 01,403,184 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Desktop\Marcia.jpg
[2009/02/25 19:39:19 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EA Download Manager.lnk
[2009/02/25 12:55:00 | 24,768,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/02/21 04:08:51 | 00,000,680 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/02/21 01:09:06 | 00,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2009/02/19 23:21:22 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\NEWSOFT
[2009/02/19 21:41:51 | 00,002,528 | ---- | M] () -- C:\Documents and Settings\Metcalf's\Application Data\$_hpcst$.hpc
[2009/02/18 17:37:39 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
< End of report >
Thank you for any help you can offer.
Rokk
Sign In
Create Account
