Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cleaning up old machine...need help IDing unnecessary stuff

Started by well_armed , May 07 2009 08:44 AM

  • Please log in to reply

#1
well_armed
Posted 07 May 2009 - 08:44 AM

well_armed

    New Member

  • Member
  • Pip
  • 1 posts
I'm a newbie at cleaning off necessary registry entries and other misc stuff in order to make my machine perform better. I have read the Malware and Spyware Cleaning Guide sticky and installed and ran the OTListIt scan, results are below.

Can anyone please direct me as to how I can clean up and increase the performance of this box? In order to keep this post to a manageable length I have only posted the OTListIt.txt file; please let me know if you need the Extras.txt file.

Thanks!

OTListIt logfile created on: 5/7/2009 10:39:41 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 3.80 Gb Available in Paging File | 94.92% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.92 Gb Total Space | 35.72 Gb Free Space | 50.37% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 419.84 Gb Total Space | 357.12 Gb Free Space | 85.06% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive P: | 278.98 Gb Total Space | 198.99 Gb Free Space | 71.33% Space Free | Partition Type: NTFS

Computer Name: HOMER
Current User Name: Mike
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
PRC - C:\WINDOWS\system32\LEXPPS.EXE (Lexmark International, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\CTsvcCDA.EXE (Creative Technology Ltd)
PRC - C:\Program Files\DigitalPersona\Bin\DpHost.exe (DigitalPersona, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation)
PRC - C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe (DigitalPersona, Inc.)
PRC - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Maxtor\Maxtor Quick Start\msssort.exe (Maxtor)
PRC - C:\Program Files\DigitalPersona\Bin\DPAgnt.exe (DigitalPersona, Inc.)
PRC - C:\Program Files\SpiralFrog\Spiralfrog.exe (SpiralFrog)
PRC - C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\McTray.exe (McAfee, Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
PRC - C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
PRC - C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
PRC - C:\Program Files\RapidSolution\Tunebite\Tunebite.exe (RapidSolution Software AG)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe (Trend Micro Inc.)
PRC - C:\Documents and Settings\Mike\Desktop\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\system32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (Creative Service for CDROM Access [Auto | Running]) -- C:\WINDOWS\system32\CTsvcCDA.EXE (Creative Technology Ltd)
SRV - (DPFUSMgr [Auto | Running]) -- C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe (DigitalPersona, Inc.)
SRV - (DpHost [Auto | Running]) -- C:\Program Files\DigitalPersona\Bin\DpHost.exe (DigitalPersona, Inc.)
SRV - (GoToAssist [On_Demand | Stopped]) -- C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hpqcxs08 [On_Demand | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (hpqddsvc [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (HPSLPSVC [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL (Hewlett-Packard Co.)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LexBceS [Auto | Running]) -- C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
SRV - (McAfeeFramework [Auto | Running]) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
SRV - (McShield [Auto | Running]) -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.)
SRV - (McTaskManager [Auto | Running]) -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.)
SRV - (Net Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZinw12.dll (Hewlett-Packard)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.dll (Hewlett-Packard)
SRV - (Roxio UPnP Renderer 9 [On_Demand | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe (Sonic Solutions)
SRV - (Roxio Upnp Server 9 [Auto | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe (Sonic Solutions)
SRV - (RoxLiveShare9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (Sonic Solutions)
SRV - (RoxMediaDB9 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (RoxWatch9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
SRV - (WMDM PMSP Service [Auto | Running]) -- C:\WINDOWS\system32\MsPMSPSv.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AnyDVD [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (BANTExt [System | Running]) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()
DRV - (cercsr6 [Boot | Stopped]) -- C:\WINDOWS\System32\drivers\cercsr6.sys (Adaptec, Inc.)
DRV - (ctsfm2k [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys (Creative Technology Ltd)
DRV - (dpK0Bx01 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\dpK0Bx01.sys (DigitalPersona®, Inc.)
DRV - (E100B [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (ElbyCDIO [System | Running]) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyDelay [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (hamachi_oem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\gan_adapter.sys (Applied Networking Inc.)
DRV - (mfeapfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfeavfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfehidk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mferkdk [System | Running]) -- C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys (McAfee, Inc.)
DRV - (mfetdik [System | Running]) -- C:\WINDOWS\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (ossrv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ctoss2k.sys (Creative Technology Ltd.)
DRV - (P17 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\P17.sys (Creative Technology Ltd.)
DRV - (PfModNT [Auto | Running]) -- C:\WINDOWS\system32\drivers\PfModNT.sys (Creative Technology Ltd.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (QCDonner [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\OVCD.sys (Microsoft Corporation)
DRV - (RimUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\RimUsb.sys (Research In Motion Limited)
DRV - (RimVSerPort [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\RimSerial.sys (Research in Motion Ltd)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (StillCam [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (tbhsd [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (truecrypt [System | Running]) -- C:\WINDOWS\System32\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbdpfp [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\usbdpfp.sys (DigitalPersona®, Inc.)
DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usb8023x.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=en&source=iglk
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:2.7.4
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.1.2
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:3.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {47d1d620-5e5b-11da-8cd6-0800200c9a66}:2.0
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6
FF - prefs.js..extensions.enabledItems: {359faf50-e061-11dd-ad8b-0800200c9a66}:1.1.2.2

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2008/10/17 20:41:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\GOOGLE\TOOLBAR FOR FIREFOX\{3112CA9C-DE6D-4884-A869-9855DE68056C} [2008/11/24 21:22:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/08 14:42:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON2 [2009/04/30 21:07:58 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/25 18:01:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/07 08:21:02 | 00,000,000 | ---D | M]

[2008/12/16 23:55:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Extensions
[2008/12/16 23:55:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/07 08:27:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Firefox\Profiles\23sbcof0.default\extensions
[2008/12/19 16:09:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Firefox\Profiles\23sbcof0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/05/07 07:56:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Firefox\Profiles\23sbcof0.default\extensions\{359faf50-e061-11dd-ad8b-0800200c9a66}
[2009/02/24 23:11:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Firefox\Profiles\23sbcof0.default\extensions\{47d1d620-5e5b-11da-8cd6-0800200c9a66}
[2009/04/30 21:13:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Firefox\Profiles\23sbcof0.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/05/07 07:59:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Firefox\Profiles\23sbcof0.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2009/05/07 07:57:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Firefox\Profiles\23sbcof0.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009/04/04 12:36:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\mozilla\Firefox\Profiles\23sbcof0.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2009/05/07 08:15:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/02/15 15:12:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/08 14:42:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/05 10:39:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/02/15 15:12:01 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/02/15 15:12:01 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/15 15:12:13 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/02/15 15:12:13 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/02/15 15:12:13 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/02/15 15:12:13 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/02/15 15:12:13 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/02/15 15:12:13 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/02/15 15:12:13 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (225693 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.139mm.com
O1 - Hosts: 127.0.0.1 139mm.com
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 171203.com
O1 - Hosts: 7913 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" (ATI Technologies, Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r (Creative Technology Ltd)
O4 - HKLM..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey (McAfee, Inc.)
O4 - HKLM..\Run: [mssSort] C:\Program Files\Maxtor\Maxtor Quick Start\msssort.exe (Maxtor)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [P17Helper] Rundll32 P17.dll,P17Helper ()
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" (Sonic Solutions)
O4 - HKLM..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE (McAfee, Inc.)
O4 - HKLM..\Run: [SpiralFrog] C:\Program Files\SpiralFrog\Spiralfrog.exe (SpiralFrog)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Tunebite] C:\Program Files\RapidSolution\Tunebite\Tunebite.exe -tray (RapidSolution Software AG)
O4 - HKCU..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1 (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: //@[email protected]/ ([]msn in Local intranet)
O15 - HKCU\..Trusted Domains: //@[email protected]/ ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: 34 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} https://components.v...l?noreloadredir (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase9563.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1223301418269 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8BE5651C-D60B-4B59-B5B2-F0EB93733D17} https://www36.verizo.../IOBIVMUtil.CAB (IOBIVMUtil.VMDecoder)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://crucial.com/c.../cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://chantillynot...i.com/dwa7W.cab (Domino Web Access 7 Control)
O16 - DPF: CabBuilder http://ak.imgag.com/...llerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{006694B4-F88E-43F4-9212-8AFD78B2FF44}\\NameServer = 192.168.1.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (C:\WINDOWS\system32\DPGINA.dll) - C:\WINDOWS\system32\DPGINA.dll (DigitalPersona, Inc.)
O20 - Winlogon\Notify\DPWLN : DllName - C:\WINDOWS\system32\DPWLEvHd.dll - C:\WINDOWS\system32\DPWLEvHd.dll (DigitalPersona, Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/15 23:16:27 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[8 C:\WINDOWS\*.tmp files]
[2009/05/07 10:38:27 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTListIt2.exe
[2009/05/07 10:37:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/07 10:36:48 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/07 10:36:26 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Mike\Desktop\erunt_setup.exe
[2009/05/07 10:32:21 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\HijackThis.lnk
[2009/05/07 10:32:20 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/07 08:21:55 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[2009/05/07 08:21:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/05/07 08:21:02 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/05/07 08:20:30 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/05/07 08:17:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Adobe Reader 9 Installer
[2009/05/07 08:15:01 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/05/07 08:15:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/04/30 21:23:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2009/04/30 21:20:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\My Scans
[2009/04/30 21:14:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\HPAppData
[2009/04/30 21:14:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2009/04/30 21:07:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2009/04/30 21:07:14 | 00,001,018 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2009/04/30 21:06:59 | 00,001,930 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Shop for HP Supplies.lnk
[2009/04/30 21:05:35 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/04/30 21:04:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP
[2009/04/30 21:04:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\hpojp8500a909
[2009/04/30 21:02:35 | 00,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2009/04/30 21:02:31 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\serscan.sys
[2009/04/30 21:02:31 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/04/30 21:01:35 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2009/04/30 21:01:34 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2009/04/30 20:59:45 | 00,188,864 | ---- | C] () -- C:\WINDOWS\hpwins22.dat
[2009/04/30 20:59:45 | 00,002,979 | ---- | C] () -- C:\WINDOWS\hpwmdl22.dat
[2009/04/30 20:06:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2009/04/30 20:05:54 | 00,000,000 | ---D | C] -- C:\Program Files\HP
[2009/04/29 20:57:35 | 00,103,872 | ---- | C] (SlySoft, Inc.) -- C:\WINDOWS\System32\drivers\AnyDVD.sys
[2009/04/16 21:59:23 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/16 21:59:23 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/16 21:59:23 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/16 21:59:22 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/16 21:59:22 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/16 21:59:22 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/16 21:59:21 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/16 21:59:21 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 21:59:21 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/16 21:58:57 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/16 21:58:56 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2008/06/18 15:59:56 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/02/15 20:19:40 | 00,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2007/09/08 11:19:49 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/05/23 00:21:56 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/05/16 21:34:23 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2007/05/16 21:17:20 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/05/16 18:25:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2007/05/16 17:29:45 | 00,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2007/05/15 23:49:34 | 00,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2007/05/15 23:34:08 | 00,000,387 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2007/05/15 23:33:52 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2007/05/15 23:33:51 | 00,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2007/01/03 11:24:36 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 11:22:46 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 11:22:14 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/10/09 16:27:40 | 00,951,824 | ---- | C] () -- C:\WINDOWS\System32\DPCredProv.dll
[2006/10/09 16:09:42 | 00,000,527 | ---- | C] () -- C:\WINDOWS\System32\DpGina.dll.manifest
[2004/08/04 06:00:00 | 00,000,808 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 06:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/06/10 12:51:20 | 00,060,928 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2004/03/29 12:28:18 | 00,003,278 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2003/10/02 19:48:18 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2003/03/04 17:29:00 | 00,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/04/11 10:41:06 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[8 C:\WINDOWS\*.tmp files]
[2009/05/07 10:38:27 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTListIt2.exe
[2009/05/07 10:36:26 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Mike\Desktop\erunt_setup.exe
[2009/05/07 10:32:21 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\HijackThis.lnk
[2009/05/07 08:25:40 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/07 08:25:16 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Mike\Local Settings\desktop.ini
[2009/05/07 08:24:54 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/07 08:24:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/07 08:24:34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/07 08:21:55 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[2009/05/07 08:21:02 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/05/07 07:50:18 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EC23FC9E-D2B4-4E1C-ACD0-2B7C06C7E625}.job
[2009/05/07 07:46:35 | 00,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk
[2009/04/30 21:09:19 | 00,188,864 | ---- | M] () -- C:\WINDOWS\hpwins22.dat
[2009/04/30 21:08:44 | 00,000,808 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/30 21:07:14 | 00,001,018 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Solution Center.lnk
[2009/04/30 21:06:59 | 00,001,930 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Shop for HP Supplies.lnk
[2009/04/30 21:05:35 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/04/29 20:57:35 | 00,103,872 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\System32\drivers\AnyDVD.sys
[2009/04/16 22:30:39 | 00,472,778 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/16 22:30:39 | 00,404,298 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/16 22:30:39 | 00,060,662 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/16 22:18:29 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\WINDOWS:6CFA412685B7E248
< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP