Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google Redirects and sometimes BLUE SCREEN ERROR!

Started by klawitter , Apr 28 2009 08:23 AM

  • Please log in to reply

#1
klawitter
Posted 28 April 2009 - 08:23 AM

klawitter

    New Member

  • Member
  • Pip
  • 2 posts
For the past few days, I've had some sort of hijack. I'll do a google search, then when I click on a result, it redirects me to some sort of best search or something like that. However, the past few days, while online, it sent me to a big blue screen saying there was an error and I had to shut my computer down.

The blue screen says DRIVER_IRQL_NOT_LESS_OR_EQUAL and technical info STOP: 0X000000D1 (0XE1BE1000, 0X00000002, 0X00000000, 0XEFFA1CF1)

I tried doing a system restore, but nothing happens when I click "next" in system restore on any checkpoint, I think it's blocking that somehow.

Then, last night, the computer gave me the blue screen every time I cut it on. I f8ed and started it with the last known good configuration and have been on today with no problems, other than the google redirects. I ran SUPERantispyware and MalwareBytes AntiMalware, it found 12 trojans. Restarted, still getting the google redirects. I did the GooredFix, FixIEDef, CCleaner, ATF-Cleaner. I have SpywareGuard and SpywareBlaster on now, and my McAfee. I just downloaded the SpywareGuard today.

I believe it has something to do with seocash.us because I keep seeing that.

This is my Goored log.

GooredFix v1.92 by jpshortstuff
Log created at 09:53 on 28/04/2009 running Option #2 (Klawitter)
Firefox version 3.0.9 (en-US)

=====Goored Deletions=====

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.9\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.9\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files\McAfee\SiteAdvisor"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"[email protected]"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff"


This is my OTListIt2 logs

OTListIt logfile created on: 4/28/2009 10:18:34 AM - Run 3
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Klawitter\Desktop\Spyware, Adware, Virus Programs
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 67.61 Mb Available Physical Memory | 13.26% Memory free
864.25 Mb Paging File | 343.19 Mb Available in Paging File | 39.71% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 91.02 Gb Free Space | 81.43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHERI-64KAHURO0
Current User Name: Klawitter
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 60 Days
Company Name Whitelist: On

========== Processes (All) ==========

PRC - [2008/04/13 20:12:36 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smss.exe
PRC - [2008/04/13 20:12:15 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008/04/13 20:12:39 | 00,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2009/02/06 07:11:05 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008/04/13 20:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
PRC - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
PRC - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2001/10/09 11:29:27 | 00,300,544 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE
PRC - [2001/10/09 11:26:48 | 00,169,984 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXPPS.EXE
PRC - [2008/04/13 20:12:36 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2009/02/11 17:46:34 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
PRC - [2009/04/27 16:47:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/02/11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2008/01/09 16:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2008/01/25 02:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2007/08/15 13:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/07/24 13:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/07/18 13:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe
PRC - [2007/08/09 03:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
PRC - [2007/11/01 19:12:38 | 00,582,992 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2008/04/13 20:12:12 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe
PRC - [2003/08/06 01:04:00 | 00,114,741 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfswctrl.exe
PRC - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
PRC - [2009/04/27 16:47:03 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2005/07/08 22:15:05 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2004/06/04 12:38:12 | 00,286,720 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2004/06/04 12:37:56 | 00,401,408 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/03/27 13:48:15 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2008/04/13 20:12:16 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008/10/01 12:46:18 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/04/06 10:19:20 | 00,146,944 | ---- | M] (FileHippo.com) -- C:\Program Files\filehippo.com\UpdateChecker.exe
PRC - [2004/09/24 13:32:48 | 00,118,784 | ---- | M] (Nikon Corporation) -- C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
PRC - [2009/01/14 12:00:00 | 00,525,664 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2003/08/29 19:05:35 | 00,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 00,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
PRC - [2004/11/04 19:36:46 | 00,425,984 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
PRC - [2007/12/05 11:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/04/22 09:50:11 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - File not found -- \?\globalroot\C:\WINDOWS\system32\rundll32.exe
PRC - [2009/04/28 10:06:23 | 00,119,808 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Klawitter\Desktop\VundoFix.exe
PRC - [2007/12/06 15:10:26 | 00,419,152 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcupdate.exe
PRC - [2009/04/28 08:12:42 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klawitter\Desktop\Spyware, Adware, Virus Programs\OTListIt2.exe

========== Win32 Services (All) ==========

SRV - [2008/04/13 20:11:49 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter [Disabled | Stopped])
SRV - [2008/04/13 20:12:12 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe -- (ALG [On_Demand | Running])
SRV - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (AppMgmt [Disabled | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/13 20:11:50 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\audiosrv.dll -- (AudioSrv [Auto | Running])
SRV - [2008/04/13 20:12:03 | 00,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll -- (BITS [On_Demand | Running])
SRV - [2008/04/13 20:11:50 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browser.dll -- (Browser [Auto | Running])
SRV - [2008/04/13 20:12:14 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc [On_Demand | Stopped])
SRV - [2008/04/13 20:12:14 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/04/13 20:12:17 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp [On_Demand | Stopped])
SRV - [2008/04/13 20:11:51 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptsvc.dll -- (CryptSvc [Auto | Running])
SRV - [2009/02/09 08:10:48 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch [Auto | Running])
SRV - [2008/04/13 20:11:51 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpcsvc.dll -- (Dhcp [Auto | Running])
SRV - [2008/04/13 20:12:17 | 00,224,768 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin [On_Demand | Stopped])
SRV - [2008/04/13 20:11:52 | 00,023,552 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmserver.dll -- (dmserver [On_Demand | Stopped])
SRV - [2008/04/13 20:11:52 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dnsrslvr.dll -- (Dnscache [Auto | Running])
SRV - [2008/04/13 20:11:52 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll -- (Dot3svc [On_Demand | Stopped])
SRV - [2008/04/13 20:11:52 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll -- (EapHost [On_Demand | Stopped])
SRV - [2008/04/13 20:11:53 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ersvc.dll -- (ERSvc [Auto | Running])
SRV - [2009/02/06 07:11:05 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe -- (Eventlog [Auto | Running])
SRV - [2008/07/07 16:26:58 | 00,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\es.dll -- (EventSystem [On_Demand | Running])
SRV - [2008/04/13 20:12:05 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shsvcs.dll -- (FastUserSwitchingCompatibility [On_Demand | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - File not found -- -- (getPlus® Helper [On_Demand | Stopped])
SRV - [2009/02/11 17:46:34 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c96a9ed60a749a [Auto | Stopped])
SRV - [2009/03/24 22:29:13 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/04/13 20:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe -- (HidServ [Disabled | Stopped])
SRV - [2008/04/13 20:11:56 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll -- (hkmsvc [On_Demand | Stopped])
SRV - [2008/04/13 20:12:08 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ssl.dll -- (HTTPFilter [On_Demand | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/04/13 20:12:22 | 00,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imapi.exe -- (ImapiService [On_Demand | Stopped])
SRV - [2004/06/04 12:37:56 | 00,401,408 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService [On_Demand | Running])
SRV - [2009/04/27 16:47:03 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008/04/13 20:12:07 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\srvsvc.dll -- (lanmanserver [Auto | Running])
SRV - [2008/04/13 20:12:09 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wkssvc.dll -- (lanmanworkstation [Auto | Running])
SRV - [2001/10/09 11:29:27 | 00,300,544 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS [Auto | Running])
SRV - [2008/04/13 20:11:56 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lmhsvc.dll -- (LmHosts [Auto | Running])
SRV - [2009/02/11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service [Auto | Running])
SRV - [2008/01/09 16:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
SRV - [2008/01/25 02:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
SRV - [2007/11/07 10:35:40 | 00,378,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
SRV - [2007/08/15 13:36:04 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
SRV - [2007/07/24 13:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
SRV - [2007/12/05 11:04:10 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
SRV - [2008/04/13 20:11:59 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msgsvc.dll -- (Messenger [Disabled | Stopped])
SRV - [2008/04/13 20:12:25 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe -- (mnmsrvc [On_Demand | Stopped])
SRV - [2007/07/18 13:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService [Auto | Running])
SRV - [2008/04/13 20:12:27 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe -- (MSDTC [On_Demand | Stopped])
SRV - [2008/04/13 20:12:28 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe -- (MSIServer [On_Demand | Stopped])
SRV - [2008/04/13 20:12:03 | 00,291,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll -- (napagent [On_Demand | Stopped])
SRV - [2008/04/13 20:12:29 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netdde.exe -- (NetDDE [Disabled | Stopped])
SRV - [2008/04/13 20:12:29 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm [Disabled | Stopped])
SRV - [2008/04/13 20:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (Netlogon [On_Demand | Stopped])
SRV - [2008/04/13 20:12:01 | 00,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netman.dll -- (Netman [On_Demand | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/06/20 13:46:57 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswsock.dll -- (Nla [On_Demand | Running])
SRV - File not found -- -- (NMSAccessU [Auto | Stopped])
SRV - [2008/04/13 20:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsass.exe -- (NtLmSsp [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,435,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc [On_Demand | Stopped])
SRV - [2009/02/06 07:11:05 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe -- (PlugPlay [Auto | Running])
SRV - [2007/08/09 03:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2008/04/13 20:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent [Auto | Running])
SRV - [2008/04/13 20:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage [Auto | Running])
SRV - [2008/04/13 20:12:03 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasauto.dll -- (RasAuto [On_Demand | Stopped])
SRV - [2008/04/13 20:12:03 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasmans.dll -- (RasMan [On_Demand | Running])
SRV - [2008/04/13 20:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr [On_Demand | Stopped])
SRV - [2008/04/13 20:11:57 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mprdim.dll -- (RemoteAccess [Disabled | Stopped])
SRV - [2008/04/13 20:12:24 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\locator.exe -- (RpcLocator [On_Demand | Stopped])
SRV - [2009/02/09 08:10:48 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rpcss.dll -- (RpcSs [Auto | Running])
SRV - [2003/07/16 16:43:30 | 00,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvp.exe -- (RSVP [On_Demand | Stopped])
SRV - [2008/04/13 20:12:24 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (SamSs [Auto | Running])
SRV - [2008/04/13 20:12:33 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SCardSvr.exe -- (SCardSvr [On_Demand | Stopped])
SRV - [2008/04/13 20:12:05 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule [Auto | Running])
SRV - [2008/04/13 20:12:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\seclogon.dll -- (seclogon [Auto | Running])
SRV - [2008/04/13 20:12:05 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll -- (SENS [Auto | Running])
SRV - [2008/04/13 20:11:55 | 00,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipnathlp.dll -- (SharedAccess [Auto | Running])
SRV - [2008/04/13 20:12:05 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shsvcs.dll -- (ShellHWDetection [Auto | Running])
SRV - [2008/04/13 20:12:36 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler [Auto | Running])
SRV - [2008/04/13 20:12:07 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll -- (srservice [Auto | Running])
SRV - [2008/04/13 20:12:07 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssdpsrv.dll -- (SSDPSRV [On_Demand | Running])
SRV - [2008/04/13 20:12:08 | 00,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc [Auto | Running])
SRV - [2008/04/13 20:12:17 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv [On_Demand | Stopped])
SRV - [2008/04/13 20:12:35 | 00,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog [On_Demand | Stopped])
SRV - [2008/04/13 20:12:07 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tapisrv.dll -- (TapiSrv [On_Demand | Running])
SRV - [2008/04/13 20:12:07 | 00,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll -- (TermService [On_Demand | Running])
SRV - [2008/04/13 20:12:05 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shsvcs.dll -- (Themes [Auto | Running])
SRV - [2008/04/13 20:12:07 | 00,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks [Auto | Running])
SRV - [2008/04/13 20:12:08 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnphost.dll -- (upnphost [On_Demand | Stopped])
SRV - [2008/04/13 20:12:38 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ups.exe -- (UPS [On_Demand | Stopped])
SRV - [2008/04/13 20:12:38 | 00,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssvc.exe -- (VSS [On_Demand | Stopped])
SRV - [2008/04/13 20:12:08 | 00,175,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll -- (W32Time [Auto | Running])
SRV - [2008/04/13 20:12:08 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\webclnt.dll -- (WebClient [Auto | Running])
SRV - [2008/04/13 20:12:09 | 00,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\WMIsvc.dll -- (winmgmt [Auto | Running])
SRV - [2006/10/18 21:47:16 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSNSv.dll -- (WmdmPmSN [On_Demand | Stopped])
SRV - [2008/04/13 20:12:40 | 00,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiapsrv.exe -- (WmiApSrv [On_Demand | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2008/04/13 20:12:10 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc [Auto | Running])
SRV - [2008/04/13 20:12:11 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv [Auto | Running])
SRV - [2006/09/28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WUDFSvc.dll -- (WudfSvc [On_Demand | Stopped])
SRV - [2008/04/13 20:12:11 | 00,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsvc.dll -- (WZCSVC [Auto | Running])
SRV - [2008/04/13 20:12:11 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprov.dll -- (xmlprov [On_Demand | Stopped])

========== Driver Services (All) ==========

DRV - File not found -- -- (Abiosdsk [Disabled | Stopped])
DRV - File not found -- -- (abp480n5 [Disabled | Stopped])
DRV - [2008/04/13 14:36:35 | 00,187,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\ACPI.sys -- (ACPI [Boot | Running])
DRV - [2003/07/16 16:23:47 | 00,011,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC [Disabled | Stopped])
DRV - File not found -- -- (adpu160m [Disabled | Stopped])
DRV - [2002/04/01 13:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running])
DRV - [2008/04/13 12:39:23 | 00,142,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aec.sys -- (aec [On_Demand | Stopped])
DRV - [2008/08/14 06:04:36 | 00,138,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD [System | Running])
DRV - File not found -- -- (Aha154x [Disabled | Stopped])
DRV - File not found -- -- (aic78u2 [Disabled | Stopped])
DRV - File not found -- -- (aic78xx [Disabled | Stopped])
DRV - File not found -- -- (AliIde [Disabled | Stopped])
DRV - File not found -- -- (amsint [Disabled | Stopped])
DRV - File not found -- -- (asc [Disabled | Stopped])
DRV - File not found -- -- (asc3350p [Disabled | Stopped])
DRV - File not found -- -- (asc3550 [Disabled | Stopped])
DRV - [2008/04/13 14:57:27 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\asyncmac.sys -- (AsyncMac [On_Demand | Stopped])
DRV - [2008/04/13 14:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi [Boot | Running])
DRV - File not found -- -- (Atdisk [Disabled | Stopped])
DRV - [2008/04/13 14:51:25 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\atmarpc.sys -- (Atmarpc [On_Demand | Stopped])
DRV - [2001/08/17 09:59:44 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\audstub.sys -- (audstub [On_Demand | Running])
DRV - [2004/12/22 01:32:12 | 00,369,024 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX [On_Demand | Stopped])
DRV - [2003/06/30 18:11:52 | 00,043,136 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
DRV - [2003/07/16 16:24:45 | 00,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep [System | Running])
DRV - File not found -- -- (BVRPMPR5 [On_Demand | Stopped])
DRV - [2003/08/28 19:58:40 | 00,004,272 | R--- | M] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci [On_Demand | Stopped])
DRV - [2003/07/16 16:25:07 | 00,013,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k [Disabled | Stopped])
DRV - [2008/04/13 14:46:23 | 00,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\CCDECODE.sys -- (CCDECODE [On_Demand | Stopped])
DRV - File not found -- -- (cd20xrnt [Disabled | Stopped])
DRV - [2003/07/16 16:27:31 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio [System | Stopped])
DRV - [2008/04/13 15:14:21 | 00,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs [Disabled | Running])
DRV - [2008/04/13 14:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\cdrom.sys -- (Cdrom [System | Running])
DRV - File not found -- -- (Changer [System | Stopped])
DRV - File not found -- -- (CmdIde [Disabled | Stopped])
DRV - File not found -- -- (Cpqarray [Disabled | Stopped])
DRV - File not found -- -- (dac960nt [Disabled | Stopped])
DRV - [2008/04/13 14:40:47 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\disk.sys -- (Disk [Boot | Running])
DRV - [2008/04/13 14:44:48 | 00,799,744 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\drivers\dmboot.sys -- (dmboot [Disabled | Stopped])
DRV - [2008/04/13 14:44:46 | 00,153,344 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio [Disabled | Stopped])
DRV - [2003/07/16 16:27:04 | 00,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload [Disabled | Stopped])
DRV - [2008/04/13 14:45:01 | 00,052,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic [On_Demand | Stopped])
DRV - File not found -- -- (dpti2o [Disabled | Stopped])
DRV - [2008/04/13 14:45:13 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud [On_Demand | Stopped])
DRV - [2003/07/31 03:21:00 | 00,084,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [Boot | Running])
DRV - [2003/06/20 02:56:00 | 00,040,448 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])
DRV - [2008/04/13 15:14:29 | 00,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat [Disabled | Stopped])
DRV - [2008/04/13 14:40:25 | 00,027,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\fdc.sys -- (Fdc [On_Demand | Running])
DRV - [2008/04/13 14:33:28 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips [System | Running])
DRV - [2008/04/13 14:40:25 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\flpydisk.sys -- (Flpydisk [On_Demand | Running])
DRV - [2008/04/13 14:32:59 | 00,129,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr [Boot | Running])
DRV - [2003/07/16 16:28:36 | 00,125,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\ftdisk.sys -- (Ftdisk [Boot | Running])
DRV - [2004/04/05 17:42:36 | 00,013,872 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/04/13 14:56:32 | 00,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\msgpc.sys -- (Gpc [On_Demand | Running])
DRV - [2008/04/13 15:45:28 | 00,010,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\hidusb.sys -- (HidUsb [On_Demand | Stopped])
DRV - File not found -- -- (hpn [Disabled | Stopped])
DRV - [2004/12/14 12:07:44 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2004/12/14 12:07:44 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2004/12/14 12:07:44 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2003/11/17 15:59:20 | 00,212,224 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2 [On_Demand | Stopped])
DRV - [2003/11/17 15:56:26 | 01,042,432 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys -- (HSF_DP [On_Demand | Stopped])
DRV - [2008/04/13 14:53:53 | 00,264,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\HTTP.sys -- (HTTP [On_Demand | Running])
DRV - File not found -- -- (i2omgmt [System | Stopped])
DRV - File not found -- -- (i2omp [Disabled | Stopped])
DRV - [2008/04/13 15:18:00 | 00,052,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\i8042prt.sys -- (i8042prt [System | Running])
DRV - [2005/10/19 08:59:12 | 00,807,998 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2008/04/13 14:40:58 | 00,042,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\imapi.sys -- (Imapi [System | Running])
DRV - File not found -- -- (ini910u [Disabled | Stopped])
DRV - [2008/04/13 14:40:29 | 00,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\intelide.sys -- (IntelIde [Boot | Stopped])
DRV - [2008/04/13 14:31:32 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\intelppm.sys -- (intelppm [System | Running])
DRV - [2008/04/13 14:53:34 | 00,036,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (ip6fw [On_Demand | Stopped])
DRV - [2003/07/16 16:30:32 | 00,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys -- (IpFilterDriver [On_Demand | Running])
DRV - [2008/04/13 14:57:07 | 00,020,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand | Stopped])
DRV - [2008/04/13 14:57:15 | 00,152,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\ipnat.sys -- (IpNat [On_Demand | Running])
DRV - [2008/04/13 15:19:42 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\ipsec.sys -- (IPSec [System | Running])
DRV - [2008/04/13 14:54:28 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\irenum.sys -- (IRENUM [On_Demand | Stopped])
DRV - [2008/04/13 14:36:41 | 00,037,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\isapnp.sys -- (isapnp [Boot | Running])
DRV - [2008/04/13 14:39:47 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\kbdclass.sys -- (Kbdclass [System | Running])
DRV - [2008/04/13 15:39:48 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\kbdhid.sys -- (kbdhid [System | Stopped])
DRV - [2008/04/13 14:45:09 | 00,172,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer [On_Demand | Running])
DRV - [2008/04/13 14:31:43 | 00,092,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD [Boot | Running])
DRV - File not found -- -- (Lbd [Boot | Stopped])
DRV - File not found -- -- (lbrtfdc [System | Stopped])
DRV - [2003/04/09 13:48:08 | 00,011,043 | ---- | M] (Conexant) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/06/27 06:08:40 | 00,079,240 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
DRV - [2008/06/27 06:08:40 | 00,035,240 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
DRV - [2008/06/27 06:08:40 | 00,207,656 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk [System | Running])
DRV - [2008/06/20 05:41:38 | 00,034,152 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
DRV - [2008/06/27 06:08:40 | 00,040,488 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
DRV - [2003/07/16 16:33:57 | 00,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd [System | Running])
DRV - [2008/04/13 15:00:19 | 00,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem [On_Demand | Stopped])
DRV - [2001/08/17 13:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Stopped])
DRV - [2008/04/13 14:39:47 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\mouclass.sys -- (Mouclass [System | Running])
DRV - [2001/08/17 14:48:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\mouhid.sys -- (mouhid [On_Demand | Stopped])
DRV - [2008/04/13 14:39:46 | 00,042,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr [Boot | Running])
DRV - [2007/07/13 07:20:24 | 00,113,952 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\Drivers\Mpfp.sys -- (MPFP [System | Running])
DRV - File not found -- -- (mraid35x [Disabled | Stopped])
DRV - [2008/04/13 14:32:44 | 00,180,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\mrxdav.sys -- (MRxDAV [On_Demand | Running])
DRV - [2008/10/24 07:21:09 | 00,455,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\mrxsmb.sys -- (MRxSmb [System | Running])
DRV - [2008/04/13 14:32:39 | 00,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs [System | Running])
DRV - [2008/04/13 14:39:52 | 00,007,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV [On_Demand | Stopped])
DRV - [2008/04/13 14:39:50 | 00,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK [On_Demand | Stopped])
DRV - [2008/04/13 14:39:51 | 00,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM [On_Demand | Stopped])
DRV - [2008/04/13 14:36:46 | 00,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\mssmbios.sys -- (mssmbios [On_Demand | Running])
DRV - [2008/04/13 14:39:50 | 00,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE [On_Demand | Stopped])
DRV - [2008/04/13 15:17:05 | 00,105,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup [Boot | Running])
DRV - [2008/04/13 14:46:25 | 00,085,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys -- (NABTSFEC [On_Demand | Stopped])
DRV - [2008/04/13 15:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS [Boot | Running])
DRV - [2008/04/13 14:46:22 | 00,010,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\NdisIP.sys -- (NdisIP [On_Demand | Stopped])
DRV - [2008/04/13 14:57:27 | 00,010,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\ndistapi.sys -- (NdisTapi [On_Demand | Running])
DRV - [2008/04/13 14:55:58 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\ndisuio.sys -- (Ndisuio [On_Demand | Running])
DRV - [2008/04/13 15:20:42 | 00,091,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\ndiswan.sys -- (NdisWan [On_Demand | Running])
DRV - [2008/04/13 14:57:29 | 00,040,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy [On_Demand | Running])
DRV - [2008/04/13 14:56:02 | 00,034,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\netbios.sys -- (NetBIOS [System | Running])
DRV - [2008/04/13 15:21:00 | 00,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\netbt.sys -- (NetBT [System | Running])
DRV - [2008/04/13 14:32:39 | 00,030,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs [System | Running])
DRV - [2008/04/13 15:15:53 | 00,574,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs [Disabled | Running])
DRV - [2003/07/16 16:40:01 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\null.sys -- (Null [System | Running])
DRV - [2003/07/16 16:40:07 | 00,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand | Stopped])
DRV - [2003/07/16 16:40:07 | 00,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand | Stopped])
DRV - [2001/08/22 08:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI [System | Running])
DRV - [2008/04/13 14:40:10 | 00,080,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\parport.sys -- (Parport [On_Demand | Running])
DRV - [2008/04/13 14:40:49 | 00,019,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr [Boot | Running])
DRV - [2003/07/16 16:41:02 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm [Auto | Running])
DRV - [2008/04/13 14:36:44 | 00,068,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\pci.sys -- (PCI [Boot | Running])
DRV - File not found -- -- (PCIDump [System | Stopped])
DRV - [2001/08/17 13:51:52 | 00,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\pciide.sys -- (PCIIde [Boot | Running])
DRV - [2008/04/13 14:36:43 | 00,120,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia [Disabled | Stopped])
DRV - File not found -- -- (PDCOMP [On_Demand | Stopped])
DRV - File not found -- -- (PDFRAME [On_Demand | Stopped])
DRV - File not found -- -- (PDRELI [On_Demand | Stopped])
DRV - File not found -- -- (PDRFRAME [On_Demand | Stopped])
DRV - File not found -- -- (perc2 [Disabled | Stopped])
DRV - File not found -- -- (perc2hib [Disabled | Stopped])
DRV - [2003/09/19 15:47:24 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
DRV - [2008/04/13 15:19:48 | 00,048,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\raspptp.sys -- (PptpMiniport [On_Demand | Running])
DRV - [2008/04/13 14:31:30 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\processr.sys -- (Processor [System | Stopped])
DRV - [2008/04/13 14:56:38 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\psched.sys -- (PSched [On_Demand | Running])
DRV - [2003/07/16 16:42:18 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2003/07/30 02:02:00 | 00,017,168 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\DRIVERS\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - File not found -- -- (ql1080 [Disabled | Stopped])
DRV - File not found -- -- (Ql10wnt [Disabled | Stopped])
DRV - File not found -- -- (ql12160 [Disabled | Stopped])
DRV - File not found -- -- (ql1240 [Disabled | Stopped])
DRV - File not found -- -- (ql1280 [Disabled | Stopped])
DRV - [2003/07/16 16:42:37 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\rasacd.sys -- (RasAcd [System | Running])
DRV - [2008/04/13 15:19:43 | 00,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\rasl2tp.sys -- (Rasl2tp [On_Demand | Running])
DRV - [2008/04/13 14:57:32 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\raspppoe.sys -- (RasPppoe [On_Demand | Running])
DRV - [2003/07/16 16:42:45 | 00,016,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\raspti.sys -- (Raspti [On_Demand | Running])
DRV - [2008/04/13 15:28:39 | 00,175,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\rdbss.sys -- (Rdbss [System | Running])
DRV - [2003/07/16 16:42:52 | 00,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\RDPCDD.sys -- (RDPCDD [System | Running])
DRV - [2008/04/13 20:13:22 | 00,139,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD [On_Demand | Stopped])
DRV - [2008/04/13 14:40:27 | 00,057,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\redbook.sys -- (redbook [System | Running])
DRV - [2009/03/27 13:48:15 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/02/17 11:43:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2009/02/17 11:43:28 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2008/04/13 12:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 14:40:12 | 00,015,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\serenum.sys -- (serenum [On_Demand | Running])
DRV - [2008/04/13 15:15:45 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\serial.sys -- (Serial [System | Running])
DRV - [2008/04/13 14:40:48 | 00,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy [System | Stopped])
DRV - File not found -- -- (Simbad [Disabled | Stopped])
DRV - [2008/04/13 14:46:23 | 00,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\SLIP.sys -- (SLIP [On_Demand | Stopped])
DRV - [2003/02/28 09:17:18 | 00,545,024 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
DRV - File not found -- -- (Sparrow [Disabled | Stopped])
DRV - [2008/04/13 14:45:07 | 00,006,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter [On_Demand | Stopped])
DRV - [2008/04/13 14:36:52 | 00,073,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\sr.sys -- (sr [Boot | Running])
DRV - [2008/12/11 06:57:09 | 00,333,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\srv.sys -- (Srv [On_Demand | Running])
DRV - [2003/07/14 11:28:40 | 00,005,621 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5 [System | Running])
DRV - [2003/07/14 11:28:22 | 00,023,219 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln [System | Running])
DRV - [2008/04/13 14:46:21 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\StreamIP.sys -- (streamip [On_Demand | Stopped])
DRV - [2008/04/13 14:39:53 | 00,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\swenum.sys -- (swenum [On_Demand | Running])
DRV - [2008/04/13 14:45:09 | 00,056,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi [On_Demand | Stopped])
DRV - File not found -- -- (symc810 [Disabled | Stopped])
DRV - File not found -- -- (symc8xx [Disabled | Stopped])
DRV - File not found -- -- (sym_hi [Disabled | Stopped])
DRV - File not found -- -- (sym_u3 [Disabled | Stopped])
DRV - [2008/04/13 15:15:55 | 00,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio [On_Demand | Running])
DRV - [2008/06/20 07:51:12 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\tcpip.sys -- (Tcpip [System | Running])
DRV - [2008/04/13 20:13:20 | 00,012,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE [On_Demand | Stopped])
DRV - [2008/04/13 20:13:21 | 00,021,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP [On_Demand | Stopped])
DRV - [2008/04/13 20:13:20 | 00,040,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\termdd.sys -- (TermDD [System | Running])
DRV - [2003/08/06 01:04:00 | 00,025,685 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
DRV - [2003/08/06 01:04:00 | 00,034,837 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
DRV - [2003/08/06 01:04:00 | 00,004,117 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
DRV - [2003/08/06 01:04:00 | 00,002,233 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
DRV - [2003/08/06 01:04:00 | 00,083,284 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
DRV - [2003/08/06 01:04:00 | 00,014,229 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
DRV - [2003/08/06 01:04:00 | 00,006,357 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
DRV - [2003/08/06 01:04:00 | 00,098,068 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
DRV - [2003/08/06 01:04:00 | 00,100,373 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
DRV - File not found -- -- (TosIde [Disabled | Stopped])
DRV - [2008/04/13 14:32:36 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs [Disabled | Stopped])
DRV - File not found -- -- (ultra [Disabled | Stopped])
DRV - [2008/04/13 14:39:46 | 00,384,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\update.sys -- (Update [On_Demand | Running])
DRV - [2008/04/13 14:45:39 | 00,032,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbccgp.sys -- (usbccgp [On_Demand | Stopped])
DRV - [2008/04/13 14:45:35 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usbehci.sys -- (usbehci [On_Demand | Running])
DRV - [2008/04/13 14:45:37 | 00,059,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usbhub.sys -- (usbhub [On_Demand | Running])
DRV - [2008/04/13 14:47:37 | 00,025,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbprint.sys -- (usbprint [On_Demand | Running])
DRV - [2008/04/13 14:45:34 | 00,015,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbscan.sys -- (usbscan [On_Demand | Stopped])
DRV - [2008/04/13 14:45:38 | 00,026,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS -- (USBSTOR [On_Demand | Stopped])
DRV - [2008/04/13 14:45:35 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usbuhci.sys -- (usbuhci [On_Demand | Running])
DRV - [2008/04/13 14:56:49 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usb8023.sys -- (USB_RNDIS [On_Demand | Stopped])
DRV - [2008/04/13 14:44:40 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave [System | Running])
DRV - File not found -- -- (ViaIde [Disabled | Stopped])
DRV - [2008/04/13 14:41:01 | 00,052,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap [Boot | Running])
DRV - [2008/04/13 14:57:21 | 00,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wanarp.sys -- (Wanarp [On_Demand | Running])
DRV - File not found -- -- (WDICA [On_Demand | Stopped])
DRV - [2008/04/13 15:17:18 | 00,083,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud [On_Demand | Running])
DRV - [2003/11/17 15:58:02 | 00,680,704 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Stopped])
DRV - [2005/04/12 20:21:28 | 00,010,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum [On_Demand | Running])
DRV - [2005/04/12 20:21:32 | 00,022,240 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter [On_Demand | Stopped])
DRV - [2005/04/12 20:21:28 | 00,005,600 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid [On_Demand | Stopped])
DRV - [2005/04/12 20:21:26 | 00,045,504 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore [On_Demand | Running])
DRV - [2008/04/13 14:46:24 | 00,019,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS -- (WSTCODEC [On_Demand | Stopped])
DRV - [2006/09/28 18:55:50 | 00,077,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf [On_Demand | Stopped])
DRV - [2006/09/28 19:00:34 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\wudfrd.sys -- (WudfRd [On_Demand | Stopped])
DRV - [2000/10/31 18:39:46 | 00,503,768 | ---- | M] (Xirlink, Inc) -- C:\WINDOWS\system32\DRIVERS\C-itnt.sys -- (XIRLINK [On_Demand | Running])
DRV - [2003/10/08 10:12:24 | 00,120,830 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Stopped])
DRV - [2003/10/08 10:12:16 | 00,098,842 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped])

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKU\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKU\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1844237615-113007714-682003330-1007\S-1-5-21-1844237615-113007714-682003330-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1844237615-113007714-682003330-1007\S-1-5-21-1844237615-113007714-682003330-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrows...x?s=DEF&v=4&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com"
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:5.0.20090122Wb2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.5.1116
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.9
FF - prefs.js..google.toolbar.linkdoctor.backup.keyword.URL: "http://www.fastbrows...72FBDD45EC}&q="
FF - prefs.js..google.toolbar.linkdoctor.backup.keyword.enabled: true
FF - prefs.js..keyword.URL: "about:neterror?e=query&u="


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/27 16:47:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2009/04/28 08:41:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/27 17:08:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/28 09:47:12 | 00,000,000 | ---D | M]

[2008/10/01 10:23:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\mozilla\Extensions
[2008/10/01 10:23:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/28 09:58:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\mozilla\Firefox\Profiles\pr239s0p.default\extensions
[2009/02/12 16:28:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\mozilla\Firefox\Profiles\pr239s0p.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/04/13 19:16:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\mozilla\Firefox\Profiles\pr239s0p.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2009/03/15 19:32:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\mozilla\Firefox\Profiles\pr239s0p.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/28 09:58:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\mozilla\Firefox\Profiles\pr239s0p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/04/28 08:45:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\mozilla\Firefox\Profiles\pr239s0p.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2008/12/28 01:03:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\mozilla\Firefox\Profiles\pr239s0p.default\extensions\[email protected]
[2009/01/15 21:44:04 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\Klawitter\Application Data\Mozilla\FireFox\Profiles\pr239s0p.default\searchplugins\ask.xml
[2009/04/28 09:58:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/22 09:50:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/27 16:47:46 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/22 09:50:11 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/22 09:50:11 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/01/19 19:28:04 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/01/19 19:28:04 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/01/19 19:28:04 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/01/19 19:28:04 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/12 17:16:28 | 00,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2009/04/12 17:16:28 | 00,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml
[2009/01/19 19:28:04 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/01/19 19:28:04 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/01/19 19:28:04 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [autochk] rundll32.exe C:\WINDOWS\system32\autochk.dll,_IWMPEvents@16 ( )
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe (McAfee)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Computer, Inc.)
O4 - HKLM..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r (Sonic Solutions)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKU\.DEFAULT..\Run: [autochk] rundll32.exe C:\WINDOWS\system32\config\SYSTEM~1\protect.dll,_IWMPEvents@16 ( )
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-18..\Run: [autochk] rundll32.exe C:\WINDOWS\system32\config\SYSTEM~1\protect.dll,_IWMPEvents@16 ( )
O4 - HKU\S-1-5-18..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-21-1844237615-113007714-682003330-1007..\Run: [autochk] rundll32.exe C:\DOCUME~1\KLAWIT~1\protect.dll,_IWMPEvents@16 ( )
O4 - HKU\S-1-5-21-1844237615-113007714-682003330-1007..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1844237615-113007714-682003330-1007..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background (FileHippo.com)
O4 - HKU\S-1-5-21-1844237615-113007714-682003330-1007..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1844237615-113007714-682003330-1007..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe (Nikon Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Documents and Settings\Klawitter\Start Menu\Programs\Startup\ChkDisk.dll ( )
O4 - Startup: C:\Documents and Settings\Klawitter\Start Menu\Programs\Startup\ChkDisk.lnk = C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Klawitter\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1844237615-113007714-682003330-1007_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. File not found
O9 - Extra Button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\..Trusted Domains: mcafee.com ([us] https in Trusted sites)
O15 - HKU\S-1-5-21-1844237615-113007714-682003330-1007\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1119452371437 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} http://www.convergys...om/AppHardT.CAB (WNICheck2 Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} http://imikimi.com/d...lugin_0.5.1.cab (Imikimi_activex_plugin Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{7E74E1D4-266F-4C51-9B3B-570258DF549B}\\NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/21 18:40:46 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 60 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009/04/28 10:07:12 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/04/28 10:02:36 | 00,024,064 | -HS- | C] ( ) -- C:\Documents and Settings\Klawitter\Start Menu\Programs\Startup\ChkDisk.dll
[2009/04/28 10:02:36 | 00,000,655 | -HS- | C] () -- C:\Documents and Settings\Klawitter\Start Menu\Programs\Startup\ChkDisk.lnk
[2009/04/28 10:02:23 | 00,024,064 | -HS- | C] ( ) -- C:\WINDOWS\System32\autochk.dll
[2009/04/28 09:57:11 | 00,000,000 | ---D | C] -- C:\_OTListIt
[2009/04/28 09:51:49 | 00,000,000 | ---D | C] -- C:\ERDNT
[2009/04/28 09:51:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2009/04/28 09:51:44 | 00,000,000 | ---D | C] -- C:\!FixIEDef
[2009/04/28 08:57:51 | 00,000,650 | ---- | C] () -- C:\Documents and Settings\Klawitter\Start Menu\Programs\Startup\SpywareGuard.lnk
[2009/04/28 08:57:49 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2009/04/28 08:46:44 | 00,000,000 | ---D | C] -- C:\Program Files\filehippo.com
[2009/04/28 08:45:09 | 00,000,000 | ---D | C] -- C:\Program Files\AskBarDis
[2009/04/28 08:45:00 | 00,000,883 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/04/28 08:44:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Application Data\Foxit
[2009/04/28 08:44:57 | 00,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2009/04/28 08:09:53 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/28 06:59:39 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\lmppcsetup.exe
[2009/04/27 21:45:00 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/04/27 19:50:47 | 00,029,696 | ---- | C] () -- C:\WINDOWS\System32\loader49.exe
[2009/04/27 17:13:13 | 00,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/27 17:09:56 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2009/04/27 16:59:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Application Data\McAfee
[2009/04/27 16:50:07 | 00,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
[2009/04/27 16:46:47 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/04/23 10:36:18 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/04/23 10:36:14 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/04/23 10:36:14 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/04/23 10:34:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/18 22:21:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Crack Installer
[2009/04/18 22:21:41 | 00,000,000 | ---D | C] -- C:\Program Files\Crack Installer
[2009/04/18 21:59:27 | 00,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2009/04/18 21:59:23 | 00,001,660 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2009/04/18 21:57:49 | 00,000,000 | ---D | C] -- C:\Program Files\WinZip
[2009/04/18 21:23:22 | 00,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2009/04/18 21:22:24 | 00,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2009/04/16 18:12:54 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2009/04/15 15:58:52 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/15 15:58:51 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/15 15:58:51 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/15 15:58:51 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/15 15:58:50 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/15 15:58:50 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/15 15:58:49 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/15 15:58:49 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/15 15:58:49 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/15 15:58:16 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/15 15:58:16 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/15 15:58:15 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/15 14:27:42 | 00,004,104 | ---- | C] () -- C:\Documents and Settings\Klawitter\My Documents\rentassistltr.wpd
[2009/04/13 17:35:42 | 00,106,175 | ---- | C] () -- C:\Documents and Settings\Klawitter\My Documents\JoshStateTaxReturn2008.pdf
[2009/04/11 00:59:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Local Settings\Application Data\Ares
[2009/04/09 23:21:09 | 00,000,022 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/04/09 23:21:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2009/04/09 23:19:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Desktop\Games
[2009/04/08 16:14:47 | 00,046,543 | ---- | C] () -- C:\Documents and Settings\Klawitter\Desktop\mv-70.pdf
[2009/04/08 01:55:50 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/04/07 09:47:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Application Data\uniblue
[2009/04/07 09:44:46 | 00,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2009/04/07 09:10:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/04/07 09:10:10 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/04/07 09:09:44 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/04/07 09:06:12 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/04/07 09:06:12 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/04/07 09:06:11 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/04/07 09:06:09 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/04/07 09:06:09 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/04/07 09:06:08 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/04/07 09:06:08 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/04/07 09:06:04 | 00,000,000 | ---D | C] -- C:\6fb5180571826aca02f0be7ff0b7b264
[2009/04/07 09:04:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/04/07 08:37:20 | 00,000,000 | RH-D | C] -- C:\AHCache
[2009/03/31 13:29:05 | 00,008,984 | ---- | C] () -- C:\Documents and Settings\Klawitter\My Documents\Josh Resume.wpd
[2009/03/30 10:14:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\My Documents\My Games
[2009/03/30 09:40:49 | 00,000,000 | ---D | C] -- C:\Program Files\Romopolis
[2009/03/30 09:40:02 | 00,000,000 | ---D | C] -- C:\Program Files\SpongeBob Atlantis SquareOff
[2009/03/30 09:37:48 | 00,000,000 | ---D | C] -- C:\Program Files\Candy Land - Dora the Explorer Edition
[2009/03/28 21:51:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Application Data\CyberLink
[2009/03/24 22:29:22 | 00,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/03/24 13:57:21 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2009/03/24 11:24:43 | 00,005,642 | ---- | C] () -- C:\Documents and Settings\Klawitter\My Documents\equine resume.wpd
[2009/03/21 10:06:58 | 00,989,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2009/03/17 18:56:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\My Documents\CDBurnerXP Projects
[2009/03/17 18:56:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Application Data\Canneverbe_Limited
[2009/03/17 18:52:57 | 03,195,010 | ---- | C] (Canneverbe Limited ) -- C:\Program Files\cdbxp_setup_4.2.4.1255.exe
[2009/03/15 19:29:08 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2009/03/15 19:29:03 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/03/15 19:27:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Desktop\Spyware, Adware, Virus Programs
[2009/03/15 18:59:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/03/15 18:58:42 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/03/15 18:58:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Application Data\SUPERAntiSpyware.com
[2009/03/15 18:57:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/03/15 18:53:58 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/03/15 18:39:22 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/03/15 18:17:42 | 00,000,000 | ---D | C] -- C:\Program Files\Safer Networking
[2009/03/15 17:59:30 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/03/15 17:41:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/03/12 13:19:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Klawitter\Application Data\Malwarebytes
[2009/03/12 13:19:35 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/03/12 13:19:30 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/03/12 13:19:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/03/12 13:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/03/11 23:33:51 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/03/11 14:07:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3E116893-315F-4BF1-8748-007007CF5940}
[2009/03/04 14:59:56 | 00,294,135 | ---- | C] () -- C:\Documents and Settings\Klawitter\My Documents\2008AmendedTaxReturn.pdf
[2009/03/03 15:26:40 | 00,274,432 | ---- | C] (Riverdeep Interactive Learning Limited) -- C:\WINDOWS\TLCUninstall.exe
[2009/03/03 15:26:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\The Learning Company
[2009/03/03 15:25:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2008/10/29 13:18:39 | 00,093,696 | ---- | C] () -- C:\WINDOWS\System32\hpgt42.dll
[2008/09/29 19:12:41 | 00,000,101 | ---- | C] () -- C:\WINDOWS\ka.ini
[2008/09/29 18:58:00 | 00,000,714 | ---- | C] () -- C:\WINDOWS\bundle.ini
[2008/09/29 18:56:35 | 00,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2008/09/29 18:56:35 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2007/07/27 16:38:50 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\a1009isp.dll
[2006/07/21 11:52:28 | 00,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/02/23 12:41:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2006/01/13 16:06:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/08/08 01:33:15 | 00,000,000 | ---- | C] () -- C:\WINDOWS\crkv32.dll
[2005/07/08 23:40:49 | 00,000,021 | ---- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2005/06/28 19:04:29 | 00,002,968 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2005/06/22 10:12:45 | 00,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2005/06/22 09:41:06 | 00,000,177 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/06/22 08:14:07 | 00,004,272 | R--- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2003/08/14 02:54:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/07/16 16:51:23 | 00,000,654 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/07/16 16:47:28 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 60 Days ==========

[5 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009/04/28 10:18:50 | 00,024,064 | -HS- | M] ( ) -- C:\WINDOWS\System32\autochk.dll
[2009/04/28 10:11:41 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/28 10:02:37 | 00,000,655 | -HS- | M] () -- C:\Documents and Settings\Klawitter\Start Menu\Programs\Startup\ChkDisk.lnk
[2009/04/28 10:02:36 | 00,024,064 | -HS- | M] ( ) -- C:\Documents and Settings\Klawitter\Start Menu\Programs\Startup\ChkDisk.dll
[2009/04/28 10:02:01 | 00,027,648 | ---- | M] () -- C:\WINDOWS\System32\lmppcsetup.exe
[2009/04/28 09:48:03 | 00,025,671 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/04/28 09:47:28 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/04/28 09:47:12 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/04/28 09:47:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/28 09:46:57 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/28 08:57:51 | 00,000,650 | ---- | M] () -- C:\Documents and Settings\Klawitter\Start Menu\Programs\Startup\SpywareGuard.lnk
[2009/04/28 08:45:00 | 00,000,883 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2009/04/27 21:36:57 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/27 19:50:48 | 00,029,696 | ---- | M] () -- C:\WINDOWS\System32\loader49.exe
[2009/04/27 19:46:42 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/27 16:50:09 | 00,000,654 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/27 16:50:09 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/04/27 11:14:09 | 00,096,256 | ---- | M] () -- C:\Documents and Settings\Klawitter\My Documents\Michele Klawitter Resume.doc
[2009/04/27 11:13:58 | 00,029,644 | ---- | M] () -- C:\Documents and Settings\Klawitter\My Documents\Michele Klawitter Resume.wpd
[2009/04/27 09:02:43 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/04/26 18:15:00 | 00,000,456 | ---- | M] () -- C:\WINDOWS\tasks\AdAwareUpdate Weekly software update.job
[2009/04/23 10:51:01 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/04/23 07:28:08 | 00,040,960 | -HS- | M] () -- C:\Documents and Settings\Klawitter\My Documents\Thumbs.db
[2009/04/18 21:59:27 | 00,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2009/04/18 21:59:23 | 00,001,660 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2009/04/18 21:23:22 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2009/04/16 03:17:22 | 00,525,946 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/16 03:17:22 | 00,444,028 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/16 03:17:22 | 00,071,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/15 14:27:42 | 00,004,104 | ---- | M] () -- C:\Documents and Settings\Klawitter\My Documents\rentassistltr.wpd
[2009/04/15 01:18:24 | 00,000,348 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/04/14 14:52:36 | 00,000,177 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/04/13 17:35:42 | 00,106,175 | ---- | M] () -- C:\Documents and Settings\Klawitter\My Documents\JoshStateTaxReturn2008.pdf
[2009/04/10 00:04:32 | 00,000,022 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2009/04/09 23:21:09 | 00,000,000 | ---- | M] () -- C:\WINDOWS\popcreg.dat
[2009/04/08 16:14:47 | 00,046,543 | ---- | M] () -- C:\Documents and Settings\Klawitter\Desktop\mv-70.pdf
[2009/04/07 09:43:03 | 00,091,088 | ---- | M] () -- C:\Documents and Settings\Klawitter\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/07 09:38:56 | 00,324,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/07 08:30:00 | 00,000,211 | ---- | M] () -- C:\Boot.bak
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/04/03 07:57:56 | 00,004,629 | ---- | M] () -- C:\Documents and Settings\Klawitter\My Documents\Cover Letter Michele.doc
[2009/04/01 01:00:33 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/03/31 13:29:05 | 00,008,984 | ---- | M] () -- C:\Documents and Settings\Klawitter\My Documents\Josh Resume.wpd
[2009/03/29 21:02:16 | 00,007,039 | ---- | M] () -- C:\Documents and Settings\Klawitter\My Documents\Rules.wpd
[2009/03/27 02:58:38 | 01,203,922 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/03/24 14:01:33 | 00,005,642 | ---- | M] () -- C:\Documents and Settings\Klawitter\My Documents\equine resume.wpd
[2009/03/21 10:06:58 | 00,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kernel32.dll
[2009/03/21 10:06:58 | 00,989,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2009/03/16 01:23:19 | 04,810,018 | -H-- | M] () -- C:\Documents and Settings\Klawitter\Local Settings\Application Data\IconCache.db
[2009/03/06 10:22:18 | 00,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll
[2009/03/06 10:22:18 | 00,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/03/04 14:59:57 | 00,294,135 | ---- | M] () -- C:\Documents and Settings\Klawitter\My Documents\2008AmendedTaxReturn.pdf
[2009/03/03 15:25:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\SETUP32.INI
[2009/03/02 20:18:25 | 00,826,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet.dll
[2009/03/02 20:18:25 | 00,826,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2009/02/28 00:54:41 | 00,636,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe

========== LOP Check ==========

[2009/04/27 17:31:14 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Application Data
[2009/04/27 17:31:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2009/04/27 17:27:22 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Application Data\Microsoft
[2009/04/27 17:30:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
[2009/04/28 09:46:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/11 14:07:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3E116893-315F-4BF1-8748-007007CF5940}
[2009/04/28 08:43:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2005/10/22 09:30:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/03/30 13:53:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
[2009/01/11 16:00:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Crenetic
[2008/10/01 10:30:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/04/27 10:49:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2008/12/04 22:20:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Knowledge Adventure
[2009/04/28 08:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/03/12 13:19:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/28 08:35:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/04/27 17:09:56 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2008/12/04 22:31:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2005/08/18 20:33:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2008/12/28 13:05:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/04/28 09:47:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2005/07/13 22:40:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2008/10/01 10:43:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/04/28 08:56:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/03/15 18:59:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2006/07/12 20:53:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Support.com
[2009/04/28 09:45:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/10/12 20:21:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2008/10/30 09:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/04/18 21:59:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2008/11/01 11:11:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2005/06/21 14:32:09 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
[2008/10/03 03:14:19 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Application Data\Microsoft
[2009/04/28 08:44:59 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Klawitter\Application Data
[2008/12/23 11:35:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Ace
[2009/04/28 08:42:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Adobe
[2008/10/04 13:58:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Apple Computer
[2009/03/17 18:56:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Canneverbe_Limited
[2008/12/11 22:21:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Corel
[2009/03/28 21:51:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\CyberLink
[2009/04/28 08:44:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Foxit
[2008/12/28 13:05:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\GameHouse
[2009/02/21 23:19:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\GanymedeNet
[2008/10/01 22:30:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\GetRightToGo
[2008/12/30 12:51:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Google
[2009/04/27 09:53:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\gtk-2.0
[2008/10/01 22:50:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Help
[2008/10/01 09:54:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Identities
[2008/10/17 11:54:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\InstallShield
[2009/04/26 23:00:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\LimeWire
[2008/10/19 15:35:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Macromedia
[2009/03/12 13:19:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Malwarebytes
[2009/04/27 16:59:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\McAfee
[2008/12/12 04:10:58 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Klawitter\Application Data\Microsoft
[2008/10/01 10:23:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Mozilla
[2008/10/02 00:39:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\MySpace
[2008/12/21 20:29:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Nikon
[2009/01/16 14:18:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Paltalk
[2008/12/04 21:53:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\SecondLife
[2008/12/27 19:30:35 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Klawitter\Application Data\SecuROM
[2008/10/26 11:50:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Sonic
[2008/10/06 09:35:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Sun
[2009/03/15 18:58:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\SUPERAntiSpyware.com
[2009/04/18 22:26:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\uniblue
[2008/11/01 12:10:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Klawitter\Application Data\Yahoo!
[2008/11/17 12:02:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
[2008/11/17 12:02:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2008/11/17 12:01:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google
[2009/04/27 16:59:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/12/10 23:44:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2008/11/17 12:01:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Yahoo!
[2008/10/16 14:15:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
[2008/10/16 14:15:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2008/10/16 14:15:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2009/04/07 10:21:54 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/01/14 19:03:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2009/04/27 09:02:43 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/04/26 18:15:00 | 00,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\AdAwareUpdate Weekly software update.job
[2003/07/16 16:36:49 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/04/28 09:47:28 | 00,000,868 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009/04/28 09:47:12 | 00,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job
[2009/04/15 01:18:24 | 00,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2009/04/01 01:00:33 | 00,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2009/04/27 19:46:42 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/04/28 09:47:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:15DE523E
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F591490A
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AD727397
@Alternate Data Stream - 191 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:71441FEF
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

OTListIt Extras
OTListIt Extras logfile created on: 4/28/2009 10:18:34 AM - Run 3
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\Klawitter\Desktop\Spyware, Adware, Virus Programs
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 67.61 Mb Available Physical Memory | 13.26% Memory free
864.25 Mb Paging File | 343.19 Mb Available in Paging File | 39.71% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 91.02 Gb Free Space | 81.43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHERI-64KAHURO0
Current User Name: Klawitter
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 60 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\system32\shell32.DLL (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\system32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\system32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1844237615-113007714-682003330-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"9420:TCP" = 9420:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 20:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/13 20:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/09/18 14:50:21 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2008/10/16 21:57:52 | 04,347,120 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2008/01/25 02:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
[2008/04/17 19:27:00 | 09,117,696 | ---- | M] () -- C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM
[2009/04/22 09:50:11 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00FC6799-866E-44A1-A60C-DCF394CF56FD}" = iTunes
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{5AD92ED9-5C88-46B1-AA65-E46A459E7C60}" = iPod Updater 2004-07-15
"{5C1DA723-24FC-48AD-93BA-925695C3EF26}" = Logitech Gaming Software
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{84FA5EEA-32CE-47AE-9DF0-83CBCC2DED2C}" = SpotLife
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D42B6F90-1084-4C9B-AF28-958926E6E32E}" = LP_Flash
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{EE7C3A14-1D20-49F6-B903-491561076F0F}" = ArcSoft Software Suite
"{EFC991D4-2BFE-40B8-8C3C-BAC9068945FA}" = Pandigital Photo Manager
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"65dd07975218865ba54f84464fda6cc3" = Ratatouille
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Ask Toolbar_is1" = Foxit Toolbar
"BFGC" = Big Fish Games Client
"BFG-Candy Land - Dora the Explorer Edition" = Candy Land - Dora the Explorer Edition
"BFG-Ride!" = Ride!
"BFG-Romopolis" = Romopolis
"BFG-SpongeBob Atlantis SquareOff" = SpongeBob Atlantis SquareOff
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2702" = Conexant SmartHSFi V.9x 56K DF PCI Modem
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"ERUNT_is1" = ERUNT 1.1j
"filehippo.com" = filehippo.com Update Checker
"Foxit Reader" = Foxit Reader
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HP Photo & Imaging" = HP Image Zone 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{00FC6799-866E-44A1-A60C-DCF394CF56FD}" = iTunes
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"InstallShield_{5AD92ED9-5C88-46B1-AA65-E46A459E7C60}" = iPod Updater 2004-07-15
"InterActual Player" = InterActual Player
"Lexmark Supplies Monitor" = Lexmark Supplies Monitor
"Lexmark Z23-Z33" = Lexmark Z23-Z33
"LimeWire" = LimeWire 4.18.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.9)" = Mozilla Firefox (3.0.9)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MySpaceIM" = MySpaceIM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OpenAL" = OpenAL
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer 7 Basic
"SpywareBlaster_is1" = SpywareBlaster 4.2
"SpywareGuard_is1" = SpywareGuard v2.2
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.6
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/5/2008 6:07:42 PM | Computer Name = CHERI-64KAHURO0 | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 2392 (0x958) Thread address : 0x120DBCCE Thread message : Build VSCORE.14.0.0.384
/ 5200.2160 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee\MSC\mcuihost.exe

by c:\PROGRA~1\mcafee\msc\mcupdmgr.exe 4(157)(0) 4(157)(0) 7200(157)(0) 7595(157)(0)

7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)

Error - 10/5/2008 6:21:23 PM | Computer Name = CHERI-64KAHURO0 | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 1544 (0x608) Thread address : 0x120DBCCE Thread message : Build VSCORE.14.0.0.384
/ 5200.2160 Object being scanned = \Device\HarddiskVolume1\Program Files\NOS\bin\getPlus_HelperSvc.exe

by C:\Program Files\Mozilla Firefox\firefox.exe 4(93)(0) 4(93)(0) 7200(93)(0) 7595(93)(0)

7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)

Error - 10/6/2008 2:41:26 AM | Computer Name = CHERI-64KAHURO0 | Source = Application Hang | ID = 1002
Description = Hanging application MySpaceIM.exe, version 1.0.756.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/6/2008 1:28:24 PM | Computer Name = CHERI-64KAHURO0 | Source = MsiInstaller | ID = 11606
Description = Product: Java™ 6 Update 7 -- Error 1606.Could not access network
location http://javadl.sun.co...86/jz160070.cab.

Error - 10/6/2008 1:44:32 PM | Computer Name = CHERI-64KAHURO0 | Source = MsiInstaller | ID = 10005
Description = Product: J2SE Runtime Environment 5.0 Update 6 -- You already have
this version of the JRE installed. Please uninstall the product through your add/remove
programs utility before reinstalling.

Error - 10/7/2008 1:03:45 AM | Computer Name = CHERI-64KAHURO0 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16705, faulting
module ntdll.dll, version 5.1.2600.5512, fault address 0x0001b1fa.

Error - 10/7/2008 7:21:22 PM | Computer Name = CHERI-64KAHURO0 | Source = Application Error | ID = 1000
Description = Faulting application tierazon.exe, version 1.0.0.1, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 10/7/2008 7:22:46 PM | Computer Name = CHERI-64KAHURO0 | Source = Application Error | ID = 1000
Description = Faulting application tierazon.exe, version 1.0.0.1, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 10/13/2008 12:10:50 AM | Computer Name = CHERI-64KAHURO0 | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 2892 (0xb4c) Thread address : 0x12020BC9 Thread message : Build VSCORE.14.0.0.384
/ 5200.2160 Object being scanned = \Device\HarddiskVolume1\Program Files\mcafee\msc\mcmscver.dll

by C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe 4(109)(0) 4(109)(0) 7200(109)(0) 7595(109)(0)

7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)

[ System Events ]
Error - 4/27/2009 7:50:09 PM | Computer Name = CHERI-64KAHURO0 | Source = Service Control Manager | ID = 7000
Description = The NMSAccessU service failed to start due to the following error:
%%2

Error - 4/27/2009 7:50:38 PM | Computer Name = CHERI-64KAHURO0 | Source = DCOM | ID = 10010
Description = The server {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} did not register
with DCOM within the required timeout.

Error - 4/27/2009 8:36:07 PM | Computer Name = CHERI-64KAHURO0 | Source = Service Control Manager | ID = 7000
Description = The NMSAccessU service failed to start due to the following error:
%%2

Error - 4/27/2009 8:36:47 PM | Computer Name = CHERI-64KAHURO0 | Source = DCOM | ID = 10010
Description = The server {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} did not register
with DCOM within the required timeout.

Error - 4/27/2009 9:22:00 PM | Computer Name = CHERI-64KAHURO0 | Source = Service Control Manager | ID = 7000
Description = The NMSAccessU service failed to start due to the following error:
%%2

Error - 4/27/2009 9:22:15 PM | Computer Name = CHERI-64KAHURO0 | Source = DCOM | ID = 10010
Description = The server {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} did not register
with DCOM within the required timeout.

Error - 4/28/2009 6:45:10 AM | Computer Name = CHERI-64KAHURO0 | Source = Service Control Manager | ID = 7000
Description = The NMSAccessU service failed to start due to the following error:
%%2

Error - 4/28/2009 9:47:14 AM | Computer Name = CHERI-64KAHURO0 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.

Error - 4/28/2009 9:47:42 AM | Computer Name = CHERI-64KAHURO0 | Source = Service Control Manager | ID = 7000
Description = The NMSAccessU service failed to start due to the following error:
%%2

Error - 4/28/2009 9:47:54 AM | Computer Name = CHERI-64KAHURO0 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde Lbd


< End of report >

Edited by klawitter, 28 April 2009 - 08:26 AM.

  • 0

Advertisements

#2
klawitter
Posted 21 May 2009 - 06:39 PM

klawitter

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Okay guys, going on a month here and NO response!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP