Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

cpu usage 20% when idle

Started by hayjinee , Apr 23 2009 12:52 PM

  • Please log in to reply

#1
hayjinee
Posted 23 April 2009 - 12:52 PM

hayjinee

    Member

  • Member
  • PipPip
  • 10 posts
CPU usage is oddly high, and the internet is slow. Malware can't seem to find anything, but I have a quad core and 2 gigs of ram so I don't know why it would be so high. Thank you in advance for your assistance. :)


Malwarebytes' Anti-Malware 1.36
Database version: 2031
Windows 5.1.2600 Service Pack 3

4/23/2009 11:27:24 AM
mbam-log-2009-04-23 (11-27-24).txt

Scan type: Full Scan (C:\|)
Objects scanned: 305204
Time elapsed: 1 hour(s), 17 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

----------------------------------------------------

OTListIt logfile created on: 4/23/2009 10:00:32 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\cs\Desktop\Marcey
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 293.31 Gb Free Space | 63.43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHRIS
Current User Name: cs
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/04/14 05:42:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2006/11/21 14:02:24 | 01,807,960 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
PRC - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2006/06/07 16:57:46 | 00,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2009/01/13 23:22:19 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/05/19 16:17:14 | 01,475,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe
PRC - [2007/11/08 18:19:18 | 00,345,696 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe
PRC - [2006/11/09 16:03:42 | 00,923,216 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe
PRC - [2006/12/05 13:38:42 | 01,013,296 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Tablet.exe
PRC - [2006/12/05 13:39:22 | 00,136,752 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\TabUserW.exe
PRC - [2006/12/05 13:38:42 | 01,013,296 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Tablet.exe
PRC - [2006/11/09 16:04:02 | 00,566,872 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe
PRC - [2008/09/03 20:56:38 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\cs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
PRC - [2009/04/15 11:54:16 | 00,759,280 | ---- | M] (Google Inc.) -- C:\Documents and Settings\cs\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/04/15 11:54:16 | 00,759,280 | ---- | M] (Google Inc.) -- C:\Documents and Settings\cs\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/04/06 15:32:44 | 01,277,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2009/04/23 09:57:45 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\cs\Desktop\Marcey\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2006/08/25 19:54:12 | 00,360,532 | ---- | M] (Atheros) -- C:\Program Files\D-Link\D-Link DWA-552 Xtreme N Desktop Adapter\acs.exe -- (ACS [Auto | Stopped])
SRV - [2007/03/20 16:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3 [On_Demand | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2006/06/07 16:57:46 | 00,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/03/14 23:53:25 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/04/14 05:42:04 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2004/10/22 01:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/01/13 23:22:19 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/01/15 08:19:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [On_Demand | Stopped])
SRV - [2008/05/19 16:17:14 | 01,475,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe -- (PcCtlCom [Auto | Running])
SRV - [2006/11/05 09:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [On_Demand | Stopped])
SRV - [2006/11/05 09:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9 [Auto | Stopped])
SRV - [2006/09/14 12:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
SRV - [2006/12/05 13:38:42 | 01,013,296 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Tablet.exe -- (TabletService [Auto | Running])
SRV - [2007/11/08 18:19:18 | 00,345,696 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe -- (Tmntsrv [Auto | Running])
SRV - [2006/11/09 16:03:42 | 00,923,216 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe -- (TmPfw [Auto | Running])
SRV - [2006/11/09 16:04:02 | 00,566,872 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe -- (tmproxy [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2004/08/04 03:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Disabled | Stopped])
DRV - [2008/04/14 00:06:40 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Disabled | Stopped])
DRV - [2006/09/25 11:44:12 | 01,037,088 | ---- | M] (D-Link) -- C:\WINDOWS\system32\DRIVERS\ar5416.sys -- (AR5416 [On_Demand | Running])
DRV - [2004/08/04 03:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Disabled | Stopped])
DRV - [2004/08/04 03:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Disabled | Stopped])
DRV - [2006/06/07 22:06:58 | 00,329,901 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio [On_Demand | Running])
DRV - [2006/06/07 16:29:10 | 00,030,459 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btport.sys -- (BTDriver [On_Demand | Stopped])
DRV - [2006/06/07 16:33:34 | 00,855,018 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys -- (BTKRNL [On_Demand | Running])
DRV - [2006/06/07 16:28:20 | 00,149,028 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btwdndis.sys -- (BTWDNDIS [On_Demand | Stopped])
DRV - [2006/06/07 16:23:20 | 00,047,811 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btwhid.sys -- (btwhid [On_Demand | Stopped])
DRV - [2006/06/07 16:26:52 | 00,067,384 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB [On_Demand | Stopped])
DRV - [2004/12/13 14:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [Boot | Stopped])
DRV - [2004/08/04 03:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Disabled | Stopped])
DRV - [2004/08/04 03:00:00 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])
DRV - [2006/08/18 11:17:46 | 00,035,096 | ---- | M] (Roxio) -- C:\WINDOWS\System32\DLA\DLABMFSM.SYS -- (DLABMFSM [Auto | Running])
DRV - [2006/08/18 11:17:40 | 00,032,472 | ---- | M] (Roxio) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS -- (DLABOIOM [Auto | Running])
DRV - [2006/08/11 08:35:18 | 00,012,920 | ---- | M] (Roxio) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM [System | Running])
DRV - [2006/08/18 11:18:08 | 00,009,400 | ---- | M] (Roxio) -- C:\WINDOWS\System32\DLA\DLADResM.SYS -- (DLADResM [Auto | Running])
DRV - [2006/08/18 11:17:38 | 00,104,472 | ---- | M] (Roxio) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M [Auto | Running])
DRV - [2006/08/18 11:17:42 | 00,026,008 | ---- | M] (Roxio) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM [Auto | Running])
DRV - [2006/08/18 11:17:38 | 00,014,520 | ---- | M] (Roxio) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS -- (DLAPoolM [Auto | Running])
DRV - [2006/08/11 08:35:16 | 00,028,184 | ---- | M] (Roxio) -- C:\WINDOWS\System32\Drivers\DLARTL_M.SYS -- (DLARTL_M [System | Running])
DRV - [2006/08/18 11:17:44 | 00,094,648 | ---- | M] (Roxio) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM [Auto | Running])
DRV - [2006/08/18 11:17:44 | 00,097,848 | ---- | M] (Roxio) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M [Auto | Running])
DRV - [2006/07/21 09:21:26 | 00,099,176 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB [Boot | Running])
DRV - [2006/08/11 09:05:58 | 00,051,768 | ---- | M] (Roxio) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS -- (DRVNDDM [Auto | Running])
DRV - [2001/08/17 11:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2006/11/22 10:01:48 | 00,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock [Auto | Running])
DRV - [2008/03/15 16:05:04 | 00,047,616 | ---- | M] (Aladdin Knowledge Systems) -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt [Auto | Running])
DRV - [2008/04/13 22:06:06 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008/07/16 18:52:00 | 04,747,776 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2004/08/04 03:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Disabled | Stopped])
DRV - [2009/01/15 08:19:00 | 06,301,248 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2006/10/18 14:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\NvAtaBus.sys -- (nvatabus [Boot | Running])
DRV - [2008/01/14 19:20:10 | 00,054,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])
DRV - [2008/02/11 06:44:08 | 00,102,400 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts [Boot | Running])
DRV - [2008/01/14 19:20:12 | 00,022,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])
DRV - [2006/10/18 14:31:46 | 00,089,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvraid.sys -- (nvraid [Boot | Running])
DRV - [2008/02/11 06:44:08 | 00,128,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvrd32.sys -- (nvrd32 [Boot | Running])
DRV - [2007/08/21 13:39:04 | 00,141,376 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\Drivers\OEM05Afx.sys -- (OEM05Afx [On_Demand | Stopped])
DRV - [2007/08/21 13:39:18 | 00,007,424 | ---- | M] (EyePower Games Pte. Ltd.) -- C:\WINDOWS\system32\DRIVERS\OEM05Vfx.sys -- (OEM05Vfx [On_Demand | Running])
DRV - [2007/08/21 13:39:20 | 00,235,616 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\DRIVERS\OEM05Vid.sys -- (OEM05Vid [On_Demand | Running])
DRV - [2007/06/01 11:41:00 | 00,018,432 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\DRIVERS\pmxmouse.sys -- (pmxmouse [On_Demand | Stopped])
DRV - [2007/05/24 14:56:00 | 00,014,336 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\DRIVERS\pmxusblf.sys -- (pmxusblf [On_Demand | Stopped])
DRV - [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2006/07/24 01:00:00 | 00,036,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/04 03:00:00 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Disabled | Stopped])
DRV - [2004/08/04 03:00:00 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Disabled | Stopped])
DRV - [2004/08/04 03:00:00 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Disabled | Stopped])
DRV - [2007/01/15 15:57:08 | 00,031,616 | ---- | M] () -- C:\WINDOWS\system32\DRIVERS\livecamv.sys -- (RLDesignVirtualAudioCableWdm [On_Demand | Running])
DRV - [2008/04/13 22:09:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/14 00:06:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Disabled | Stopped])
DRV - [2004/08/04 03:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Disabled | Stopped])
DRV - [2009/02/20 23:01:22 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2004/08/04 03:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])
DRV - [2004/08/04 03:00:00 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])
DRV - [2004/08/04 03:00:00 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])
DRV - [2004/08/04 03:00:00 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
DRV - [2006/11/09 16:04:20 | 00,280,392 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\DRIVERS\TM_CFW.sys -- (tmcfw [On_Demand | Running])
DRV - [2008/11/26 18:42:40 | 00,036,368 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\DRIVERS\tmpreflt.sys -- (tmpreflt [Auto | Running])
DRV - [2006/11/09 16:04:20 | 00,073,288 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\DRIVERS\tmtdi.sys -- (tmtdi [System | Running])
DRV - [2008/11/26 18:42:42 | 00,205,328 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\TmXPFlt.sys -- (tmxpflt [Auto | Running])
DRV - [2004/08/04 03:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Disabled | Stopped])
DRV - [2008/04/14 00:15:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV - [2008/11/26 18:39:56 | 01,195,384 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\DRIVERS\vsapint.sys -- (vsapint [Auto | Running])
DRV - [2006/02/14 14:18:52 | 00,005,632 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys -- (wacommousefilter [On_Demand | Running])
DRV - [2006/11/15 12:55:38 | 00,006,272 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\DRIVERS\wacomvhid.sys -- (wacomvhid [On_Demand | Running])
DRV - [2006/07/20 07:00:10 | 00,054,432 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\DRIVERS\wsimd.sys -- (WSIMD [On_Demand | Stopped])
DRV - [2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6080310
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6080310

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/01/13 23:22:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/04/12 10:43:32 | 00,000,000 | ---D | M]


O1 HOSTS File: (289233 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 127.0.0.1 www.123haustiereundmehr.com
O1 - Hosts: 127.0.0.1 www.123simsen.com
O1 - Hosts: 127.0.0.1 123simsen.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 9956 more lines...
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe" (Trend Micro Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} http://javadl-esd.su...indows-i586.cab (isInstalled Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1206770024921 (MUWebControl Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} http://download-game...tg.1.0.0.33.cab (CPlayFirstddfotgControl Object)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinn...h/dinerdash.cab (DinerDash Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} http://www.photodex.com/pxplay.cab (Photodex Presenter AX control)
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.co....cab?10,0,910,0 (DigWebHelper Class)
O16 - DPF: Xpress3DQuote https://www.xpress3d...ress3DQuote.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 16:15:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2009/04/23 10:00:22 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/04/23 09:56:21 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/23 09:55:23 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/23 09:54:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\cs\Desktop\virus_cleaning
[2009/04/17 21:34:57 | 00,123,598 | ---- | C] () -- C:\Documents and Settings\cs\My Documents\cc_20090417_213456.reg
[2009/04/17 19:45:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/04/16 16:23:15 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 16:23:14 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 16:23:14 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 16:23:14 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 16:23:14 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 16:23:14 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 16:23:14 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 16:23:14 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 16:23:14 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 16:18:07 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/16 16:18:07 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/16 16:18:07 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/13 08:27:30 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/04/12 11:33:11 | 00,019,482 | ---- | C] () -- C:\Documents and Settings\cs\My Documents\cc_20090412_113309.reg
[2009/04/12 11:27:31 | 00,003,636 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009/04/12 11:27:26 | 00,005,815 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2009/04/12 11:10:49 | 00,000,553 | ---- | C] () -- C:\WINDOWS\USetup.iss
[2009/04/12 11:10:43 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/04/12 11:10:15 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/04/12 10:58:52 | 00,000,000 | ---D | C] -- C:\NV696324.TMP
[2009/04/12 10:58:52 | 00,000,000 | ---D | C] -- C:\NV2512820.TMP
[2009/04/12 10:43:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/04/12 10:42:58 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/04/12 10:42:53 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/04/12 10:42:35 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/04/12 10:42:35 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/04/12 10:42:35 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/04/12 10:42:35 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/04/12 10:42:35 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/04/12 10:42:34 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/04/12 10:42:34 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/04/12 10:42:34 | 00,000,000 | ---D | C] -- C:\47a1ac87d1d28b1d1db8be90ac7e9a5e
[2009/04/12 10:42:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/04/12 10:27:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\nview
[2009/04/12 10:27:04 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/04/12 01:13:12 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Startup.cpl
[2009/04/12 00:54:59 | 00,000,000 | ---D | C] -- C:\Program Files\KrView
[2009/04/12 00:54:51 | 01,388,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\msvbvm60.dll
[2009/04/12 00:54:51 | 00,327,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009/04/12 00:54:51 | 00,151,622 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\modcas.dll
[2009/04/12 00:54:51 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\odestkit.dll
[2009/04/12 00:54:51 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ODEUNST.EXE
[2009/04/11 19:41:39 | 00,020,040 | ---- | C] () -- C:\Documents and Settings\cs\My Documents\cc_20090411_194138.reg
[2009/04/05 01:16:06 | 00,000,000 | ---D | C] -- C:\f
[2009/04/05 01:04:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\cs\Application Data\AMPSoft
[2009/04/01 22:09:46 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/04/01 12:50:38 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2009/04/01 08:21:08 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/01 08:06:21 | 01,616,236 | -H-- | C] () -- C:\Documents and Settings\cs\Local Settings\Application Data\IconCache.db
[2009/04/01 01:08:49 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/04/01 01:08:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\cs\Local Settings\Application Data\licensecb
[2009/04/01 01:08:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\licensecb
[2009/04/01 01:08:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\cs\Application Data\Cornell University
[2009/04/01 01:08:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/04/01 01:08:10 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2009/04/01 01:08:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009/04/01 01:07:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2009/04/01 01:06:43 | 00,000,000 | ---D | C] -- C:\Program Files\JRE
[2009/03/28 11:06:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\cs\Application Data\Torrent Episode Downloader
[2009/03/28 10:59:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\cs\Application Data\uTorrent
[2009/03/26 16:15:16 | 00,000,014 | ---- | C] () -- C:\WINDOWS\System32\tmpPrst.tgz
[2009/03/25 12:22:49 | 00,000,351 | ---- | C] () -- C:\Documents and Settings\cs\Desktop\Shortcut to Marcey.lnk
[2009/03/15 17:58:54 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009/03/04 17:05:40 | 00,002,048 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2009/03/04 17:05:40 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2009/03/04 17:05:40 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2009/02/20 23:01:21 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/01/15 08:19:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/01/15 08:19:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/01/15 08:19:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/01/15 08:19:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/09/21 19:06:39 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/09/14 19:24:12 | 00,000,260 | ---- | C] () -- C:\WINDOWS\Caligari.ini
[2008/03/17 19:44:28 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/03/17 19:44:26 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/03/17 19:44:26 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/03/17 19:44:26 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/03/17 19:44:24 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/03/17 19:44:24 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/03/15 16:05:04 | 00,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2008/03/15 00:01:47 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/03/10 15:11:01 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/03/10 15:02:45 | 00,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2008/03/10 15:02:45 | 00,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/03/10 14:55:34 | 00,031,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\livecamv.sys
[2008/03/10 14:55:14 | 00,131,066 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2008/03/10 14:38:48 | 00,001,119 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/01/10 08:44:26 | 01,457,024 | R--- | C] () -- C:\WINDOWS\System32\SSCProt.dll
[2006/11/07 03:25:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 21:36:50 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 21:36:50 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/06/07 16:52:08 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/02/17 12:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 12:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/08/11 16:24:19 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 16:11:31 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 16:00:37 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/11 16:00:35 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001/11/14 13:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Files - Modified Within 30 Days ==========

[2 C:\*.tmp files]
[1 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2009/04/23 08:40:58 | 00,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3226784568-986457531-3587294790-1005.job
[2009/04/23 08:03:44 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/23 08:03:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/23 08:03:21 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/23 08:03:19 | 34,870,06720 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/18 16:35:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/17 21:34:59 | 00,123,598 | ---- | M] () -- C:\Documents and Settings\cs\My Documents\cc_20090417_213456.reg
[2009/04/17 19:51:04 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/17 19:51:04 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/04/17 19:51:04 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/17 08:39:55 | 00,201,895 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/17 07:26:55 | 00,526,522 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/17 07:26:55 | 00,444,230 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 07:26:55 | 00,072,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/15 16:18:42 | 00,002,266 | ---- | M] () -- C:\Documents and Settings\cs\Desktop\Google Chrome.lnk
[2009/04/12 11:33:13 | 00,019,482 | ---- | M] () -- C:\Documents and Settings\cs\My Documents\cc_20090412_113309.reg
[2009/04/12 10:55:44 | 01,589,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/12 00:56:23 | 00,004,202 | ---- | M] () -- C:\Documents and Settings\cs\Application Data\wklnhst.dat
[2009/04/12 00:54:51 | 01,388,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\msvbvm60.dll
[2009/04/12 00:54:51 | 00,327,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2009/04/12 00:54:51 | 00,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2009/04/12 00:54:51 | 00,151,622 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\modcas.dll
[2009/04/12 00:54:51 | 00,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\odestkit.dll
[2009/04/12 00:54:51 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ODEUNST.EXE
[2009/04/11 19:41:42 | 00,020,040 | ---- | M] () -- C:\Documents and Settings\cs\My Documents\cc_20090411_194138.reg
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 07:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/05 01:04:17 | 00,000,746 | ---- | M] () -- C:\Documents and Settings\cs\Desktop\AMP Font Viewer.lnk
[2009/04/01 22:04:35 | 00,049,152 | ---- | M] () -- C:\Documents and Settings\cs\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/01 08:06:21 | 01,616,236 | -H-- | M] () -- C:\Documents and Settings\cs\Local Settings\Application Data\IconCache.db
[2009/03/28 21:04:52 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2009/03/28 21:04:52 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2009/03/26 23:58:38 | 01,203,922 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/03/26 16:15:16 | 00,000,014 | ---- | M] () -- C:\WINDOWS\System32\tmpPrst.tgz
[2009/03/25 12:22:49 | 00,000,351 | ---- | M] () -- C:\Documents and Settings\cs\Desktop\Shortcut to Marcey.lnk
< End of report >

----------------------------------------------------------------

OTListIt Extras logfile created on: 4/23/2009 10:00:32 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\cs\Desktop\Marcey
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.40 Gb Total Space | 293.31 Gb Free Space | 63.43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHRIS
Current User Name: cs
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Documents and Settings\cs\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 00:23:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/06/18 11:00:21 | 17,762,752 | ---- | M] () -- C:\Program Files\Neokast\Stream Player\NeokastStreamPlayer.exe:*:Enabled:NeokastStreamPlayer.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 00:23:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2007/03/20 16:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server
[2008/02/13 20:48:16 | 28,187,728 | ---- | M] () -- C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3
[2008/06/18 11:00:21 | 17,762,752 | ---- | M] () -- C:\Program Files\Neokast\Stream Player\NeokastStreamPlayer.exe:*:Enabled:NeokastStreamPlayer.exe
[2008/03/14 05:54:02 | 01,332,520 | ---- | M] (Wolfram Research, Inc.) -- C:\Program Files\Wolfram Research\Mathematica Player\6.0\MathematicaPlayer.exe:*:Enabled:Mathematica Player 6
[2008/03/14 05:54:02 | 00,468,264 | ---- | M] (Wolfram Research, Inc.) -- C:\Program Files\Wolfram Research\Mathematica Player\6.0\MathKernel.exe:*:Enabled:Mathematica Player Kernel
[2007/08/03 06:12:08 | 00,274,432 | ---- | M] (Autodesk) -- C:\Program Files\Autodesk\Maya2008\bin\maya.exe:*:Enabled:Maya
[2007/03/20 18:06:52 | 16,087,224 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3
File not found -- C:\Program Files\CoffeeCup Software\FreeFTPFree-4.0.1\FreeFTP.exe:*:Enabled:Free FTP Application
[2006/12/17 04:11:30 | 00,225,280 | ---- | M] (Autodesk) -- C:\Program Files\Autodesk\Maya8.5\bin\maya.exe:*:Enabled:Maya
[2009/03/13 04:35:20 | 03,611,648 | ---- | M] () -- C:\Program Files\Crazybump\CB.exe:*:Enabled:crazybump

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP6700D" = Canon iP6700D
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{448E2D77-E504-4221-B2C2-93646B344729}" = Mouse Suite for Desktop Computers
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
"{6084D038-3401-4C9D-A216-86E6EEA25AFB}" = ZBrush3
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C70ACE2-6EF2-4F8D-8C4A-78198AA979DD}" = Maya 2008 Documentation (en_US)
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}" = D-Link DWA-552 Xtreme N Desktop Adapter
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{949DBB22-2FB7-4de1-804C-23D495A988D8}" = CuteFTP 8 Home
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1E0E88A-F5E9-4414-A0D7-31940E965EC5}" = Maya 8.5
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB0EB7D5-D1C7-41D1-B974-32F6596A7164}" = Mathematica Player
"{BC352445-5DD8-4C4F-909A-21A9E75017B1}" = ZAppLink
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}" = Autodesk DirectConnect 2.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1B11537-EA51-4DD8-BF1E-098BEE48868D}" = VeohTV BETA
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D7960C39-E3FD-4B46-8E97-A1E9D128F913}" = Rhinoceros 4.0 SR3
"{DA864DC0-0BF2-454B-A6A9-08A45EB97D3B}" = Maya 2008
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EA8C73AA-3D75-44C9-87A2-8E945FC5FEE6}" = Trend Micro PC-cillin Internet Security 14
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"2D 3D Blox" = Edmark 2D 3D Blox
"Adobe Acrobat 8 Professional" = Adobe Acrobat 8.1.2 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"AMP Font Viewer" = AMP Font Viewer
"Apophysis 2.0" = Apophysis 2.0
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Camtasia Studio 3" = Camtasia Studio 3
"Canon iP6700D User Registration" = Canon iP6700D User Registration
"CCleaner" = CCleaner (remove only)
"Crazybump" = Crazybump (remove only)
"Creative OEM005" = Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ERUNT_is1" = ERUNT 1.1j
"Flamingo 1.1 for Rhino 4.0" = Flamingo 1.1 for Rhino 4.0
"FLV Player" = FLV Player 2.0 (build 25)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{BB0EB7D5-D1C7-41D1-B974-32F6596A7164}" = Mathematica Player
"InstallShield_{D1B11537-EA51-4DD8-BF1E-098BEE48868D}" = VeohTV BETA
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.8.0 Full
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MCU PDUiP6700DMon.exe" = Canon iP6700D Memory Card Utility
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neokast Stream Player" = Neokast Stream Player Plugin
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"ODEUNST #1" = KrView
"pepakura_designer3en" = Pepakura Designer 3
"Photodex Presenter" = Photodex Presenter
"Prism" = Prism Video Converter
"Process Tamer_is1" = Process Tamer 2.09.01
"Revo Uninstaller" = Revo Uninstaller 1.80
"SearchAssist" = SearchAssist
"SyncBack_is1" = SyncBack
"Tablet Driver" = Tablet
"TmPcc" = Trend Micro PC-cillin Internet Security 14
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"JScreenFix deluxe" = JScreenFix deluxe

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/15/2008 1:29:07 AM | Computer Name = CHRIS | Source = Application Error | ID = 1000
Description = Faulting application modo.exe, version 302.24870.0.0, faulting module
modus3.dll, version 0.0.0.0, fault address 0x0006ee58.

Error - 10/19/2008 3:19:04 AM | Computer Name = CHRIS | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
ntdll.dll, version 5.1.2600.5512, fault address 0x00010193.

Error - 10/26/2008 2:06:25 AM | Computer Name = CHRIS | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
npswf32.dll, version 9.0.124.0, fault address 0x001afb00.

Error - 11/10/2008 11:19:55 PM | Computer Name = CHRIS | Source = Application Hang | ID = 1002
Description = Hanging application Photoshop.exe, version 10.0.1.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/30/2008 12:49:11 AM | Computer Name = CHRIS | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
npswf32.dll, version 10.0.12.36, fault address 0x0003e924.

Error - 12/2/2008 4:20:18 PM | Computer Name = CHRIS | Source = Application Hang | ID = 1002
Description = Hanging application chrome.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/2/2008 4:20:22 PM | Computer Name = CHRIS | Source = Application Hang | ID = 1001
Description = Fault bucket 35273598.

Error - 12/6/2008 12:06:24 AM | Computer Name = CHRIS | Source = Application Hang | ID = 1002
Description = Hanging application chrome.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/16/2008 10:49:02 PM | Computer Name = CHRIS | Source = Application Error | ID = 1000
Description = Faulting application unfold3dmagic.exe, version 0.0.0.0, faulting
module unfold3dmagic.exe, version 0.0.0.0, fault address 0x000c9a90.

Error - 12/18/2008 7:40:34 AM | Computer Name = CHRIS | Source = Application Hang | ID = 1002
Description = Hanging application maya.exe, version 2007.8.2.2245, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 4/18/2009 7:33:51 PM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058

Error - 4/19/2009 12:57:01 AM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058

Error - 4/19/2009 12:33:07 PM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058

Error - 4/19/2009 6:09:06 PM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058

Error - 4/19/2009 6:27:09 PM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058

Error - 4/20/2009 10:56:08 AM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058

Error - 4/21/2009 11:00:49 AM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058

Error - 4/22/2009 12:56:31 AM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058

Error - 4/22/2009 11:16:01 AM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058

Error - 4/23/2009 11:03:41 AM | Computer Name = CHRIS | Source = Service Control Manager | ID = 7000
Description = The wsimd Service service failed to start due to the following error:
%%1058


< End of report >
--------------------------------------------------------------------------

Microsoft Windows XP Professional (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:473501 Mo/Free:1340 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

Thu 04/23/2009|10:06

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
---------- C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
---------- C:\WINDOWS\system32\Tablet.exe
---------- C:\WINDOWS\system32\WTablet\TabUserW.exe
---------- C:\WINDOWS\system32\Tablet.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Documents and Settings\cs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
---------- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
---------- C:\WINDOWS\notepad.exe
---------- C:\WINDOWS\notepad.exe
---------- C:\Documents and Settings\cs\Desktop\virus_cleaning\Rooter.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Thu 04/23/2009| 9:55
2 - "C:\Rooter$\Rooter_2.txt" - Thu 04/23/2009|10:06

----------------------\\ Scan completed at 10:06
  • 0

Advertisements

#2
hayjinee
Posted 23 April 2009 - 12:57 PM

hayjinee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
I read and followed the malware removal guide. I already set a restore point. I actually got rid of hijackthis and installed all the software the guide suggested.

Attached Thumbnails

  • cpu_usage.jpg

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP