OTL logfile created on: 6/4/2009 6:23:18 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\JAMES KWON\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.04 Mb Total Physical Memory | 445.50 Mb Available Physical Memory | 43.93% Memory free
2.38 Gb Paging File | 1.93 Gb Available in Paging File | 80.84% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 82.78 Gb Total Space | 11.40 Gb Free Space | 13.77% Space Free | Partition Type: NTFS
Drive D: | 9.35 Gb Total Space | 1.42 Gb Free Space | 15.17% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 372.61 Gb Total Space | 196.69 Gb Free Space | 52.79% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC192320066228
Current User Name: JAMES KWON
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - [2009/06/04 15:42:14 | 01,005,904 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/11/10 22:03:52 | 00,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PRC - [2006/02/14 19:49:22 | 00,454,656 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2006/03/23 05:17:04 | 00,094,208 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2006/03/23 05:13:40 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2006/03/23 05:17:50 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2006/03/31 22:01:48 | 00,761,946 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/04/11 21:54:16 | 00,102,400 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2005/02/16 23:11:42 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
PRC - [2005/08/11 16:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2006/03/23 11:38:38 | 00,131,072 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
PRC - [2006/07/16 15:00:00 | 00,475,136 | ---- | M] (Haansoft Inc.) -- C:\Program Files\Common Files\Hnc\HncUtils\HncUpdate.exe
PRC - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2008/03/13 16:48:30 | 01,443,072 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/06/04 15:42:18 | 00,518,488 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2008/11/15 20:09:26 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2006/03/30 14:51:04 | 00,098,304 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe
PRC - [2006/03/14 09:51:44 | 00,073,728 | ---- | M] (Starz) -- C:\Program Files\Vongo\Tray.exe
PRC - [2006/07/25 18:03:42 | 00,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PRC - [2008/03/13 16:49:56 | 00,472,320 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2006/03/14 09:51:52 | 00,176,128 | ---- | M] (Starz Entertainment Group LLC) -- C:\Program Files\Vongo\VongoService.exe
PRC - [2006/03/15 15:28:32 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2005/09/24 09:42:32 | 00,475,136 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2004/08/04 14:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2009/02/06 03:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2005/12/23 21:44:26 | 00,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe
PRC - [2009/06/04 17:23:24 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JAMES KWON\Desktop\OTL.exe
PRC - [2009/02/26 10:49:18 | 00,099,328 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
========== Win32 Services (SafeList) ==========
SRV - [2004/07/15 10:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006/07/25 18:03:42 | 00,100,032 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])
SRV - [2008/03/13 16:55:26 | 00,019,200 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV - [2008/03/13 16:49:56 | 00,472,320 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn [Auto | Running])
SRV - [2009/05/20 07:01:40 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006/03/15 15:28:32 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Auto | Running])
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009/06/04 15:42:14 | 01,005,904 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2006/02/17 15:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2006/07/25 18:03:42 | 02,119,360 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2008/01/29 17:38:31 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service [Auto | Running])
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/03/14 09:51:52 | 00,176,128 | ---- | M] (Starz Entertainment Group LLC) -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Driver Services (SafeList) ==========
DRV - [2001/08/17 22:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/13 11:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Disabled | Stopped])
DRV - [2001/08/17 22:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Disabled | Stopped])
DRV - [2001/08/17 22:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Disabled | Stopped])
DRV - [2001/08/17 22:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Disabled | Stopped])
DRV - [2001/08/17 22:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])
DRV - [2005/11/03 01:31:38 | 00,157,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2005/09/19 14:23:52 | 00,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\DRIVERS\eabfiltr.sys -- (eabfiltr [System | Running])
DRV - [2005/09/19 14:24:20 | 00,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\DRIVERS\eabusb.sys -- (eabusb [On_Demand | Stopped])
DRV - [2008/03/13 16:43:42 | 00,040,456 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV - [2008/03/13 16:44:36 | 00,029,704 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\easdrv.sys -- (easdrv [System | Running])
DRV - [2006/09/18 01:00:00 | 00,387,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl [System | Running])
DRV - [2008/03/13 16:52:12 | 00,071,176 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\epfw.sys -- (epfw [Auto | Running])
DRV - [2008/03/13 16:52:16 | 00,030,728 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\Epfwndis.sys -- (Epfwndis [On_Demand | Running])
DRV - [2008/03/13 16:52:16 | 00,054,280 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\epfwtdi.sys -- (epfwtdi [System | Running])
DRV - [2004/08/04 14:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\fsvga.sys -- (FsVga [System | Running])
DRV - [2005/09/19 14:24:10 | 00,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\DRIVERS\cpqbttn.sys -- (HBtnKey [On_Demand | Running])
DRV - [2006/04/17 13:29:06 | 00,569,856 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService [On_Demand | Running])
DRV - [2008/04/13 09:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2005/08/22 08:06:16 | 00,201,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
DRV - [2005/08/22 08:07:00 | 01,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2006/03/23 05:47:06 | 01,166,972 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2005/10/13 02:07:12 | 00,874,240 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2009/06/04 15:42:36 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2006/02/15 03:57:46 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2001/08/17 22:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Disabled | Stopped])
DRV - [2004/08/04 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2006/07/23 11:00:00 | 00,036,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/17 22:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Disabled | Stopped])
DRV - [2001/08/17 22:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Disabled | Stopped])
DRV - [2001/08/17 22:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Disabled | Stopped])
DRV - [2005/11/16 20:28:32 | 00,028,928 | ---- | M] (REDC) -- C:\WINDOWS\system32\DRIVERS\rimmptsk.sys -- (rimmptsk [On_Demand | Running])
DRV - [2005/12/22 17:02:22 | 00,051,840 | ---- | M] (REDC) -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys -- (rimsptsk [On_Demand | Running])
DRV - [2005/11/01 18:08:00 | 00,308,992 | ---- | M] (REDC) -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys -- (rismxdp [On_Demand | Running])
DRV - [2004/08/03 23:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2008/04/13 09:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/13 11:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Disabled | Stopped])
DRV - [2001/08/17 23:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Disabled | Stopped])
DRV - [2001/08/17 23:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])
DRV - [2001/08/17 23:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])
DRV - [2001/08/17 23:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])
DRV - [2001/08/17 23:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
DRV - [2006/03/31 21:41:40 | 00,193,056 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2001/08/17 22:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Disabled | Stopped])
DRV - [2006/03/14 11:02:54 | 01,428,480 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys -- (w39n51 [On_Demand | Running])
DRV - [2005/08/22 08:06:10 | 00,718,464 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006\S-1-5-21-2719877063-3512441483-3382401893-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\PROGRAM FILES\NETSCAPE\NETSCAPE BROWSER\COMPONENTS [2006/07/23 17:11:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\PROGRAM FILES\NETSCAPE\NETSCAPE BROWSER\PLUGINS [2006/08/18 04:19:45 | 00,000,000 | ---D | M]
O1 HOSTS File: (306733 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10560 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe ()
O4 - HKLM..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice (ESET)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [HncUpdate] C:\Program Files\Common Files\Hnc\HncUtils\HncUpdate.exe /A (Haansoft Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start (Macrovision Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
O4 - HKLM..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" (Symantec Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Pavilion Webcam Tray Icon.lnk = C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (Starz)
O4 - Startup: C:\Documents and Settings\JAMES KWON\Start Menu\Programs\Startup\Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (Starz)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-2719877063-3512441483-3382401893-1006\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {A2A4336A-E49E-44E8-B152-E98E841CFA24} http://gisweb4.chzer...roMapUpdate.cab (Chzero ZeroMap Update Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D96D2F74-0B74-47D2-964F-B67E9F69F1CD} http://www.congnamul...Map4Asp_V25.cab (CongnamulMap4Asp Control)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{d26185bd-2eb6-11db-aa51-0016d307b32c}\Shell\AutoRun\command - "" = F:\9yqusig.bat -- File not found
O33 - MountPoints2\{d26185bd-2eb6-11db-aa51-0016d307b32c}\Shell\explore\Command - "" = F:\9yqusig.bat -- File not found
O33 - MountPoints2\{d26185bd-2eb6-11db-aa51-0016d307b32c}\Shell\open\Command - "" = F:\9yqusig.bat -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/04 17:31:19 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\*.tmp files]
[2009/06/04 18:14:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/06/04 18:14:37 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/06/04 18:14:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/06/04 18:13:48 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/06/04 18:12:03 | 24,699,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/06/04 18:09:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/06/04 17:55:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/06/04 17:41:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2009/06/04 17:41:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/06/04 17:41:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/06/04 17:41:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/06/04 17:41:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/06/04 17:37:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/06/04 17:35:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/06/04 17:30:26 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/06/04 17:30:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009/06/04 17:23:20 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\JAMES KWON\Desktop\OTL.exe
[2009/06/04 17:21:27 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/06/04 17:12:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JAMES KWON\Application Data\Malwarebytes
[2009/06/04 17:12:03 | 00,040,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/04 17:12:01 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/04 17:12:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/06/04 17:12:00 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/04 17:09:19 | 00,068,326 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\JAMES KWON\Desktop\mbam-setup.exe
[2009/06/04 17:00:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/06/04 17:00:26 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/06/04 16:59:56 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\JAMES KWON\Desktop\erunt_setup.exe
[2009/06/04 16:51:11 | 00,265,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\JAMES KWON\Desktop\TFC.exe
[2009/06/04 16:44:35 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/06/04 15:43:38 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/06/04 15:43:30 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/06/04 15:38:36 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/06/04 15:38:36 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/06/04 15:38:24 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/06/04 15:38:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/06/04 15:01:25 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\JAMES KWON\Desktop\HijackThis.lnk
[2009/06/04 15:01:23 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/03 01:58:55 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/06/03 01:58:55 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/06/03 01:35:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JAMES KWON\Application Data\ESET
[2009/06/03 01:33:55 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/06/03 01:33:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/06/03 01:16:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JAMES KWON\Application Data\Opera
[2009/06/03 01:14:06 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2009/06/03 01:14:04 | 00,000,000 | ---D | C] -- C:\Program Files\Opera
[2009/06/03 01:01:01 | 53,609,996 | ---- | C] () -- C:\Documents and Settings\JAMES KWON\My Documents\BeSecure2008.zip
[2009/06/03 00:49:45 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/06/03 00:49:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/06/01 22:22:58 | 00,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2009/06/01 22:21:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2009/06/01 21:44:40 | 00,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2009/06/01 21:44:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2007/02/01 02:19:25 | 00,133,120 | ---- | C] ( ) -- C:\WINDOWS\System32\ZipDLL.dll
[2007/02/01 02:19:25 | 00,122,368 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.dll
[2006/11/12 20:36:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/11/07 07:02:36 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/11/07 07:02:36 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/11/03 10:43:02 | 00,000,040 | ---- | C] () -- C:\WINDOWS\Hjimesv.ini
[2006/11/03 10:28:52 | 00,000,016 | ---- | C] () -- C:\WINDOWS\System32\winhcfga.ini
[2006/07/23 17:14:52 | 00,000,166 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/07/23 17:11:53 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/07/23 16:46:05 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/07/23 16:41:50 | 00,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/03/27 10:00:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/27 09:20:24 | 00,000,241 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/03/27 09:17:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/03/27 08:59:58 | 00,000,603 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/03/27 00:50:12 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/05/05 19:06:32 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\*.tmp files]
[2009/06/04 18:24:59 | 00,443,380 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/06/04 18:24:59 | 00,383,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/06/04 18:24:59 | 00,053,942 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/06/04 18:20:52 | 00,000,952 | ---- | M] () -- C:\hpqp.ini
[2009/06/04 18:19:46 | 00,000,039 | ---- | M] () -- C:\XP_TV.ini
[2009/06/04 18:19:21 | 00,000,081 | -HS- | M] () -- C:\Documents and Settings\JAMES KWON\My Documents\desktop.ini
[2009/06/04 18:19:14 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/04 18:19:12 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/04 18:19:07 | 10,633,74848 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/04 18:14:36 | 00,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/06/04 18:09:16 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/04 17:56:23 | 00,345,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/04 17:34:12 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/06/04 17:23:24 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JAMES KWON\Desktop\OTL.exe
[2009/06/04 17:09:19 | 00,068,326 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\JAMES KWON\Desktop\mbam-setup.exe
[2009/06/04 16:59:58 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\JAMES KWON\Desktop\erunt_setup.exe
[2009/06/04 16:51:11 | 00,265,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JAMES KWON\Desktop\TFC.exe
[2009/06/04 15:43:31 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/06/04 15:43:08 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/06/04 15:42:36 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/06/04 15:38:36 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/06/04 15:01:25 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\JAMES KWON\Desktop\HijackThis.lnk
[2009/06/03 12:51:01 | 00,306,733 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/06/03 01:58:55 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/06/03 01:58:55 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/06/03 01:46:17 | 00,306,733 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090603-125101.backup
[2009/06/03 01:45:46 | 00,000,241 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2009/06/03 01:14:06 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2009/06/03 01:10:09 | 00,306,733 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090603-014617.backup
[2009/06/03 01:01:09 | 53,609,996 | ---- | M] () -- C:\Documents and Settings\JAMES KWON\My Documents\BeSecure2008.zip
[2009/06/01 23:56:48 | 00,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/11 22:11:53 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/05/07 00:16:30 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
========== LOP Check ==========
[2009/06/04 17:12:01 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/06/04 15:38:38 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2006/07/23 16:53:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/06/01 22:21:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2006/07/23 16:47:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2009/06/03 01:33:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/01/25 08:25:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/07/23 16:47:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2006/07/23 14:21:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2006/07/23 17:14:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2009/06/04 15:43:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/06/04 17:12:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2006/08/24 03:17:06 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2006/07/23 14:21:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2007/02/08 14:53:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2009/06/03 00:54:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/06/03 01:06:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2007/10/22 01:15:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2006/07/23 17:14:54 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
[2006/07/23 14:21:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Identities
[2006/07/23 17:14:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Intuit
[2006/07/23 17:14:06 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Application Data\Microsoft
[2009/06/04 17:56:32 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\JAMES KWON\Application Data
[2009/05/10 11:45:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Adobe
[2006/08/18 09:45:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\AdobeUM
[2006/08/20 13:55:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\CyberLink
[2006/03/04 01:57:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\dvdcss
[2009/06/03 01:35:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\ESET
[2008/09/21 09:55:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Google
[2006/11/03 10:44:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Hnc
[2009/01/13 22:56:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\HP
[2006/07/23 14:21:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Identities
[2006/07/23 17:14:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Intuit
[2006/02/10 00:06:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Leadertech
[2006/08/18 03:17:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Macromedia
[2009/06/04 17:12:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Malwarebytes
[2008/10/07 20:59:47 | 00,000,000 | --SD | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Microsoft
[2009/06/03 01:16:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Opera
[2007/02/08 15:04:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Roxio
[2006/02/10 00:06:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Sonic
[2006/08/20 10:14:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\Sun
[2009/05/20 07:01:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\uTorrent
[2006/02/10 00:05:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JAMES KWON\Application Data\vlc
[2006/07/23 16:25:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
[2006/07/23 16:25:49 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/07/23 16:25:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
[2006/07/23 16:25:48 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/06/04 15:43:31 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2004/08/04 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/06/04 18:19:14 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
< End of report >