Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Horse Generic13.BYUD


  • Please log in to reply

#1
boxiom

boxiom

    Member

  • Member
  • PipPip
  • 22 posts
I performed a full system scan and AVG picked up 2 of:
"Trojan Horse Generic13.BYUD" and moved it to the "Virus Vault"

So now I need to figure out how to remove these.

Here is my hiJack this log:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:53:22 PM, on 8/3/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
O4 - HKLM\..\RunOnce: [Reg_Watcher_Vista] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\InvisibleInstaller.exe" "C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe" 4 1 AVG "AVGIDSWatcher"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemreq...sreqlab_srl.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.s...abs/tgctlsr.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.aka...vex-2.2.4.1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1229907543499
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8888 bytes
  • 0

Advertisements


#2
boxiom

boxiom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Bump
  • 0

#3
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello boxiom

Welcome to G2Go. :)
=====================
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  • 0

#4
boxiom

boxiom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Extras.Txt

OTL Extras logfile created on: 8/17/2009 10:37:30 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Chris\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.77 Gb Available Physical Memory | 38.34% Memory free
3.85 Gb Paging File | 2.49 Gb Available in Paging File | 64.61% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 3.80 Gb Free Space | 5.11% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.90 Gb Total Space | 0.96 Gb Free Space | 50.61% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHRIS-HPLAPTOP
Current User Name: Chris
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"2083:TCP" = 2083:TCP:*:Enabled:deathcore
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\Steam\steamapps\xboxdude56665\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\xboxdude56665\condition zero\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Program Files\Steam\steamapps\xboxdude56665\counter-strike source\hl2.exe" = C:\Program Files\Steam\steamapps\xboxdude56665\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\Steam\steamapps\xboxdude56665\team fortress 2\hl2.exe" = C:\Program Files\Steam\steamapps\xboxdude56665\team fortress 2\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- ()
"C:\Program Files\Activision Value\Soldier of Fortune Payback\sof3.exe" = C:\Program Files\Activision Value\Soldier of Fortune Payback\sof3.exe:*:Enabled:sof3 -- File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- File not found
"C:\Program Files\Steam\steamapps\common\saints row 2\SR2_pc.exe" = C:\Program Files\Steam\steamapps\common\saints row 2\SR2_pc.exe:*:Enabled:Saints Row 2 -- ()
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- File not found
"C:\Documents and Settings\Chris\Desktop\RapidShare Manager\RapidShareManager.exe" = C:\Documents and Settings\Chris\Desktop\RapidShare Manager\RapidShareManager.exe:*:Enabled:RapidShare Manager -- File not found
"C:\Documents and Settings\Chris\Desktop\SOF2\SoF2MP.exe" = C:\Documents and Settings\Chris\Desktop\SOF2\SoF2MP.exe:*:Enabled:SoF2MP -- File not found
"C:\Program Files\Steam\steamapps\xboxdude56665\day of defeat source\hl2.exe" = C:\Program Files\Steam\steamapps\xboxdude56665\day of defeat source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Program Files\Steam\steamapps\xboxdude56665\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\xboxdude56665\counter-strike\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\NovaLogic\Delta Force Xtreme 2 BETA\DFX2BETA.EXE" = C:\Program Files\NovaLogic\Delta Force Xtreme 2 BETA\DFX2BETA.EXE:*:Enabled:Delta Force Xtreme 2 BETA -- File not found
"C:\Program Files\NovaLogic\Delta Force Xtreme 2 BETA\UPDATE.EXE" = C:\Program Files\NovaLogic\Delta Force Xtreme 2 BETA\UPDATE.EXE:*:Enabled:Delta Force Xtreme 2 BETA -- File not found
"C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\Chris\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Documents and Settings\Chris\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
"C:\Documents and Settings\Chris\Desktop\Street_Fighter_Alpha_3_kuzz786\kaillerasrv.exe" = C:\Documents and Settings\Chris\Desktop\Street_Fighter_Alpha_3_kuzz786\kaillerasrv.exe:*:Enabled:kaillerasrv -- File not found
"C:\Documents and Settings\Chris\Desktop\Adobe Dreamweaver CS4_portable\Adobe Dreamweaver CS4.exe" = C:\Documents and Settings\Chris\Desktop\Adobe Dreamweaver CS4_portable\Adobe Dreamweaver CS4.exe:*:Enabled:Adobe Dreamweaver CS4 -- (Adobe Systems, Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\AVG\AVG8\avgdiag.exe" = C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgdiagex.exe" = C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06C32EA0-4A22-4919-979A-8700715865B8}" = Microsoft LifeCam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0798F827-9539-B782-2859-A02838BF2431}" = ccc-core-preinstall
"{086429F7-F663-6103-B4AF-1472DF8FBCD8}" = CCC Help German
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10F35F42-1F69-A83E-61B8-360598108DDD}" = Catalyst Control Center Localization Finnish
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1E1C6862-25A9-8216-C272-8774BCE0A7A3}" = Catalyst Control Center Localization Norwegian
"{1E723465-79CB-9B9D-7204-B40CB99B1B69}" = CCC Help Portuguese
"{22EFBDF0-021F-1059-E3E0-3210B850863E}" = Catalyst Control Center Localization Korean
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 14
"{26F1B195-F26A-6BC9-BBDE-2818CF20CA34}" = CCC Help Dutch
"{2A5DF09B-25B3-F115-5624-F5C02131469B}" = CCC Help Russian
"{2BA31075-6E10-E8EF-1F9E-FD614913DDFE}" = CCC Help Polish
"{340B9285-E847-F3C7-D415-A7FA853230DF}" = CCC Help Turkish
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3596E300-0658-B363-B71C-E7E8C527BC9C}" = Catalyst Control Center Localization French
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{38B33BBD-EE81-CB3B-EEB4-FD75D75676E4}" = CCC Help Greek
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{449725BD-A183-1637-E267-3B4211E809A5}" = Catalyst Control Center Localization Dutch
"{49253DE2-FC99-4BE3-99A4-DAB01A8E6088}" = Camtasia Studio 6
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4B999D12-6DC7-611D-D64F-F6596CC37120}" = CCC Help Spanish
"{4C1229B5-A67A-380A-7322-6E675FDB1D7B}" = CCC Help French
"{4DC2CDBA-A3ED-AACF-0A1F-61A99122537E}" = CCC Help Norwegian
"{54DF3F70-6E00-7A78-D42F-C6FC401F03BA}" = CCC Help English
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57088A2F-890E-A339-67F9-5F7C9760F025}" = Catalyst Control Center Localization Swedish
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5D0D721F-5A1D-6E78-9947-0D975D320B0C}" = CCC Help Chinese Traditional
"{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{603C7AE7-04BD-74A5-FD67-64E26839B4D2}" = CCC Help Danish
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{665880C7-9941-1025-6E6F-AD74786F8B25}" = Catalyst Control Center Localization Czech
"{66F0C737-CB50-D07A-B46B-99E661C85292}" = Catalyst Control Center Core Implementation
"{676F2754-BDE5-6B5C-8FA9-C6AEEAD1083E}" = CCC Help Korean
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6984297D-54B4-47F2-B160-D40C305756AF}" = GUILTY GEAR X2 #RELOAD
"{6A825231-3112-0497-C6D5-CF70616E5696}" = Catalyst Control Center Graphics Light
"{71F4BE71-C402-F9DE-081C-A2C8DE3E0E61}" = Catalyst Control Center Localization Spanish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{739DD51A-82B9-45A8-11C8-6A60C9F2CB16}" = Catalyst Control Center Localization Thai
"{7530DE73-9906-BC25-414E-0616EA8403C8}" = Catalyst Control Center Localization Turkish
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77430A73-7CB2-FC2F-41EF-67067F444F2B}" = CCC Help Finnish
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E2A5F7A-FF0B-A0BA-EF92-FE3282ADDBD6}" = Catalyst Control Center Localization Japanese
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F6205B-2D61-980E-5254-AA4288A6655F}" = Catalyst Control Center Localization Greek
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{93678649-147C-AC8A-3893-5E534FAB25D0}" = CCC Help Italian
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9BB85301-914D-F3BB-63C5-91FB1F1F26D3}" = Catalyst Control Center Localization Portuguese
"{9F2EE5C1-9C38-91F8-A671-68ED6DF09662}" = Catalyst Control Center Localization Polish
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB407C9F-489A-36F8-89FB-EB3AF41C1EBD}" = ccc-core-static
"{ABBA0799-F982-414C-9A8B-17EB03D39677}" = trakAxPC
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2A90454-C1EB-3D92-55FC-BB5E91579C74}" = Catalyst Control Center Localization Chinese Traditional
"{B32943BD-5190-5D64-010E-ED1D080B8999}" = Catalyst Control Center Localization Danish
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}" = Sony Vegas Pro 8.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB3B2C0C-547B-D416-B288-6A76BE85BA0A}" = CCC Help Thai
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.2.256
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC73EDBB-864A-91B7-8BD0-4DE299F128CF}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C34C435B-C59B-AFAD-CA68-30FB04EEAB64}" = Skins
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4A46004-CA69-3352-2DA5-63A1D99FB043}" = ccc-utility
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C73EEBC0-864D-EEDD-490C-065A73D16D3D}" = CCC Help Swedish
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C7C85750-0850-9393-FEAD-D3114B15CB2B}" = Catalyst Control Center Localization Russian
"{C989B318-94EA-CD15-3EB9-EB02452B470A}" = Catalyst Control Center Graphics Full New
"{CA24D233-DDF9-C279-9431-89CD24593B31}" = CCC Help Chinese Standard
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD3C7B4B-ABD0-0EF0-6A24-6F4413A4C891}" = Catalyst Control Center Localization Italian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DA9F1AE9-6759-588C-5389-3769EF874D4D}" = Catalyst Control Center Graphics Full Existing
"{DE88BC8E-544E-A26B-0FB4-56059FDBF175}" = Catalyst Control Center Localization Hungarian
"{E075C126-F33E-CFE7-A749-1BD315CBDF58}" = CCC Help Hungarian
"{E65405D7-E223-7528-9F90-8E71E2656043}" = Catalyst Control Center Localization German
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F314EA69-9590-4876-8E2B-44CBEE7FFAA1}" = AVG Identity Protection
"{F6B1D53B-2A68-377D-AC39-C8FD359FF6F1}" = Google Talk Plugin
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB20507E-580F-F9FB-A01A-A4866D6C8E95}" = Catalyst Control Center Localization Chinese Standard
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE52D249-1835-BE40-6512-1750F76A3D87}" = CCC Help Czech
"{FF0AB597-3396-46DB-85CA-9EAEDF5F1590}" = STREET FIGHTER IV BENCHMARK
"{FF6F491D-BC82-4DCC-A72F-1824957C6466}" = TIxx21
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"AIM_6" = AIM 6
"All ATI Software" = ATI - Software Uninstall Utility
"Audacity_is1" = Audacity 1.2.6
"AVG8Uninstall" = AVG 8.5
"AVIcodec" = AVIcodec (remove only)
"Avidemux 2.4" = Avidemux 2.4
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Editor 4_is1" = AVS Video Editor 4
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DiskAid_is1" = DiskAid 3.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"FileZilla Client" = FileZilla Client 3.2.0
"FLV Player" = FLV Player 2.0 (build 25)
"HijackThis" = HijackThis 2.0.2
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"In The Groove" = In The Groove (remove only)
"InstallShield_{FF6F491D-BC82-4DCC-A72F-1824957C6466}" = Texas Instruments PCIxx21/x515 drivers.
"LastFM_is1" = Last.fm 1.5.4.24567
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"Nero - Burning Rom!UninstallKey" = Nero 6 Demo
"NeroMediaHome!UninstallKey" = Nero MediaHome CE
"NeroRecode!UninstallKey" = Nero Recode CE
"NeroShowTime!UninstallKey" = Nero ShowTime CE
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PokerStars" = PokerStars
"Power Screen Capture_is1" = Power Screen Capture 7.0.0.786
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"PunkBusterSvc" = PunkBuster Services
"SiteGrinder2" = Media Lab SiteGrinder 2 (Basic & Pro)
"Steam App 211" = Source SDK
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 440" = Team Fortress 2
"Steam App 80" = Condition Zero
"Steam App 9480" = Saints Row 2
"SystemRequirementsLab" = System Requirements Lab
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"VidGIF Update trial to full_is1" = VidGIF 2.3.0.1
"VidGIF_is1" = VidGIF
"VobSub" = VobSub v2.05 (Remove Only)
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
"BitTorrent DNA" = DNA
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/25/2009 3:01:53 PM | Computer Name = CHRIS-HPLAPTOP | Source = MsiInstaller | ID = 11711
Description = Product: STREET FIGHTER IV BENCHMARK -- Error 1711.An error occurred
while writing installation information to disk. Check to make sure enough disk
space is available, and click Retry, or Cancel to end the installation.

Error - 7/25/2009 3:02:22 PM | Computer Name = CHRIS-HPLAPTOP | Source = ESENT | ID = 482
Description = wuauclt (3692) An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
at offset 8192 (0x0000000000002000) for 57344 (0x0000e000) bytes failed with system
error 112 (0x00000070): "There is not enough space on the disk. ". The write operation
will fail with error -1808 (0xfffff8f0). If this error persists then the file
may be damaged and may need to be restored from a previous backup.

Error - 7/25/2009 3:02:23 PM | Computer Name = CHRIS-HPLAPTOP | Source = ESENT | ID = 482
Description = wuauclt (3332) An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
at offset 8192 (0x0000000000002000) for 57344 (0x0000e000) bytes failed with system
error 112 (0x00000070): "There is not enough space on the disk. ". The write operation
will fail with error -1808 (0xfffff8f0). If this error persists then the file
may be damaged and may need to be restored from a previous backup.

Error - 7/25/2009 3:02:23 PM | Computer Name = CHRIS-HPLAPTOP | Source = ESENT | ID = 482
Description = wuauclt (3372) An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb"
at offset 8192 (0x0000000000002000) for 57344 (0x0000e000) bytes failed with system
error 112 (0x00000070): "There is not enough space on the disk. ". The write operation
will fail with error -1808 (0xfffff8f0). If this error persists then the file
may be damaged and may need to be restored from a previous backup.

Error - 7/29/2009 2:42:05 PM | Computer Name = CHRIS-HPLAPTOP | Source = Google Update | ID = 20
Description =

Error - 7/29/2009 3:42:05 PM | Computer Name = CHRIS-HPLAPTOP | Source = Google Update | ID = 20
Description =

Error - 7/29/2009 4:42:05 PM | Computer Name = CHRIS-HPLAPTOP | Source = Google Update | ID = 20
Description =

Error - 7/29/2009 5:42:05 PM | Computer Name = CHRIS-HPLAPTOP | Source = Google Update | ID = 20
Description =

Error - 7/31/2009 2:49:58 PM | Computer Name = CHRIS-HPLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, faulting module unknown,
version 0.0.0.0, fault address 0x0cea31fd.

Error - 8/5/2009 12:42:05 AM | Computer Name = CHRIS-HPLAPTOP | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 8/15/2009 12:18:08 AM | Computer Name = CHRIS-HPLAPTOP | Source = Service Control Manager | ID = 7034
Description = The PnkBstrA service terminated unexpectedly. It has done this 1
time(s).

Error - 8/15/2009 1:04:51 AM | Computer Name = CHRIS-HPLAPTOP | Source = DCOM | ID = 10010
Description = The server {DC0C2640-1415-4644-875C-6F4D769839BA} did not register
with DCOM within the required timeout.


< End of report >
  • 0

#5
boxiom

boxiom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
OTL.txt:

OTL logfile created on: 8/17/2009 10:37:30 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Chris\My Documents\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.77 Gb Available Physical Memory | 38.34% Memory free
3.85 Gb Paging File | 2.49 Gb Available in Paging File | 64.61% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 3.80 Gb Free Space | 5.11% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.90 Gb Total Space | 0.96 Gb Free Space | 50.61% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHRIS-HPLAPTOP
Current User Name: Chris
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe (AVG)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe (AVG)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\PnkBstrA.exe ()
PRC - C:\WINDOWS\System32\tcpsvcs.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\snmp.exe (Microsoft Corporation)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe (AVG)
PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSMonitor.exe (AVG)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe (ATI Technologies Inc.)
PRC - C:\Program Files\AIM6\aim6.exe (AOL LLC)
PRC - C:\Program Files\AIM6\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files\MSN Messenger\usnsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe ()
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe ()
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AIM6\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files\MSN Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\Chris\My Documents\Downloads\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Running]) -- C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (Automatic LiveUpdate Scheduler [Disabled | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent [Auto | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe (AVG)
SRV - (AVGIDSWatcher [Auto | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe (AVG)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Iprip [Auto | Running]) -- C:\WINDOWS\System32\iprip.dll (Microsoft Corporation)
SRV - (Irmon [Auto | Running]) -- C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
SRV - (MSCamSvc [Auto | Running]) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (PnkBstrA [Auto | Running]) -- C:\WINDOWS\System32\PnkBstrA.exe ()
SRV - (SimpTcp [Auto | Running]) -- C:\WINDOWS\System32\tcpsvcs.exe (Microsoft Corporation)
SRV - (SNMP [Auto | Running]) -- C:\WINDOWS\System32\snmp.exe (Microsoft Corporation)
SRV - (SoundMAX Agent Service (default) [Auto | Running]) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)
SRV - (usnjsvc [On_Demand | Running]) -- C:\Program Files\MSN Messenger\usnsvc.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (AVGIDSDriver [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSDriver.sys (AVG Technologies )
DRV - (AVGIDSErHr [Boot | Running]) -- C:\WINDOWS\System32\Drivers\AVGIDSErHr.sys (AVG Technologies )
DRV - (AVGIDSFilter [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSFilter.sys (AVG Technologies )
DRV - (AVGIDSShim [On_Demand | Running]) -- C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_XP\AVGIDSShim.sys (AVG Technologies )
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX [System | Running]) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (GTIPCI21 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\gtipci21.sys (Texas Instruments)
DRV - (HBtnKey [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\cpqbttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (pcouffin [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\pcouffin.sys (VSO Software)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SMCIRDA [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\smcirda.sys (SMC)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (tifm21 [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (USBAAPL [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbaudio [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV - (VX3000 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\VX3000.sys (Microsoft Corporation)
DRV - (w29n51 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\w29n51.sys (Intel® Corporation)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.21.0
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.1.8.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.2.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2


FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/07/15 01:21:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/08/03 03:36:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/07 03:11:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/15 14:07:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/15 14:07:22 | 00,000,000 | ---D | M]

[2008/12/22 19:39:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\mozilla\Extensions
[2008/12/22 19:39:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/16 01:44:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\mozilla\Firefox\Profiles\fibk78lw.default\extensions
[2009/05/07 00:56:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\mozilla\Firefox\Profiles\fibk78lw.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/07/09 00:37:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\mozilla\Firefox\Profiles\fibk78lw.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/01/11 03:36:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\mozilla\Firefox\Profiles\fibk78lw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/07/25 14:43:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\mozilla\Firefox\Profiles\fibk78lw.default\extensions\[email protected]
[2009/08/16 01:44:45 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/15 14:07:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/15 01:21:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/08/15 14:06:54 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/15 14:06:54 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/15 16:24:54 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2009/07/15 01:21:06 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/04/15 16:24:36 | 01,337,648 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/04/15 16:24:44 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2008/06/27 17:03:12 | 01,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/08/15 14:07:09 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/06/11 23:45:28 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/07/05 22:59:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/07/05 22:59:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/07/05 22:59:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/07/05 22:59:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/07/05 22:59:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/07/05 22:59:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/07/05 22:59:09 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/04/15 16:24:54 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/08/15 14:07:14 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/15 14:07:14 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/08/15 14:07:15 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/15 14:07:15 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/08/15 14:07:15 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/15 14:07:15 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/15 14:07:15 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (767 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL File not found
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe File not found
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVGIDS] C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe (AVG)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.systemreq...sreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1229907543499 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.152.37.23 205.152.150.23
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\System32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\System32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/21 19:12:13 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINDOWS\*.tmp files]
[2009/08/17 20:35:36 | 00,022,367 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\adtech4talksmall.png
[2009/08/17 20:34:12 | 00,118,911 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\adtech4talk.jpg
[2009/08/17 20:23:14 | 00,021,268 | ---- | C] () -- C:\Documents and Settings\Chris\My Documents\head-logo.png
[2009/08/17 20:20:46 | 00,012,494 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\bidi.css
[2009/08/17 20:19:51 | 00,016,302 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\head-logo.png
[2009/08/17 20:17:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\blue_green
[2009/08/17 20:16:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\sources
[2009/08/17 14:58:06 | 00,021,268 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\logooo2.png
[2009/08/17 14:52:22 | 00,024,226 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\logo.png
[2009/08/17 01:26:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\Kids_Like_Us-The_Game
[2009/08/16 05:12:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\Kid606 - Shout At The Doner (2009)
[2009/08/16 00:52:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\vortex_dark
[2009/08/16 00:52:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\vortex
[2009/08/15 03:52:18 | 33,002,738 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\unatainable2 stickam [bleep].avi
[2009/08/15 03:47:28 | 32,341,041 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\taina.rar
[2009/08/15 02:12:23 | 02,571,996 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\dod_orangecorridors_beta.bsp
[2009/08/15 02:11:56 | 03,088,928 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\dod_hardcoreorange.bsp
[2009/08/15 00:35:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/08/14 23:19:53 | 00,000,232 | -H-- | C] () -- C:\sqmdata12.sqm
[2009/08/14 23:19:52 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2009/08/13 17:32:56 | 00,179,362 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\3.jpg
[2009/08/13 17:31:48 | 00,235,098 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\bg2.jpg
[2009/08/13 17:23:25 | 00,244,745 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\1.jpg
[2009/08/13 17:09:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\New Folder
[2009/08/13 17:08:58 | 01,420,703 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\BattleGrounds.zip
[2009/08/12 03:02:01 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009/08/11 21:45:15 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009/08/11 01:25:33 | 10,947,564 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Attack From The Dead 1.4-COREPDA.ipa
[2009/08/11 01:21:41 | 10,388,552 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\MX_Mayhem-v1.0(LanhHuyet).ipa
[2009/08/11 01:20:13 | 05,447,888 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\SleepStream 1.2 Nonamed.ipa
[2009/08/11 01:18:52 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Alien_Crisis-v1.0-Aldogh.ipa
[2009/08/11 01:16:28 | 01,143,813 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\oMaps-v1.1-.ipa
[2009/08/11 01:12:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\A Type & a Shadow
[2009/08/11 01:09:19 | 30,671,176 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\A Type and a Shadow(2009)IAM.zip
[2009/08/10 23:19:29 | 47,146,214 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\01111111.avi
[2009/08/10 08:44:40 | 00,016,227 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\life.jpg
[2009/08/08 21:11:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\Brokenjaws-The_Easy_Way-(EP)-2009-pLAN9
[2009/08/08 20:47:37 | 29,817,169 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Brokenjaws-The_Easy_Way-_EP_-2009-pLAN9-SceneDDL.net.rar
[2009/08/08 19:15:17 | 00,094,132 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\free_zen_cart_template1.zip
[2009/08/08 00:30:17 | 01,089,601 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/08/07 03:07:18 | 00,000,000 | ---D | C] -- C:\266124f0377998f39e690071a75096
[2009/08/06 23:54:14 | 00,223,539 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\me.jpg
[2009/08/06 02:06:07 | 00,068,588 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\tech4.jpg
[2009/08/06 00:16:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/08/05 23:57:52 | 00,989,489 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\dod_hardcoreorange.rar
[2009/08/05 18:26:22 | 00,112,965 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\bgtt.jpg
[2009/08/05 18:20:27 | 00,006,970 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\bglog.png
[2009/08/05 18:19:30 | 00,104,897 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\bg.jpg
[2009/08/05 18:19:26 | 03,195,350 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\bg.psd
[2009/08/05 06:08:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\Kill Sounds Before Sounds Kill You (Complete)
[2009/08/05 05:56:46 | 99,333,965 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\kid606_kill_sound.rar
[2009/08/03 14:53:04 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\HijackThis.lnk
[2009/08/03 14:53:03 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/03 14:46:58 | 00,393,584 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\toxic.jpg
[2009/08/03 03:37:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/08/03 03:37:01 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/08/03 02:47:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\AVG8
[2009/08/03 02:47:36 | 00,847,768 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Chris\Desktop\avg_free_stb_all_8_30_cnet.exe
[2009/08/03 02:25:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\TCP_TCP_byAIMP
[2009/07/30 19:06:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\Adobe
[2009/07/30 19:06:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\DiskAid
[2009/07/30 18:58:55 | 00,000,000 | ---D | C] -- C:\Program Files\DigiDNA
[2009/07/29 13:52:18 | 00,000,268 | -H-- | C] () -- C:\sqmdata11.sqm
[2009/07/29 13:52:18 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2009/07/26 04:31:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\The Postal Service - Give Up [2003]
[2009/07/25 15:51:37 | 00,189,640 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009/07/25 15:51:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\PunkBuster
[2009/07/25 15:46:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\My Documents\Battlefield Heroes
[2009/07/25 15:25:38 | 00,139,152 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\PnkBstrK.sys
[2009/07/25 15:25:38 | 00,138,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/07/25 15:25:19 | 00,189,640 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/07/25 15:25:18 | 00,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/07/25 15:25:18 | 00,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/07/25 15:07:05 | 01,414,440 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\ShellManager310E2D762.dll
[2009/07/25 15:07:05 | 00,773,120 | ---- | C] () -- C:\WINDOWS\System32\NEROINSTAEC43759.DB
[2009/07/25 14:45:00 | 00,000,000 | ---D | C] -- C:\Program Files\EA Games
[2009/07/25 03:10:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\Adobe
[2009/07/22 17:23:40 | 00,074,760 | ---- | C] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\UniversalDD.sys
[2009/07/22 17:23:40 | 00,025,608 | ---- | C] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSErHr.sys
[2009/07/22 13:55:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\The Contortionist - Shapeshifter (2008)_by_xmoshkidx
[2009/07/22 01:24:32 | 00,000,000 | ---D | C] -- C:\Program Files\PokerStars
[2009/07/21 00:31:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Chris\My Documents\Camtasia Studio
[2009/07/21 00:24:12 | 00,000,793 | ---- | C] () -- C:\Documents and Settings\Chris\My Documents\Untitled-1.html
[2009/07/21 00:06:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2009/07/21 00:06:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2009/07/21 00:06:01 | 00,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2009/05/31 18:48:34 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/07 20:49:47 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/05/01 13:40:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2009/04/28 13:54:07 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7D.DLL
[2009/02/22 22:08:07 | 00,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/02/20 21:46:13 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\avisynth.dll
[2009/01/01 05:58:18 | 00,015,498 | R--- | C] () -- C:\WINDOWS\VX3000.ini
[2008/12/21 20:45:33 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/12/21 20:45:33 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/12/21 20:45:33 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/12/21 20:45:33 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/12/21 20:45:33 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/12/21 20:45:33 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/06/19 08:59:36 | 00,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007/04/20 07:57:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/04/20 07:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/04/20 07:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/04/20 07:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/04/20 07:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/04/20 07:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/04/20 07:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/04/20 07:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/04/20 07:57:28 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004/01/13 20:46:34 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2001/08/23 08:00:00 | 00,000,566 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2000/02/04 01:18:12 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009/08/17 22:42:00 | 00,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-179605362-725345543-1004UA.job
[2009/08/17 20:35:37 | 00,022,367 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\adtech4talksmall.png
[2009/08/17 20:34:13 | 00,118,911 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\adtech4talk.jpg
[2009/08/17 20:23:15 | 00,021,268 | ---- | M] () -- C:\Documents and Settings\Chris\My Documents\head-logo.png
[2009/08/17 20:20:46 | 00,012,494 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\bidi.css
[2009/08/17 20:19:53 | 00,016,302 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\head-logo.png
[2009/08/17 18:37:09 | 00,000,568 | ---- | M] () -- C:\Documents and Settings\Chris\My Documents\My Sharing Folders.lnk
[2009/08/17 15:04:50 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/08/17 14:58:07 | 00,021,268 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\logooo2.png
[2009/08/17 14:52:24 | 00,024,226 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\logo.png
[2009/08/17 08:20:07 | 39,918,921 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/16 23:42:01 | 00,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-179605362-725345543-1004Core.job
[2009/08/15 08:20:10 | 00,065,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/15 03:51:58 | 32,341,041 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\taina.rar
[2009/08/15 02:41:30 | 00,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009/08/15 01:04:11 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/08/15 00:32:28 | 00,508,956 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/08/15 00:32:28 | 00,432,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/08/15 00:32:28 | 00,067,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/08/15 00:28:18 | 00,013,044 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/15 00:27:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/15 00:27:46 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/14 23:19:53 | 00,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/08/14 23:19:52 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/08/13 17:32:57 | 00,179,362 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\3.jpg
[2009/08/13 17:31:49 | 00,235,098 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\bg2.jpg
[2009/08/13 17:23:26 | 00,244,745 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\1.jpg
[2009/08/13 17:09:02 | 01,420,703 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\BattleGrounds.zip
[2009/08/12 03:02:26 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/08/12 00:56:55 | 00,016,384 | ---- | M] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/11 01:27:35 | 10,947,564 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Attack From The Dead 1.4-COREPDA.ipa
[2009/08/11 01:24:12 | 10,388,552 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\MX_Mayhem-v1.0(LanhHuyet).ipa
[2009/08/11 01:21:45 | 05,447,888 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\SleepStream 1.2 Nonamed.ipa
[2009/08/11 01:18:53 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Alien_Crisis-v1.0-Aldogh.ipa
[2009/08/11 01:16:43 | 01,143,813 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\oMaps-v1.1-.ipa
[2009/08/11 01:12:07 | 30,671,176 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\A Type and a Shadow(2009)IAM.zip
[2009/08/10 23:43:28 | 33,002,738 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\unatainable2 stickam [bleep].avi
[2009/08/10 23:29:11 | 47,146,214 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\01111111.avi
[2009/08/10 08:44:41 | 00,016,227 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\life.jpg
[2009/08/08 20:54:31 | 29,817,169 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Brokenjaws-The_Easy_Way-_EP_-2009-pLAN9-SceneDDL.net.rar
[2009/08/08 19:15:18 | 00,094,132 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\free_zen_cart_template1.zip
[2009/08/07 03:53:04 | 00,030,080 | ---- | M] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/07 03:33:09 | 02,052,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/06 23:54:15 | 00,223,539 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\me.jpg
[2009/08/06 02:06:08 | 00,068,588 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\tech4.jpg
[2009/08/05 23:57:53 | 00,989,489 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\dod_hardcoreorange.rar
[2009/08/05 18:44:17 | 03,088,928 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\dod_hardcoreorange.bsp
[2009/08/05 18:26:23 | 00,112,965 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\bgtt.jpg
[2009/08/05 18:20:28 | 00,006,970 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\bglog.png
[2009/08/05 18:19:31 | 00,104,897 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\bg.jpg
[2009/08/05 18:19:27 | 03,195,350 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\bg.psd
[2009/08/05 06:08:40 | 99,333,965 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\kid606_kill_sound.rar
[2009/08/05 05:11:47 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/08/05 05:11:47 | 00,204,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/08/04 07:49:08 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/08/03 14:53:04 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\HijackThis.lnk
[2009/08/03 14:46:59 | 00,393,584 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\toxic.jpg
[2009/08/03 03:37:03 | 00,463,779 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/08/03 03:37:01 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/08/03 03:37:01 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 8.5.lnk
[2009/08/03 03:37:00 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/08/03 03:37:00 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/08/03 02:47:37 | 00,847,768 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Chris\Desktop\avg_free_stb_all_8_30_cnet.exe
[2009/07/29 13:52:18 | 00,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/07/29 13:52:18 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/07/27 18:40:13 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx
[2009/07/25 15:51:54 | 00,138,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/07/25 15:51:37 | 00,189,640 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009/07/25 15:51:36 | 00,189,640 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/07/25 15:25:38 | 00,139,152 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\PnkBstrK.sys
[2009/07/25 15:25:18 | 00,794,408 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/07/25 15:25:18 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/07/22 17:23:40 | 00,074,760 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\UniversalDD.sys
[2009/07/22 17:23:40 | 00,025,608 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSErHr.sys
[2009/07/22 02:15:58 | 00,000,106 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\default.pls
[2009/07/21 00:26:00 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\Chris\My Documents\Untitled-1.html
[2009/07/19 18:48:58 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[2009/07/19 18:48:58 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/07/19 09:18:59 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009/07/19 09:18:59 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

========== LOP Check ==========

[2009/08/17 21:10:27 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/07/05 23:01:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/12/24 00:39:55 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
[2008/12/22 19:44:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/02/14 12:26:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ALM
[2008/12/24 18:37:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2009/04/21 21:13:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2009/04/28 13:54:18 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/08/03 03:37:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2008/12/24 00:41:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/02/14 12:37:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/04/21 20:47:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HighAndes
[2009/05/21 20:41:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2008/12/24 00:25:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
[2009/06/06 02:12:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2009/07/21 00:06:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2009/02/10 00:11:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/05/03 22:24:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/07/06 02:38:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2009/08/17 21:10:26 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Chris\Application Data
[2008/12/23 01:08:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\acccore
[2009/05/12 12:12:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Artisteer
[2008/12/24 18:37:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\ATI
[2009/04/21 20:54:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\avidemux
[2009/04/21 21:13:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\AVS4YOU
[2009/05/31 16:21:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\DAEMON Tools
[2009/05/07 20:49:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\DAEMON Tools Lite
[2009/07/30 22:22:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\DiskAid
[2009/08/17 22:35:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\DNA
[2009/02/09 17:36:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Download Manager
[2009/08/17 20:26:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\FileZilla
[2009/06/14 21:38:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\GeoVid
[2009/02/02 19:46:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\GetRightToGo
[2009/04/21 20:47:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\HighAndes
[2008/12/28 17:45:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\InterVideo
[2009/07/17 15:20:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\iPhoneRingToneMaker
[2009/05/18 20:19:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Mis portables
[2009/02/09 22:36:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Publish Providers
[2009/05/10 23:25:48 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Chris\Application Data\SecuROM
[2009/02/09 21:06:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Sony
[2009/02/09 20:32:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Sony Setup
[2009/05/18 20:20:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\SporeCreatureCreator
[2009/05/18 20:46:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Thinstall
[2008/12/24 00:39:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Uniblue
[2009/02/26 00:29:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Ventrilo
[2009/08/01 02:45:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Vso
[2009/06/30 16:40:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\WinFF
[2009/08/04 07:49:08 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001/08/23 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/08/16 23:42:01 | 00,000,926 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-179605362-725345543-1004Core.job
[2009/08/17 22:42:00 | 00,000,978 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-179605362-725345543-1004UA.job
[2009/01/01 06:04:06 | 00,000,140 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_setup_exe.job
[2009/08/15 00:27:49 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
  • 0

#6
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Please run another scan with AVG and tell me if it detects anything.
When the scan is done then under the scan results window on the right there is an option to export to file click it then save it and post it in your next reply.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP