Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

CPU Usage 100% and Internet connects only sometimes in IE? [Solved]


  • This topic is locked This topic is locked

#1
dch1314

dch1314

    Member

  • Member
  • PipPipPip
  • 238 posts
Hi, I have been having Major problems that are really aggravating to me lately. For starters, when I open IE to do my college work (IE is required) it connects sometimes and sometimes it never load or show the can't connect message. However, while it's not connecting on IE its fully functional on Firefox. I know there is a add on for Firefox but my point is the problem is bigger than me just using IE I know I have a problem of some sort.

Now on to my second question is that for the last 3 days my CPU Usage have been at enormous rates when I browse the internet. It lags my computer and when I try to minimize open programs it never can close all things so that I can see the desktop. I don't know what the problem is but after search the internet for answers I see that the problem is common but results may vary so I would like if someone can help me personally. I would just like to fix those 2 problems so my computer can function correctly again. Thanks

My HiJack This Logfile is below

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:09:45 PM, on 4/14/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Compaq_Owner\Desktop\VundoFix.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,"C:\WINDOWS\server.exe",
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - http://lads.myspace....ploader1006.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
O23 - Service: Google Update Service (gupdate1c90a39ee8665ee) (gupdate1c90a39ee8665ee) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 8284 bytes

Edited by dch1314, 14 April 2009 - 01:10 PM.

  • 0

Advertisements


#2
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
now it's not explorer.exe taking all the cpu usage but it continues to reach 100% constantly
  • 0

#3
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
can I get some help on my problem....is anything suspicious about the logfile?
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there if you bump your topic we will think you are being helped as we look for zero replies

Lets see what you have first

Download Rooter.exe to your desktop
  • Doubleclick it to start the tool.
  • A Notepad file containing the report will open, also found at %systemdrive%(usually C:)\Rooter.txt. Copy and paste it with your OTLI log.

THEN

  • Download OTListIt2 to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  • 0

#5
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:107198 Mo/Free:3700 Mo)
D:\ [Fixed] - FAT32 - (Total:7250 Mo/Free:380 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

Fri 04/17/2009|16:27

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Windows Defender\MsMpEng.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
--Locked-- AVGIDSAgent.exe
---------- C:\Program Files\Google\Update\GoogleUpdate.exe
---------- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
---------- C:\PROGRA~1\AVG\AVG8\avgfws8.exe
--Locked-- AVGIDSWatcher.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
---------- C:\PROGRA~1\AVG\AVG8\avgam.exe
---------- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
---------- C:\Program Files\AVG\AVG8\avgcsrvx.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\PROGRA~1\AVG\AVG8\avgnsx.exe
---------- C:\Program Files\Windows Defender\MpCmdRun.exe
---------- C:\WINDOWS\system32\wuauclt.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\system32\wuauclt.exe
---------- C:\WINDOWS\system32\NOTEPAD.EXE
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\WINDOWS\RTHDCPL.EXE
---------- C:\PROGRA~1\AVG\AVG8\avgtray.exe
--Locked-- AVGIDSUI.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
---------- C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe
---------- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\COMPAQ~1\Local Settings\Temporary Internet Files\Content.IE5\34BGW3A1\crackle_myspace_CMCC_leader_728x90[1].jpg
C:\DOCUME~1\COMPAQ~1\Local Settings\Temporary Internet Files\Content.IE5\34BGW3A1\crackle_myspace_truecolors_leader_728x90[1].jpg


1 - "C:\Rooter$\Rooter_1.txt" - Fri 04/17/2009|16:28

----------------------\\ Scan completed at 16:28
  • 0

#6
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
OTListIt logfile created on: 4/17/2009 4:37:19 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 501.00 Mb Available Physical Memory | 52.27% Memory free
1.52 Gb Paging File | 1.06 Gb Available in Paging File | 69.90% Paging File free
Paging file location(s): C:\pagefile.sys 684 2688;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.69 Gb Total Space | 67.73 Gb Free Space | 64.70% Space Free | Partition Type: NTFS
Drive D: | 7.08 Gb Total Space | 0.37 Gb Free Space | 5.24% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHUCKY
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe (AVG)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe (AVG)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\AVG\AVG8\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe (AVG)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe (AVG)
PRC - C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (Yahoo! Inc.)
PRC - C:\Documents and Settings\Compaq_Owner\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws8 [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent [Auto | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe (AVG)
SRV - (AVGIDSWatcher [Auto | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe (AVG)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1c90a39ee8665ee [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (YahooAUService [Auto | Running]) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (Avgfwdx [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwfd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSDriver.sys (AVG Technologies )
DRV - (AVGIDSErHr [Boot | Running]) -- C:\WINDOWS\System32\Drivers\AVGIDSErHr.sys (AVG Technologies )
DRV - (AVGIDSFilter [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSFilter.sys (AVG Technologies )
DRV - (AVGIDSShim [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSShim.sys (AVG Technologies )
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (bb-run [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\bb-run.sys (Promise Technology, Inc.)
DRV - (ftsata2 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys (Promise Technology, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (pcouffin [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/defaultb.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.0
FF - prefs.js..extensions.enabledItems: {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.0.20080710
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.0
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090207
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071302000002
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.7pre.080917
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.6
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - prefs.js..keyword.URL: "http://search.yahoo....8&fr=megaup&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/04/09 16:03:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\PROGRAM FILES\AVG\AVG8\TOOLBARFF [2009/04/09 16:03:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/13 15:26:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/09 23:58:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/09 23:01:59 | 00,000,000 | ---D | M]

[2008/08/27 19:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions
[2008/08/27 19:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/15 11:55:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions
[2009/04/07 21:03:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2008/07/23 10:08:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/02/23 23:07:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2008/09/19 00:42:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2009/03/13 18:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\[email protected]
[2008/12/18 10:23:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\[email protected]
[2008/12/12 13:23:54 | 00,002,158 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\9dt86hxb.default\searchplugins\MySpace.xml
[2008/02/10 04:00:03 | 00,000,277 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\9dt86hxb.default\searchplugins\search.xml
[2007/12/11 10:47:02 | 00,002,386 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\9dt86hxb.default\searchplugins\siteadvisor.xml
[2008/08/27 23:00:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/09 23:01:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/26 14:11:21 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/26 14:11:22 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 13:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 13:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 13:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 13:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 13:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 13:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 13:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (288168 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 9932 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" (AVG)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (Reg Error: Key error.)
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} http://chat.yahoo.com/cab/yuplapp.cab (Yahoo! Webcam Upload Wrapper)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - ("C:\WINDOWS\server.exe") - C:\WINDOWS\server.exe File not found
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - D:\AUTOEXEC.BAT () - [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[1 C:\DOCUME~1\COMPAQ~1\My Documents\*.tmp files]
[2009/04/17 16:27:02 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/17 16:17:26 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\DOCUME~1\COMPAQ~1\Desktop\OTListIt2.exe
[2009/04/17 16:16:34 | 00,267,612 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\Desktop\Rooter.exe
[2009/04/17 12:28:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/04/16 19:01:23 | 00,000,162 | -H-- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\~$llabus2151-476.rtf
[2009/04/16 18:12:31 | 05,938,658 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\16 For All Time [Prev. Unreleased].mp3
[2009/04/16 18:12:31 | 00,048,747 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\ack.jpg
[2009/04/16 18:12:30 | 06,628,291 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\15 Billie Jean [Kanye West Mix].mp3
[2009/04/16 18:12:30 | 06,044,611 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\14 Beat It [w. Fergie].mp3
[2009/04/16 18:12:29 | 06,076,584 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\13 Wanna Be Startin' Somethin' [w. Akon].mp3
[2009/04/16 18:12:28 | 06,227,677 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\12 P.Y.T. [Pretty Young Thing] [w. Will.I.Am].mp3
[2009/04/16 18:12:28 | 04,628,356 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\11 The Girl Is Mine [w. Will.I.Am].mp3
[2009/04/16 18:12:27 | 04,198,903 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\10 Vincent Price.mp3
[2009/04/16 18:12:26 | 07,235,794 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\09 The Lady In My Life.mp3
[2009/04/16 18:12:26 | 05,781,296 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\08 P.Y.T. [Pretty Young Thing].mp3
[2009/04/16 18:12:25 | 07,107,899 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\06 Billie Jean.mp3
[2009/04/16 18:12:25 | 05,950,570 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\07 Human Nature.mp3
[2009/04/16 18:12:24 | 08,639,510 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\04 Thriller.mp3
[2009/04/16 18:12:24 | 06,243,350 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\05 Beat It.mp3
[2009/04/16 18:12:23 | 06,299,775 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\02 Baby Be Mine.mp3
[2009/04/16 18:12:23 | 05,382,563 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\03 The Girl Is Mine [w. Paul McCartney].mp3
[2009/04/16 18:12:22 | 08,751,105 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\01 Wanna Be Startin' Somethin'.mp3
[2009/04/16 18:12:22 | 00,066,828 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\Front.jpg
[2009/04/16 06:59:12 | 99,749,034 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\Thriller.rar
[2009/04/15 15:44:00 | 00,673,821 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\2008_coulon_casting_registration.docx
[2009/04/15 15:27:47 | 00,037,888 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\2008_coulon_casting_registration.doc
[2009/04/15 14:02:22 | 00,015,162 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\Chapter 14 Assignment.docx
[2009/04/14 20:30:51 | 00,001,010 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\backupfile.reg
[2009/04/14 16:53:07 | 00,025,600 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\HRT 32400 - Chapter 14 Assignment.doc
[2009/04/14 13:07:59 | 00,720,896 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\burrelldH7.accdb
[2009/04/14 13:04:35 | 00,000,162 | -H-- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\~$ Access Instructions.doc
[2009/04/14 08:54:30 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/04/13 15:18:03 | 00,000,000 | ---D | C] -- C:\38e9a04d624f5c845b
[2009/04/11 20:21:29 | 00,000,677 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\Desktop\Shortcut to Word.lnk
[2009/04/11 20:21:24 | 00,000,689 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\Desktop\Shortcut to Access.lnk
[2009/04/11 20:21:21 | 00,000,682 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\Desktop\Shortcut to Excel.lnk
[2009/04/11 20:15:09 | 00,000,000 | ---D | C] -- C:\DOCUME~1\COMPAQ~1\Desktop\Office 2007 Enterprise
[2009/04/11 15:27:29 | 00,000,165 | -H-- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\~$forumla.xlsx
[2009/04/11 15:27:28 | 00,011,379 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\forumla.xlsx
[2009/04/11 13:54:07 | 00,008,821 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\frequency.xlsx
[2009/04/11 13:54:07 | 00,000,165 | -H-- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\~$frequency.xlsx
[2009/04/11 12:39:58 | 00,010,053 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\Book1.xlsx
[2009/04/11 09:41:51 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009/04/11 09:41:51 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009/04/11 09:41:51 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/04/11 09:41:51 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/04/11 09:41:50 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009/04/11 09:41:50 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009/04/11 09:41:50 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009/04/11 09:41:50 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009/04/11 09:41:50 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009/04/11 09:41:50 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009/04/11 09:41:50 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/04/11 09:41:50 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/04/11 09:41:50 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/04/11 09:41:50 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009/04/11 09:41:49 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009/04/11 09:41:49 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009/04/11 09:41:49 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009/04/11 09:41:49 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009/04/11 09:41:49 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009/04/11 09:41:49 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009/04/11 09:41:49 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009/04/11 09:41:49 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009/04/11 09:41:48 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/04/11 09:41:48 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009/04/11 09:41:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/04/11 09:41:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/04/11 09:41:43 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/04/11 09:41:43 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/04/11 09:41:42 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/04/11 09:41:42 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/04/11 09:41:42 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/04/11 09:41:42 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/04/11 09:41:42 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/04/11 09:41:42 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/04/11 09:41:41 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/04/11 09:41:41 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/04/11 09:41:39 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/04/11 09:41:38 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/04/11 09:41:38 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/04/11 09:41:38 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/04/11 09:41:38 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/04/11 09:41:38 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/04/11 09:41:38 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/04/11 09:41:38 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/04/11 09:41:38 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/04/11 09:41:38 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/04/11 09:41:38 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/04/11 09:41:38 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/04/11 09:41:38 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/04/11 09:41:37 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/04/11 09:41:37 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/04/11 09:41:37 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/04/11 09:41:37 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/04/11 09:41:36 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/04/11 09:41:36 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/04/11 09:41:36 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/04/11 09:41:36 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/04/11 09:41:36 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/04/11 09:41:36 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/04/11 09:41:35 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/04/11 09:41:35 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/04/11 09:41:35 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/04/11 09:41:35 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/04/11 09:41:34 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/04/11 09:41:34 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/04/11 09:41:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/04/11 09:41:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/04/11 09:41:31 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclntR.dll
[2009/04/11 09:41:31 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/04/11 09:41:31 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscfgwz.dll
[2009/04/11 09:41:31 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/04/11 09:41:31 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/04/11 09:41:31 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/04/11 09:41:31 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsroute.dll
[2009/04/11 09:41:31 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/04/11 09:41:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2009/04/11 09:41:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/04/11 09:41:31 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/04/11 09:41:31 | 00,001,361 | ---- | C] () -- C:\WINDOWS\System32\fxscount.h
[2009/04/09 23:42:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/09 23:35:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/04/09 23:34:43 | 00,001,515 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\AVG 8.5.lnk
[2009/04/09 23:33:29 | 00,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009/04/09 23:33:29 | 00,029,208 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009/04/09 22:13:21 | 00,000,000 | ---D | C] -- C:\$regrest
[2009/04/09 16:03:57 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/04/09 16:03:57 | 00,012,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/04/09 16:03:57 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/04/09 16:03:53 | 00,325,640 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/04/09 16:03:48 | 00,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/04/09 16:03:43 | 35,195,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/04/09 16:03:43 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/04/09 16:03:43 | 00,401,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/09 16:03:43 | 00,100,885 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/04/09 16:03:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/04/09 16:03:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\AVGTOOLBAR
[2009/04/05 16:47:04 | 00,011,195 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\expectedchart.xlsx
[2009/04/03 18:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\Lotto007 For P3P4 2009 Demo
[2009/04/03 00:43:44 | 00,000,000 | ---D | C] -- C:\DOCUME~1\COMPAQ~1\My Documents\The_Dream-Love_Vs_Money-2009
[2009/04/02 09:47:00 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/03/30 13:55:38 | 00,015,554 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\Chapter 13 Assignment.docx
[2009/03/29 16:24:27 | 00,032,768 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\WHSTUDYGUIDE.08.090325Americas.doc
[2009/03/27 17:55:14 | 00,018,430 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\21.jpg
[2009/03/27 17:53:40 | 00,018,430 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\2.jpg
[2009/03/25 14:42:03 | 00,268,062 | ---- | C] () -- C:\DOCUME~1\COMPAQ~1\My Documents\syllabus2151-476.rtf
[2009/03/23 17:18:13 | 00,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/03/23 17:14:58 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2009/03/23 17:00:04 | 00,897,920 | ---- | C] (Microsoft Corporation) -- C:\DOCUME~1\COMPAQ~1\My Documents\WGAPluginInstall.exe
[2009/03/23 16:29:12 | 00,000,000 | ---D | C] -- C:\DOCUME~1\COMPAQ~1\My Documents\MySpaceIM Pics
[2009/03/23 16:25:27 | 00,000,000 | ---D | C] -- C:\Program Files\MySpace
[2009/03/23 09:05:17 | 00,000,436 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3EFA48DA-AA65-4E21-BC06-0E6EFDC333B1}.job
[2009/03/20 11:15:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/03/20 11:07:22 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2008/08/20 10:19:46 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2008/08/12 20:24:16 | 00,001,559 | ---- | C] () -- C:\WINDOWS\XMailer.INI
[2008/07/08 14:16:00 | 00,000,066 | ---- | C] () -- C:\WINDOWS\System32\SQSDMTST.SYS
[2008/07/08 13:54:42 | 00,000,078 | ---- | C] () -- C:\WINDOWS\RipEditBurnPLUS.ini
[2008/07/08 13:53:18 | 00,000,036 | ---- | C] () -- C:\WINDOWS\System32\drvlock.sys
[2008/07/08 13:53:18 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\symbios.sys
[2008/05/16 12:32:48 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/12/17 01:08:01 | 00,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2007/12/11 15:41:36 | 00,000,146 | ---- | C] () -- C:\WINDOWS\aebmark.ini
[2007/12/11 15:36:09 | 00,000,036 | ---- | C] () -- C:\WINDOWS\AEBFONT.INI
[2007/12/11 15:36:02 | 00,000,023 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2007/12/11 15:36:02 | 00,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2007/12/11 15:36:02 | 00,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2007/11/23 16:53:27 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/11/14 12:42:27 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007/11/09 06:01:59 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\psyswin32.dll
[2007/09/25 22:29:28 | 00,000,363 | ---- | C] () -- C:\WINDOWS\bdsrip.ini
[2007/08/23 20:11:30 | 00,000,022 | ---- | C] () -- C:\WINDOWS\exchng.ini
[2007/08/18 20:07:45 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/03/20 22:16:53 | 00,000,106 | ---- | C] () -- C:\WINDOWS\XGUSB.INI
[2006/11/10 00:35:02 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/10/26 14:13:41 | 00,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2006/09/27 20:36:49 | 00,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2006/09/27 19:23:13 | 00,001,817 | ---- | C] () -- C:\WINDOWS\If42le.ini
[2006/09/27 19:23:12 | 00,000,415 | ---- | C] () -- C:\WINDOWS\Pexplore.ini
[2006/08/31 20:34:17 | 00,001,544 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/08/24 09:03:34 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/08/24 08:56:27 | 00,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/08/24 08:55:25 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/06/19 10:28:09 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/19 10:02:20 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/06/19 09:56:24 | 00,012,993 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/06/19 09:56:17 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/06/19 09:53:56 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/06/19 09:52:40 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/19 09:40:30 | 00,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/19 09:38:49 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/06/19 09:29:21 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/19 09:29:21 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/19 09:29:21 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/19 09:29:20 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/19 09:29:20 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/06/19 09:29:20 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/19 09:29:19 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/19 09:14:23 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/19 09:11:16 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/06/19 09:11:16 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/06/19 09:10:54 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/03/02 16:31:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/12/05 01:50:26 | 00,000,694 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/12/04 17:44:02 | 00,000,285 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/06/15 16:38:00 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[1 C:\DOCUME~1\COMPAQ~1\My Documents\*.tmp files]
[2009/04/17 16:40:01 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3EFA48DA-AA65-4E21-BC06-0E6EFDC333B1}.job
[2009/04/17 16:24:37 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/17 16:22:23 | 20,347,314 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\IconCache.db
[2009/04/17 16:17:02 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\COMPAQ~1\Desktop\OTListIt2.exe
[2009/04/17 16:16:22 | 00,267,612 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\Desktop\Rooter.exe
[2009/04/17 08:30:41 | 35,195,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/04/17 03:40:07 | 00,100,885 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/04/17 02:08:21 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/16 19:01:23 | 00,000,162 | -H-- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\~$llabus2151-476.rtf
[2009/04/16 07:44:11 | 99,749,034 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\Thriller.rar
[2009/04/15 20:45:05 | 00,720,896 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\burrelldH7.accdb
[2009/04/15 15:44:01 | 00,673,821 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\2008_coulon_casting_registration.docx
[2009/04/15 15:28:05 | 00,037,888 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\2008_coulon_casting_registration.doc
[2009/04/15 14:02:22 | 00,015,162 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\Chapter 14 Assignment.docx
[2009/04/14 20:30:54 | 00,001,010 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\backupfile.reg
[2009/04/14 17:14:29 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/04/14 17:14:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/14 17:14:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/14 17:14:22 | 10,051,13344 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/14 16:53:26 | 00,025,600 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\HRT 32400 - Chapter 14 Assignment.doc
[2009/04/14 16:48:14 | 00,011,195 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\expectedchart.xlsx
[2009/04/14 15:13:12 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/14 13:04:35 | 00,000,162 | -H-- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\~$ Access Instructions.doc
[2009/04/14 13:01:19 | 00,011,379 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\forumla.xlsx
[2009/04/14 11:20:33 | 00,095,504 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/13 15:56:11 | 01,613,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/13 15:35:49 | 00,447,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/13 15:35:48 | 00,509,936 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/13 15:35:48 | 00,073,452 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/13 13:30:42 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/11 20:21:29 | 00,000,677 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\Desktop\Shortcut to Word.lnk
[2009/04/11 20:21:24 | 00,000,689 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\Desktop\Shortcut to Access.lnk
[2009/04/11 20:21:21 | 00,000,682 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\Desktop\Shortcut to Excel.lnk
[2009/04/11 15:27:29 | 00,000,165 | -H-- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\~$forumla.xlsx
[2009/04/11 13:54:07 | 00,008,821 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\frequency.xlsx
[2009/04/11 13:54:07 | 00,000,165 | -H-- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\~$frequency.xlsx
[2009/04/11 12:39:58 | 00,010,053 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\Book1.xlsx
[2009/04/11 09:42:58 | 00,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/11 09:41:53 | 00,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2009/04/10 08:29:08 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/04/09 23:48:09 | 00,000,083 | -HS- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\desktop.ini
[2009/04/09 23:34:43 | 00,001,515 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\AVG 8.5.lnk
[2009/04/09 23:33:29 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009/04/09 23:33:29 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009/04/09 23:02:03 | 00,001,610 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Mozilla Firefox.lnk
[2009/04/09 18:13:14 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/04/09 18:13:13 | 00,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/04/09 17:45:07 | 00,000,694 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/09 16:06:13 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/09 16:03:57 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/04/09 16:03:48 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/04/09 16:03:43 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/04/08 23:51:56 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/04 23:33:50 | 00,001,608 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\Desktop\FriendBlasterPro.lnk
[2009/04/02 09:43:44 | 00,015,554 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\Chapter 13 Assignment.docx
[2009/03/30 11:01:30 | 00,011,750 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\pick4strategy.xlsx
[2009/03/29 16:30:45 | 00,032,768 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\WHSTUDYGUIDE.08.090325Americas.doc
[2009/03/27 17:57:16 | 00,018,430 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\21.jpg
[2009/03/27 17:57:16 | 00,018,430 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\2.jpg
[2009/03/25 14:42:04 | 00,268,062 | ---- | M] () -- C:\DOCUME~1\COMPAQ~1\My Documents\syllabus2151-476.rtf
[2009/03/23 17:00:05 | 00,897,920 | ---- | M] (Microsoft Corporation) -- C:\DOCUME~1\COMPAQ~1\My Documents\WGAPluginInstall.exe

========== LOP Check ==========

[2009/04/09 23:35:12 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2007/12/17 01:00:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
[2008/08/25 13:23:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2007/09/11 16:09:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/09/19 21:50:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/04/09 23:30:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2008/07/29 13:48:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2009/04/09 23:35:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2007/10/16 18:32:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2008/03/06 00:19:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2008/03/10 00:29:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/06/19 10:22:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2006/08/23 10:28:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2006/06/19 09:40:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2006/06/19 09:53:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2008/02/10 17:31:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2007/10/14 09:06:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2008/12/16 21:21:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2008/08/19 19:14:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Megaupload
[2009/03/23 17:14:58 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/04/09 17:44:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2008/05/06 13:04:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/03/11 12:15:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2007/12/11 21:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCTV4Me
[2006/06/19 09:15:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2008/12/16 19:58:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2006/06/19 09:34:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2008/08/27 09:58:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2008/11/13 07:52:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2007/12/05 14:26:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/04/11 18:44:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/01/26 16:41:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/06/20 20:03:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virtual Mechanics
[2007/02/21 16:07:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2006/08/28 12:07:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/04/09 22:43:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/04/09 22:59:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/04/09 16:03:43 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data
[2008/05/15 09:35:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Adobe
[2008/05/15 09:45:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AdobeUM
[2006/11/29 12:07:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Aim
[2009/01/08 00:55:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Any Video Converter
[2007/01/05 04:43:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
[2008/08/13 21:08:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AtomPark
[2009/04/09 16:27:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AVGTOOLBAR
[2009/01/05 12:16:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent
[2008/10/23 23:04:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\CineGobs
[2007/10/14 22:45:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\CyberLink
[2008/03/02 12:13:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Cycle of 5th
[2007/05/22 20:26:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DivX
[2007/10/06 15:40:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Download Manager
[2007/11/05 00:41:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Easy Thumbnails
[2008/08/19 19:14:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\EmailNotifier
[2007/08/08 21:10:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FileMaker
[2006/08/23 23:14:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\funkitron
[2008/08/25 12:17:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GeoVid
[2007/06/25 19:36:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GetRightToGo
[2008/01/31 12:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Google
[2009/02/22 10:01:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Greyfirst
[2007/07/29 10:49:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\gtk-2.0
[2008/05/02 11:30:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Help
[2007/07/16 16:45:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\HP
[2006/09/28 14:26:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\HPQ
[2007/12/12 23:31:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\IBP
[2005/12/06 12:18:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Identities
[2006/08/24 11:42:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Image Zone Express
[2007/11/20 00:45:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo
[2006/06/19 09:53:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intuit
[2006/08/29 17:29:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2007/10/14 09:18:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia
[2008/08/19 19:15:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Megaupload
[2009/04/09 15:55:28 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft
[2008/05/12 17:06:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks
[2007/09/10 09:42:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Moyea
[2007/09/10 09:41:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MoyeaFLV2Video
[2008/08/27 19:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla
[2006/08/29 15:40:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MySpace
[2008/05/06 13:05:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\NCH Swift Sound
[2007/10/15 14:30:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Opera
[2007/12/12 20:41:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Palo Alto Software
[2007/12/11 10:58:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PCTV4Me
[2006/08/23 23:09:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PlayFirst
[2008/06/03 21:25:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Publish Providers
[2007/11/23 16:47:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Real
[2007/04/02 20:08:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\RecordPad
[2007/11/06 16:15:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\RegistrySmart
[2007/10/17 09:13:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SmartFTP
[2008/04/22 09:16:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Softplicity
[2006/09/07 09:25:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sonic
[2008/09/08 13:20:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony
[2007/10/14 19:55:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony Setup
[2006/08/30 10:33:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sun
[2008/08/27 22:26:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Talkback
[2006/12/11 23:05:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2009/04/09 22:12:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Thinstall
[2007/11/06 12:27:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\True Sword
[2007/11/04 20:02:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Uniblue
[2007/12/10 23:47:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\URSoft
[2007/06/22 09:55:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg
[2007/01/26 16:41:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Viewpoint
[2007/06/20 20:03:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Virtual Mechanics
[2008/11/09 10:09:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Vso
[2007/07/11 13:05:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WinBatch
[2007/08/10 19:52:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WinRAR
[2008/02/11 18:39:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Yahoo!
[2007/03/20 22:06:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\yamaha
[2009/04/14 15:13:12 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/04/14 17:14:29 | 00,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job
[2009/04/17 02:08:21 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/04/14 17:14:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/04/17 16:40:01 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3EFA48DA-AA65-4E21-BC06-0E6EFDC333B1}.job

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECF54A0E
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D601744
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:933B2316
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A11F741D
< End of report >
  • 0

#7
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
OTListIt Extras logfile created on: 4/17/2009 4:37:19 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 501.00 Mb Available Physical Memory | 52.27% Memory free
1.52 Gb Paging File | 1.06 Gb Available in Paging File | 69.90% Paging File free
Paging file location(s): C:\pagefile.sys 684 2688;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.69 Gb Total Space | 67.73 Gb Free Space | 64.70% Space Free | Partition Type: NTFS
Drive D: | 7.08 Gb Total Space | 0.37 Gb Free Space | 5.24% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHUCKY
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections (Hewlett-Packard)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections (Hewlett-Packard)
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink File not found
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server (Yahoo! Inc.)
C:\Program Files\IBP 9\IBP.exe:*:Enabled:Internet Business Promoter (IBP) File not found
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour File not found
C:\Program Files\CyberLink\PowerDirector\PDR.exe:*:Enabled:CyberLink PowerDirector File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent File not found
C:\WINDOWS\system32\update.exe:*:Enabled:update File not found
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook (Microsoft Corporation)
C:\Program Files\Celtx\celtx.exe:*:Enabled:Celtx (Greyfirst Corporation)
C:\Program Files\Micracom\Lottery Statistic Anaylser\LSAv4.exe:*:Enabled:LSAv4 File not found
C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM File not found
C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer (Microsoft Corporation)
C:\Program Files\FriendBlasterPro\FriendBlasterPro.exe:*:Enabled:FriendBlasterPro (AddNewFriends.com)
C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2A9C3F41-DACA-37AB-84FB-2E6193C42151}" = Google Gears
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7583D2F8-8E7D-40C5-9862-4D218006FB84}" = AVG Identity Protection
"{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"Any Video Converter_is1" = Any Video Converter 2.5.6
"Audacity_is1" = Audacity 1.2.6
"AVG8Uninstall" = AVG 8.5
"CCleaner" = CCleaner (remove only)
"Celtx (1.0)" = Celtx (1.0)
"CineGobsKeyer_is1" = CineGobs Keyer 2.2.0.109
"CleanUp!" = CleanUp!
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"DebugMode Wax 2.0" = DebugMode Wax 2.0
"ExpressRip" = Express Rip
"Expstudio Audio Editor FREE" = Expstudio Audio Editor FREE
"FriendBlasterPro_is1" = FriendBlasterPro
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Install WeatherBug" = Remove WeatherBug Installer
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MixPad" = MixPad
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"Switch" = Switch
"Total Audio Tags_is1" = Total Audio Tags
"WavePad" = WavePad Uninstall
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! IE Suggest" = Yahoo! Search Suggest Add-on for IE7
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"Your Uninstaller! 2008_is1" = Your Uninstaller! 2008 Version 6.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/6/2009 10:55:48 PM | Computer Name = CHUCKY | Source = Google Update | ID = 20
Description =

Error - 4/7/2009 2:32:30 AM | Computer Name = CHUCKY | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80240016, P2 begininstall, P3 install, P4
1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL,
P10 NIL.

Error - 4/8/2009 4:50:35 PM | Computer Name = CHUCKY | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x61eb77e0.

Error - 4/9/2009 6:47:09 PM | Computer Name = CHUCKY | Source = Application Error | ID = 1000
Description = Faulting application avgcsrvx.exe, version 8.0.0.223, faulting module
avgcorex.dll, version 8.0.0.237, fault address 0x001c158a.

Error - 4/9/2009 6:47:14 PM | Computer Name = CHUCKY | Source = Application Error | ID = 1001
Description = Fault bucket 1141385459.

Error - 4/9/2009 6:47:45 PM | Computer Name = CHUCKY | Source = Application Error | ID = 1000
Description = Faulting application avgcsrvx.exe, version 8.0.0.223, faulting module
avgcorex.dll, version 8.0.0.237, fault address 0x001c15c4.

Error - 4/9/2009 6:47:49 PM | Computer Name = CHUCKY | Source = Application Error | ID = 1001
Description = Fault bucket 1141114692.

Error - 4/12/2009 2:48:40 AM | Computer Name = CHUCKY | Source = Application Error | ID = 1000
Description = Faulting application friendblasterpro.exe, version 10.3.0.8, faulting
module flash9f.ocx, version 9.0.124.0, fault address 0x001b314b.

Error - 4/12/2009 2:49:44 AM | Computer Name = CHUCKY | Source = Application Error | ID = 1001
Description = Fault bucket 1214910287.

Error - 4/16/2009 4:04:16 AM | Computer Name = CHUCKY | Source = Application Error | ID = 1000
Description = Faulting application yahoom~1.exe, version 8.1.0.421, faulting module
unknown, version 0.0.0.0, fault address 0x000004e8.

[ OSession Events ]
Error - 2/27/2009 4:03:43 PM | Computer Name = CHUCKY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 7711 seconds with 300 seconds of active time. This session ended with a
crash.

Error - 3/24/2009 11:50:26 AM | Computer Name = CHUCKY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 2, Application Name: Microsoft Office Access, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2815
seconds with 1380 seconds of active time. This session ended with a crash.

Error - 3/29/2009 5:27:54 PM | Computer Name = CHUCKY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 9999.9999.9999.9999. This session lasted
145 seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/29/2009 6:54:48 PM | Computer Name = CHUCKY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 9999.9999.9999.9999. This session lasted
5341 seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/30/2009 12:15:18 AM | Computer Name = CHUCKY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 9999.9999.9999.9999. This session lasted
19211 seconds with 60 seconds of active time. This session ended with a crash.

Error - 3/30/2009 1:46:37 AM | Computer Name = CHUCKY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 9999.9999.9999.9999. This session lasted
29912 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4/15/2009 9:41:45 PM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Documents and Settings\Compaq_Owner\Desktop\Office
2007 Enterprise\Access.exe. Reference error message: The operation completed successfully.
.

Error - 4/15/2009 9:41:45 PM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842784
Description = Dependent Assembly AceDAO could not be found and Last Error was The
referenced assembly is not installed on your system.

Error - 4/15/2009 9:41:45 PM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for AceDAO. Reference error message:
The referenced assembly is not installed on your system. .

Error - 4/15/2009 9:41:45 PM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Documents and Settings\Compaq_Owner\Desktop\Office
2007 Enterprise\Thinstall\Microsoft Office 2007 Enterprise\TEMP\3436.manifest. Reference
error message: The operation completed successfully. .

Error - 4/16/2009 10:06:19 AM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842784
Description = Dependent Assembly AceDAO could not be found and Last Error was The
referenced assembly is not installed on your system.

Error - 4/16/2009 10:06:19 AM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for AceDAO. Reference error message:
The referenced assembly is not installed on your system. .

Error - 4/16/2009 10:06:19 AM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Documents and Settings\Compaq_Owner\Desktop\Office
2007 Enterprise\Access.exe. Reference error message: The operation completed successfully.
.

Error - 4/16/2009 10:06:19 AM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842784
Description = Dependent Assembly AceDAO could not be found and Last Error was The
referenced assembly is not installed on your system.

Error - 4/16/2009 10:06:19 AM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for AceDAO. Reference error message:
The referenced assembly is not installed on your system. .

Error - 4/16/2009 10:06:19 AM | Computer Name = CHUCKY | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Documents and Settings\Compaq_Owner\Desktop\Office
2007 Enterprise\Thinstall\Microsoft Office 2007 Enterprise\TEMP\5048.manifest. Reference
error message: The operation completed successfully. .


< End of report >
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do you know which programme is taking all the memory ?

Run OTList2.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTLI
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - Reg Error: Key error. File not found
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - Reg Error: Key error. File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Key error. File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Reg Error: Key error. File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Reg Error: Key error. File not found
    O20 - HKLM Winlogon: UserInit - ("C:\WINDOWS\server.exe") - C:\WINDOWS\server.exe File not found
    
    :Commands
    [purity]
    [emptytemp]
    [start explorer]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post a new OTL2 log ( don't check the boxes beside LOP Check or Purity this time )

THEN

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
  • 0

#9
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
Different programs are taking up the CPU Usage but many of the times it's explorer.exe
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK if you could run MBAM now please
  • 0

Advertisements


#11
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
Malwarebytes' Anti-Malware 1.36
Database version: 1996
Windows 5.1.2600 Service Pack 3

4/17/2009 5:43:57 PM
mbam-log-2009-04-17 (17-43-57).txt

Scan type: Quick Scan
Objects scanned: 81277
Time elapsed: 7 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 20
Files Infected: 161

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,"C:\WINDOWS\server.exe",) Good: (userinit.exe) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\WinBudget (Adware.AdMedia) -> Quarantined and deleted successfully.
C:\Program Files\WinBudget\bin (Adware.AdMedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Loader\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Updater\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.CRT (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.MFC (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\WinBudget\bin\matrix.dat (Adware.AdMedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Publisher\4458\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Updater\4458\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\VideoEgg\Updater\4458\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\RegCleaner.dll (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.CRT\msvcp80.dll (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.CRT\msvcr80.dll (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.MFC\mfc80.dll (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.MFC\Microsoft.VC80.MFC.manifest (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\RegistrySmart\Registry Backups\2007-11-06_15-15-51.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
  • 0

#12
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
OTListIt logfile created on: 4/17/2009 5:58:54 PM - Run 3
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 449.53 Mb Available Physical Memory | 46.90% Memory free
1.52 Gb Paging File | 1.13 Gb Available in Paging File | 74.14% Paging File free
Paging file location(s): C:\pagefile.sys 684 2688;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.69 Gb Total Space | 67.77 Gb Free Space | 64.73% Space Free | Partition Type: NTFS
Drive D: | 7.08 Gb Total Space | 0.37 Gb Free Space | 5.24% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHUCKY
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe (AVG)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe (AVG)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\AVG\AVG8\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe (AVG)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe (AVG)
PRC - C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Compaq_Owner\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws8 [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgfws8.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent [Auto | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe (AVG)
SRV - (AVGIDSWatcher [Auto | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe (AVG)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gupdate1c90a39ee8665ee [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (YahooAUService [Auto | Running]) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (Avgfwdx [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwfd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriver [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSDriver.sys (AVG Technologies )
DRV - (AVGIDSErHr [Boot | Running]) -- C:\WINDOWS\System32\Drivers\AVGIDSErHr.sys (AVG Technologies )
DRV - (AVGIDSFilter [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSFilter.sys (AVG Technologies )
DRV - (AVGIDSShim [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSShim.sys (AVG Technologies )
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (bb-run [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\bb-run.sys (Promise Technology, Inc.)
DRV - (ftsata2 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys (Promise Technology, Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (iaStor [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (pcouffin [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/defaultb.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.0
FF - prefs.js..extensions.enabledItems: {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.0.20080710
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.0
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090207
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071302000002
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.7pre.080917
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.6
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - prefs.js..keyword.URL: "http://search.yahoo....8&fr=megaup&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/04/09 16:03:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\PROGRAM FILES\AVG\AVG8\TOOLBARFF [2009/04/09 16:03:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/13 15:26:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/09 23:58:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/09 23:01:59 | 00,000,000 | ---D | M]

[2008/08/27 19:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions
[2008/08/27 19:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/15 11:55:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions
[2009/04/07 21:03:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2008/07/23 10:08:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/02/23 23:07:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2008/09/19 00:42:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2009/03/13 18:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\[email protected]
[2008/12/18 10:23:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\9dt86hxb.default\extensions\[email protected]
[2008/12/12 13:23:54 | 00,002,158 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\9dt86hxb.default\searchplugins\MySpace.xml
[2008/02/10 04:00:03 | 00,000,277 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\9dt86hxb.default\searchplugins\search.xml
[2007/12/11 10:47:02 | 00,002,386 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\FireFox\Profiles\9dt86hxb.default\searchplugins\siteadvisor.xml
[2008/08/27 23:00:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/09 23:01:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/26 14:11:21 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/26 14:11:22 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 13:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 13:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 13:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 13:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 13:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 13:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 13:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (288168 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 9932 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Yahoo! IE Suggest) - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll (Yahoo! Inc.)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" (AVG)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (Reg Error: Key error.)
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} http://chat.yahoo.com/cab/yuplapp.cab (Yahoo! Webcam Upload Wrapper)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O32 - Autorun File - D:\AUTOEXEC.BAT () - [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[1 C:\Documents and Settings\Compaq_Owner\My Documents\*.tmp files]
[2009/04/17 17:21:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
[2009/04/17 17:20:37 | 00,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/17 17:20:36 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/17 17:20:34 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/17 17:20:33 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/17 17:20:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/17 17:15:00 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/04/17 17:04:41 | 02,967,800 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup.exe
[2009/04/17 16:27:02 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/17 16:17:26 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTListIt2.exe
[2009/04/17 16:16:34 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Rooter.exe
[2009/04/16 19:01:23 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\~$llabus2151-476.rtf
[2009/04/16 18:12:31 | 05,938,658 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\16 For All Time [Prev. Unreleased].mp3
[2009/04/16 18:12:31 | 00,048,747 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\ack.jpg
[2009/04/16 18:12:30 | 06,628,291 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\15 Billie Jean [Kanye West Mix].mp3
[2009/04/16 18:12:30 | 06,044,611 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\14 Beat It [w. Fergie].mp3
[2009/04/16 18:12:29 | 06,076,584 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\13 Wanna Be Startin' Somethin' [w. Akon].mp3
[2009/04/16 18:12:28 | 06,227,677 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\12 P.Y.T. [Pretty Young Thing] [w. Will.I.Am].mp3
[2009/04/16 18:12:28 | 04,628,356 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\11 The Girl Is Mine [w. Will.I.Am].mp3
[2009/04/16 18:12:27 | 04,198,903 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\10 Vincent Price.mp3
[2009/04/16 18:12:26 | 07,235,794 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\09 The Lady In My Life.mp3
[2009/04/16 18:12:26 | 05,781,296 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\08 P.Y.T. [Pretty Young Thing].mp3
[2009/04/16 18:12:25 | 07,107,899 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\06 Billie Jean.mp3
[2009/04/16 18:12:25 | 05,950,570 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\07 Human Nature.mp3
[2009/04/16 18:12:24 | 08,639,510 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\04 Thriller.mp3
[2009/04/16 18:12:24 | 06,243,350 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\05 Beat It.mp3
[2009/04/16 18:12:23 | 06,299,775 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\02 Baby Be Mine.mp3
[2009/04/16 18:12:23 | 05,382,563 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\03 The Girl Is Mine [w. Paul McCartney].mp3
[2009/04/16 18:12:22 | 08,751,105 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\01 Wanna Be Startin' Somethin'.mp3
[2009/04/16 18:12:22 | 00,066,828 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Front.jpg
[2009/04/16 06:59:12 | 99,749,034 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Thriller.rar
[2009/04/15 15:44:00 | 00,673,821 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\2008_coulon_casting_registration.docx
[2009/04/15 15:27:47 | 00,037,888 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\2008_coulon_casting_registration.doc
[2009/04/15 14:02:22 | 00,015,162 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Chapter 14 Assignment.docx
[2009/04/14 20:30:51 | 00,001,010 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\backupfile.reg
[2009/04/14 16:53:07 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\HRT 32400 - Chapter 14 Assignment.doc
[2009/04/14 13:07:59 | 00,720,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\burrelldH7.accdb
[2009/04/14 13:04:35 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\~$ Access Instructions.doc
[2009/04/14 08:54:30 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/04/13 15:18:03 | 00,000,000 | ---D | C] -- C:\38e9a04d624f5c845b
[2009/04/11 20:21:29 | 00,000,677 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Word.lnk
[2009/04/11 20:21:24 | 00,000,689 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Access.lnk
[2009/04/11 20:21:21 | 00,000,682 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Excel.lnk
[2009/04/11 20:15:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\Office 2007 Enterprise
[2009/04/11 15:27:29 | 00,000,165 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\~$forumla.xlsx
[2009/04/11 15:27:28 | 00,011,379 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\forumla.xlsx
[2009/04/11 13:54:07 | 00,008,821 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\frequency.xlsx
[2009/04/11 13:54:07 | 00,000,165 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\~$frequency.xlsx
[2009/04/11 12:39:58 | 00,010,053 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Book1.xlsx
[2009/04/11 09:41:51 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009/04/11 09:41:51 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009/04/11 09:41:51 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/04/11 09:41:51 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/04/11 09:41:50 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009/04/11 09:41:50 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009/04/11 09:41:50 | 00,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009/04/11 09:41:50 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009/04/11 09:41:50 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009/04/11 09:41:50 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009/04/11 09:41:50 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/04/11 09:41:50 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/04/11 09:41:50 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/04/11 09:41:50 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009/04/11 09:41:49 | 01,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009/04/11 09:41:49 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009/04/11 09:41:49 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009/04/11 09:41:49 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009/04/11 09:41:49 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009/04/11 09:41:49 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009/04/11 09:41:49 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009/04/11 09:41:49 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009/04/11 09:41:48 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/04/11 09:41:48 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009/04/11 09:41:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/04/11 09:41:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/04/11 09:41:43 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/04/11 09:41:43 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/04/11 09:41:42 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/04/11 09:41:42 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/04/11 09:41:42 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/04/11 09:41:42 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/04/11 09:41:42 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/04/11 09:41:42 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/04/11 09:41:41 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/04/11 09:41:41 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/04/11 09:41:39 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/04/11 09:41:38 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/04/11 09:41:38 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2009/04/11 09:41:38 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2009/04/11 09:41:38 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2009/04/11 09:41:38 | 00,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2009/04/11 09:41:38 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2009/04/11 09:41:38 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/04/11 09:41:38 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2009/04/11 09:41:38 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2009/04/11 09:41:38 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/04/11 09:41:38 | 00,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2009/04/11 09:41:38 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2009/04/11 09:41:37 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/04/11 09:41:37 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/04/11 09:41:37 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/04/11 09:41:37 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/04/11 09:41:36 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/04/11 09:41:36 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/04/11 09:41:36 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/04/11 09:41:36 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/04/11 09:41:36 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/04/11 09:41:36 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/04/11 09:41:35 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/04/11 09:41:35 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/04/11 09:41:35 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/04/11 09:41:35 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/04/11 09:41:34 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/04/11 09:41:34 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/04/11 09:41:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/04/11 09:41:33 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/04/11 09:41:31 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclntR.dll
[2009/04/11 09:41:31 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/04/11 09:41:31 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscfgwz.dll
[2009/04/11 09:41:31 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/04/11 09:41:31 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/04/11 09:41:31 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/04/11 09:41:31 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsroute.dll
[2009/04/11 09:41:31 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/04/11 09:41:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2009/04/11 09:41:31 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/04/11 09:41:31 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/04/11 09:41:31 | 00,001,361 | ---- | C] () -- C:\WINDOWS\System32\fxscount.h
[2009/04/09 23:42:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/04/09 23:35:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/04/09 23:34:43 | 00,001,515 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/04/09 23:33:29 | 00,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009/04/09 23:33:29 | 00,029,208 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009/04/09 22:13:21 | 00,000,000 | ---D | C] -- C:\$regrest
[2009/04/09 16:03:57 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/04/09 16:03:57 | 00,012,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/04/09 16:03:57 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/04/09 16:03:53 | 00,325,640 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/04/09 16:03:48 | 00,027,656 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/04/09 16:03:43 | 35,195,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/04/09 16:03:43 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/04/09 16:03:43 | 00,401,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/09 16:03:43 | 00,100,885 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/04/09 16:03:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/04/09 16:03:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\AVGTOOLBAR
[2009/04/05 16:47:04 | 00,011,195 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\expectedchart.xlsx
[2009/04/03 18:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\Lotto007 For P3P4 2009 Demo
[2009/04/03 00:43:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\The_Dream-Love_Vs_Money-2009
[2009/04/02 09:47:00 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/03/30 13:55:38 | 00,015,554 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Chapter 13 Assignment.docx
[2009/03/29 16:24:27 | 00,032,768 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\WHSTUDYGUIDE.08.090325Americas.doc
[2009/03/27 17:55:14 | 00,018,430 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\21.jpg
[2009/03/27 17:53:40 | 00,018,430 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\2.jpg
[2009/03/25 14:42:03 | 00,268,062 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\syllabus2151-476.rtf
[2009/03/23 17:18:13 | 00,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/03/23 17:14:58 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2009/03/23 17:00:04 | 00,897,920 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\My Documents\WGAPluginInstall.exe
[2009/03/23 16:29:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\MySpaceIM Pics
[2009/03/23 16:25:27 | 00,000,000 | ---D | C] -- C:\Program Files\MySpace
[2009/03/23 09:05:17 | 00,000,436 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3EFA48DA-AA65-4E21-BC06-0E6EFDC333B1}.job
[2009/03/20 11:15:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/03/20 11:07:22 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2008/08/20 10:19:46 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2008/08/12 20:24:16 | 00,001,559 | ---- | C] () -- C:\WINDOWS\XMailer.INI
[2008/07/08 14:16:00 | 00,000,066 | ---- | C] () -- C:\WINDOWS\System32\SQSDMTST.SYS
[2008/07/08 13:54:42 | 00,000,078 | ---- | C] () -- C:\WINDOWS\RipEditBurnPLUS.ini
[2008/07/08 13:53:18 | 00,000,036 | ---- | C] () -- C:\WINDOWS\System32\drvlock.sys
[2008/07/08 13:53:18 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\symbios.sys
[2008/05/16 12:32:48 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/12/17 01:08:01 | 00,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2007/12/11 15:41:36 | 00,000,146 | ---- | C] () -- C:\WINDOWS\aebmark.ini
[2007/12/11 15:36:09 | 00,000,036 | ---- | C] () -- C:\WINDOWS\AEBFONT.INI
[2007/12/11 15:36:02 | 00,000,023 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2007/12/11 15:36:02 | 00,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2007/12/11 15:36:02 | 00,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2007/11/23 16:53:27 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/11/14 12:42:27 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007/11/09 06:01:59 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\psyswin32.dll
[2007/09/25 22:29:28 | 00,000,363 | ---- | C] () -- C:\WINDOWS\bdsrip.ini
[2007/08/23 20:11:30 | 00,000,022 | ---- | C] () -- C:\WINDOWS\exchng.ini
[2007/08/18 20:07:45 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007/03/20 22:16:53 | 00,000,106 | ---- | C] () -- C:\WINDOWS\XGUSB.INI
[2006/11/10 00:35:02 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/10/26 14:13:41 | 00,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2006/09/27 20:36:49 | 00,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2006/09/27 19:23:13 | 00,001,817 | ---- | C] () -- C:\WINDOWS\If42le.ini
[2006/09/27 19:23:12 | 00,000,415 | ---- | C] () -- C:\WINDOWS\Pexplore.ini
[2006/08/31 20:34:17 | 00,001,544 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/08/24 09:03:34 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/08/24 08:56:27 | 00,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/08/24 08:55:25 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/06/19 10:28:09 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/19 10:02:20 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/06/19 09:56:24 | 00,012,993 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/06/19 09:56:17 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/06/19 09:53:56 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/06/19 09:52:40 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/19 09:40:30 | 00,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/19 09:38:49 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/06/19 09:29:21 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/19 09:29:21 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/06/19 09:29:21 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/19 09:29:20 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/06/19 09:29:20 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/06/19 09:29:20 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/19 09:29:19 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/19 09:14:23 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/19 09:11:16 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/06/19 09:11:16 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/06/19 09:10:54 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/03/02 16:31:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/12/05 01:50:26 | 00,000,694 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/12/04 17:44:02 | 00,000,285 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/06/15 16:38:00 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\*.tmp files]
[1 C:\Documents and Settings\Compaq_Owner\My Documents\*.tmp files]
[2009/04/17 18:00:48 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/17 17:57:03 | 00,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/17 17:56:35 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/04/17 17:56:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/17 17:56:33 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/17 17:56:32 | 10,051,13344 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/17 17:44:25 | 20,349,670 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\IconCache.db
[2009/04/17 17:20:37 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/17 17:05:04 | 02,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup.exe
[2009/04/17 16:40:46 | 00,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3EFA48DA-AA65-4E21-BC06-0E6EFDC333B1}.job
[2009/04/17 16:17:02 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTListIt2.exe
[2009/04/17 16:16:22 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Rooter.exe
[2009/04/17 08:30:41 | 35,195,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/04/17 03:40:07 | 00,100,885 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/04/16 19:01:23 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\~$llabus2151-476.rtf
[2009/04/16 07:44:11 | 99,749,034 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Thriller.rar
[2009/04/15 20:45:05 | 00,720,896 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\burrelldH7.accdb
[2009/04/15 15:44:01 | 00,673,821 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\2008_coulon_casting_registration.docx
[2009/04/15 15:28:05 | 00,037,888 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\2008_coulon_casting_registration.doc
[2009/04/15 14:02:22 | 00,015,162 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Chapter 14 Assignment.docx
[2009/04/14 20:30:54 | 00,001,010 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\backupfile.reg
[2009/04/14 16:53:26 | 00,025,600 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\HRT 32400 - Chapter 14 Assignment.doc
[2009/04/14 16:48:14 | 00,011,195 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\expectedchart.xlsx
[2009/04/14 15:13:12 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/14 13:04:35 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\~$ Access Instructions.doc
[2009/04/14 13:01:19 | 00,011,379 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\forumla.xlsx
[2009/04/14 11:20:33 | 00,095,504 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/13 15:56:11 | 01,613,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/13 15:35:49 | 00,447,042 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/13 15:35:48 | 00,509,936 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/13 15:35:48 | 00,073,452 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/13 13:30:42 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/11 20:21:29 | 00,000,677 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Word.lnk
[2009/04/11 20:21:24 | 00,000,689 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Access.lnk
[2009/04/11 20:21:21 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Excel.lnk
[2009/04/11 15:27:29 | 00,000,165 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\~$forumla.xlsx
[2009/04/11 13:54:07 | 00,008,821 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\frequency.xlsx
[2009/04/11 13:54:07 | 00,000,165 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\~$frequency.xlsx
[2009/04/11 12:39:58 | 00,010,053 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Book1.xlsx
[2009/04/11 09:42:58 | 00,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/11 09:41:53 | 00,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2009/04/10 08:29:08 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/04/09 23:48:09 | 00,000,083 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\desktop.ini
[2009/04/09 23:34:43 | 00,001,515 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/04/09 23:33:29 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009/04/09 23:33:29 | 00,029,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009/04/09 23:02:03 | 00,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/04/09 18:13:14 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/04/09 18:13:13 | 00,325,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/04/09 17:45:07 | 00,000,694 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/09 16:06:13 | 00,401,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/09 16:03:57 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/04/09 16:03:48 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/04/09 16:03:43 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/04/08 23:51:56 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/04 23:33:50 | 00,001,608 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\FriendBlasterPro.lnk
[2009/04/02 09:43:44 | 00,015,554 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Chapter 13 Assignment.docx
[2009/03/30 11:01:30 | 00,011,750 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\pick4strategy.xlsx
[2009/03/29 16:30:45 | 00,032,768 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\WHSTUDYGUIDE.08.090325Americas.doc
[2009/03/27 17:57:16 | 00,018,430 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\21.jpg
[2009/03/27 17:57:16 | 00,018,430 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\2.jpg
[2009/03/25 14:42:04 | 00,268,062 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\syllabus2151-476.rtf
[2009/03/23 17:00:05 | 00,897,920 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\My Documents\WGAPluginInstall.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECF54A0E
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D601744
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:933B2316
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A11F741D
< End of report >
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I am missing something somewhere that much I do feel, so lets get a bigger tool on to the job

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#14
dch1314

dch1314

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 238 posts
Okay, I finished running it and it completely made the log. However, during the scan process it was telling me like numerous folders were unreadable 'please run chkdsk' but I am not sure why it said that because each time I start my computer chkdsk runs "idk why"

Attached Files


  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I think we will need to look at chkdsk next


1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

KillAll::

Driver::
pfvxkco

3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES

4. Save the above as CFScript.txt

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image


6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
  • .

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP