Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

detected minime.exe, "send to" option went missing.

Started by yserenity , Sep 02 2009 06:56 AM

  • Please log in to reply

#1
yserenity
Posted 02 September 2009 - 06:56 AM

yserenity

    Member

  • Member
  • PipPip
  • 11 posts
Hi,

When I used a flash drive, avast antivirus found an autorun.inf file and i chose the delete option. About that time, the send to option from right clicking a file went missing. So I ran a scan in local hard drives using avast.
minime.exe, tagged as trojan, was found. I did not finish the avast scan ,but instead ran a full scan using Malwarebytes. It did not find anything.

I was able to restore the send to button by downloading some reg file from a website, but I am not convinced that my system is clean. I don't know how to read HiJackthis logs and OTL logs...so would anyone kindly take a look at it and see if my system is clean? Thanks!

OTListIt logfile created on: 9/2/2009 2:31:04 PM - Run 4
OTListIt by OldTimer - Version 1.0.8.0 Folder = C:\Users\Yvonne\geeks to go
Windows Vista Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 49.68% Memory free
3.73 Gb Paging File | 2.75 Gb Available in Paging File | 73.67% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.05 Gb Total Space | 52.78 Gb Free Space | 37.69% Space Free | Partition Type: NTFS
Drive D: | 9.00 Gb Total Space | 2.22 Gb Free Space | 24.70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP-PC
Current User Name: Yvonne
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/01/21 10:33:13 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2008/01/21 10:33:15 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2009/04/11 14:27:49 | 03,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2008/08/07 14:37:24 | 00,024,880 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe
[2009/02/06 05:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2009/02/06 05:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
[2008/01/21 10:32:56 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
[2007/10/19 15:28:24 | 00,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
[2008/12/10 07:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- c:\xampp\apache\bin\httpd.exe
[2009/07/09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2003/03/19 02:55:56 | 00,335,872 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
[2009/03/16 19:29:28 | 06,562,432 | ---- | M] () -- c:\xampp\mysql\bin\mysqld.exe
[2009/06/26 10:45:27 | 00,056,680 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
[2009/04/11 14:27:59 | 00,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2008/11/10 04:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
[2008/12/10 07:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe
[2009/02/06 05:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[2009/02/06 05:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[2009/04/11 14:28:07 | 00,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2009/04/11 14:28:07 | 00,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2009/04/11 14:27:33 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2008/03/28 02:05:00 | 01,045,800 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2007/05/09 07:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[2009/01/04 11:25:40 | 00,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[2009/02/06 05:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
[2008/01/21 10:32:50 | 00,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
[2007/12/19 17:19:48 | 01,314,816 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
[2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2009/07/13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2009/08/10 07:43:50 | 00,944,640 | ---- | M] (Crawler.com) -- C:\Program Files\Crawler\Notes\CNotes.exe
[2006/10/26 20:24:54 | 00,098,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[2008/01/21 10:32:59 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
[2008/04/16 04:40:10 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
[2008/03/28 02:06:00 | 00,095,528 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
[2009/04/11 14:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2009/04/11 14:27:59 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[2009/04/11 14:27:58 | 00,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
[2009/08/18 18:27:06 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
[2008/10/17 08:56:27 | 00,417,280 | ---- | M] (OldTimer Tools) -- C:\Users\Yvonne\geeks to go\OTListIt.exe

========== (O23) Win32 Services ==========

[2007/10/19 15:28:24 | 00,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters [Auto | Running])
[2008/12/10 07:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- c:\xampp\apache\bin\httpd.exe -- (Apache2.2 [Auto | Running])
[2009/07/09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2009/03/30 12:42:10 | 00,031,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2009/02/06 05:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2009/02/06 05:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
[2009/02/06 05:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
[2009/02/06 05:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (CertPropSvc [Unknown | Stopped])
[2009/03/30 12:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008/04/04 02:33:26 | 00,193,840 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx [On_Demand | Stopped])
File not found -- %SystemRoot%\system32\svchost.exe -- (DcomLaunch [Unknown | Running])
[2009/04/11 14:27:31 | 02,092,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])
[2008/01/21 10:34:19 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dps.dll -- (DPS [Unknown | Running])
[2008/10/19 08:03:11 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2009/02/19 02:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2008/08/29 10:01:22 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [On_Demand | Stopped])
[2009/04/11 14:28:19 | 00,576,512 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\gpsvc.dll -- (gpsvc [Unknown | Running])
[2009/03/31 13:33:27 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
[2008/04/16 04:40:10 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe -- (HP Health Check Service [Auto | Running])
[2008/04/16 23:18:34 | 00,165,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe -- (hpqwmiex [On_Demand | Stopped])
[2008/08/07 14:37:24 | 00,024,880 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpservice.exe -- (hpsrv [Auto | Running])
[2004/10/22 18:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
File not found -- %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2003/03/19 02:55:56 | 00,335,872 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe -- (MDM [Auto | Running])
[2006/10/27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [Disabled | Stopped])
[2008/10/16 22:38:39 00,000,000 | ---D | M] -- C:\windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2009/03/16 19:29:28 | 06,562,432 | ---- | M] () -- c:\xampp\mysql\bin\mysqld.exe -- (MySQL [Auto | Running])
[2009/02/19 02:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2006/10/27 10:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006/10/27 04:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2009/06/26 10:45:27 | 00,056,680 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe -- (rpcnet [Auto | Running])
[2009/04/11 14:28:24 | 00,550,400 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\rpcss.dll -- (RpcSs [Unknown | Running])
[2009/04/11 14:28:24 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\SCardSvr.dll -- (SCardSvr [Unknown | Stopped])
File not found -- %systemroot%\system32\svchost.exe -- (Schedule [Unknown | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (SCPolicySvc [Unknown | Stopped])
[2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [On_Demand | Stopped])
[2009/01/21 13:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [On_Demand | Stopped])
[2009/04/11 14:27:49 | 03,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])
[2006/11/02 17:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
File not found -- %SystemRoot%\servicing\TrustedInstaller.exe -- (TrustedInstaller [Unknown | Stopped])
[2008/01/21 10:33:45 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])
[2007/01/20 03:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2009/04/11 14:28:09 | 00,385,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiServiceHost [Unknown | Stopped])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiSystemHost [Unknown | Running])
[2008/01/21 10:35:20 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])
[2009/04/11 14:27:59 | 00,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])
[2008/11/10 04:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])

========== Driver Services ==========

[2008/08/07 14:31:52 | 00,034,608 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer [On_Demand | Running])
[2008/02/07 23:03:54 | 00,378,368 | ---- | M] (Analog Devices, Inc.) -- C:\Windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])
[2008/01/21 10:32:46 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Boot | Running])
[2008/01/21 10:32:51 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Boot | Running])
[2008/01/21 10:32:52 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Boot | Running])
[2008/01/21 10:32:53 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Boot | Running])
[2006/11/02 17:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Boot | Running])
[2008/01/21 10:32:21 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Boot | Running])
[2008/01/21 10:32:22 | 00,057,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])
[2008/01/21 10:32:21 | 00,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Boot | Running])
[2008/01/21 10:32:21 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [On_Demand | Stopped])
[2008/01/21 10:32:21 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [On_Demand | Stopped])
[2008/01/21 10:32:49 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Boot | Running])
[2008/01/21 10:32:50 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Boot | Running])
[2009/02/06 05:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
[2009/02/06 05:06:59 | 00,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
[2009/02/06 05:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr [System | Running])
[2009/02/06 05:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\windows\System32\drivers\aswSP.sys -- (aswSP [System | Running])
[2009/02/06 05:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
[2007/11/30 01:56:40 | 00,181,760 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x [On_Demand | Running])
[2008/03/22 02:35:24 | 01,207,288 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX [On_Demand | Running])
[2008/01/21 10:32:22 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive [On_Demand | Stopped])
[2008/01/21 10:33:26 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])
[2006/11/02 16:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/11/02 16:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
[2006/11/02 16:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [On_Demand | Stopped])
[2006/11/02 16:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [On_Demand | Stopped])
[2006/11/02 16:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [On_Demand | Stopped])
[2006/11/02 16:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
[2009/04/11 12:43:10 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum [On_Demand | Running])
[2006/11/02 16:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [On_Demand | Stopped])
[2008/01/21 10:32:45 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan [On_Demand | Running])
[2009/04/11 12:43:10 | 00,507,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])
[2009/04/11 12:43:08 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB [On_Demand | Running])
[2008/02/01 17:41:58 | 00,080,424 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio [On_Demand | Running])
[2008/02/01 17:41:58 | 00,080,936 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt [On_Demand | Running])
[2008/02/01 17:41:58 | 00,016,168 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid [On_Demand | Running])
[2008/01/21 10:32:51 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [On_Demand | Stopped])
File not found -- -- (CLFS [Unknown | Running])
[2008/01/21 10:32:21 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Boot | Running])
[2008/01/21 10:32:48 | 00,024,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot | Running])
[2008/01/21 10:32:21 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [On_Demand | Stopped])
[2009/04/11 12:14:12 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System | Running])
[2009/04/11 12:23:48 | 00,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
[2008/01/21 10:32:50 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
[2009/04/11 14:32:43 | 00,141,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot | Running])
[2008/01/21 10:32:48 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Boot | Running])
[2008/01/21 10:32:21 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev [On_Demand | Stopped])
[2009/04/11 12:13:53 | 00,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])
[2008/01/21 10:33:40 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot | Running])
[2008/01/21 10:34:01 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])
[2008/01/21 10:32:47 | 00,061,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])
[2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Stopped])
[2008/04/15 05:39:06 | 00,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey [On_Demand | Running])
[2006/11/02 15:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
[2009/04/11 12:42:42 | 00,561,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/11/02 16:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [On_Demand | Stopped])
[2006/11/02 16:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [On_Demand | Stopped])
[2008/01/21 10:32:52 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Boot | Running])
[2008/08/07 14:42:12 | 00,025,392 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt [Boot | Running])
[2007/06/19 08:12:04 | 00,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr [On_Demand | Running])
File not found -- C:\windows\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard [On_Demand | Stopped])
[2008/01/21 10:32:49 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Boot | Running])
[2006/11/02 17:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Boot | Running])
[2009/01/04 11:54:52 | 00,040,840 | ---- | M] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\ikfilesec.sys -- (IKFileSec [On_Demand | Stopped])
[2009/01/04 11:54:53 | 00,066,952 | ---- | M] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\iksysflt.sys -- (IKSysFlt [On_Demand | Stopped])
[2009/01/04 11:54:53 | 00,081,288 | ---- | M] (PCTools Research Pty Ltd.) -- C:\Windows\System32\drivers\iksyssec.sys -- (IKSysSec [On_Demand | Stopped])
File not found -- C:\windows\System32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand | Stopped])
[2008/01/21 10:32:48 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [On_Demand | Stopped])
[2009/04/11 14:32:46 | 00,180,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])
[2006/11/02 17:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Boot | Running])
[2006/11/02 17:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Boot | Running])
[2009/04/11 12:38:40 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2008/01/21 10:34:21 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])
[2008/01/21 10:32:49 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Boot | Running])
[2008/01/21 10:32:51 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Boot | Running])
[2008/01/21 10:32:48 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Boot | Running])
[2008/01/21 10:34:22 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])
[2008/01/21 10:32:53 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Boot | Running])
[2008/01/21 10:32:52 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR [Boot | Running])
[2008/01/21 10:32:47 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])
[2008/01/21 10:32:45 | 00,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Boot | Running])
[2008/01/21 10:34:35 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])
[2006/11/02 17:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Boot | Running])
[2009/04/11 12:14:36 | 00,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])
[2009/04/11 12:14:29 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])
[2008/01/21 10:32:21 | 00,028,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Boot | Running])
[2008/01/21 10:32:47 | 00,094,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Boot | Running])
[2008/01/21 10:32:22 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot | Running])
[2009/04/11 14:32:46 | 00,161,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])
[2009/04/11 12:43:28 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])
[2006/11/02 17:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Boot | Running])
[2008/01/21 10:34:35 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System | Running])
[2006/11/02 15:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [On_Demand | Stopped])
[2008/01/21 10:32:47 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Boot | Running])
[2008/01/21 10:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Boot | Running])
[2008/01/21 10:32:22 | 00,109,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])
File not found -- C:\windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand | Stopped])
File not found -- C:\windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand | Stopped])
[2009/04/03 11:18:26 | 00,130,936 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys -- (PCTCore [Boot | Running])
[2006/11/02 17:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])
[2009/04/11 12:45:51 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System | Running])
[2008/02/23 10:38:33 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2008/01/21 10:32:50 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Boot | Running])
[2006/11/02 17:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Boot | Running])
[2008/01/21 10:32:58 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])
[2009/04/11 12:46:40 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])
[2008/01/21 10:34:38 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [System | Running])
[2009/04/11 12:43:12 | 00,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Running])
[2008/01/21 10:34:21 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2008/05/20 03:53:42 | 00,854,528 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\Windows\System32\drivers\VTGKModeDX32.sys -- (S3GIGP [On_Demand | Running])
[2006/11/02 17:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Boot | Running])
[2006/11/02 14:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
[2008/01/21 10:32:45 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [On_Demand | Stopped])
[2008/01/21 10:32:49 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Stopped])
[2008/01/21 10:32:49 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])
[2008/01/21 10:32:49 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2008/01/21 10:32:51 | 00,041,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Boot | Running])
[2008/01/21 10:32:52 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Boot | Running])
[2009/04/11 12:45:22 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System | Running])
[2009/03/27 06:48:22 | 01,810,992 | ---- | M] () -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC [On_Demand | Running])
[2008/01/21 10:33:48 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\spldr.sys -- (spldr [Boot | Running])
[2009/04/11 12:15:03 | 00,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])
[2009/04/11 12:15:02 | 00,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])
[2006/11/02 17:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Boot | Running])
[2006/11/02 17:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Boot | Running])
[2006/11/02 17:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Boot | Running])
[2008/03/28 02:06:00 | 00,199,472 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2009/04/11 12:46:06 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])
[2009/04/11 12:45:56 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System | Running])
[2008/01/21 10:32:52 | 00,045,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tpm.sys -- (TPM [On_Demand | Stopped])
[2008/01/21 10:34:49 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped])
[2008/01/21 10:34:06 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])
[2008/01/21 10:34:06 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])
[2008/01/21 10:32:47 | 00,059,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [Boot | Running])
[2008/01/21 10:32:22 | 00,060,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])
[2008/01/21 10:32:45 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Boot | Running])
[2006/11/02 17:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Boot | Running])
[2008/01/21 10:32:49 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Boot | Running])
[2008/01/21 10:32:48 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])
[2008/11/07 14:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2006/11/02 16:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [On_Demand | Stopped])
[2008/01/21 10:32:52 | 00,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo [On_Demand | Stopped])
[2009/04/11 12:46:08 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
[2008/01/21 10:32:23 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])
[2008/01/21 10:32:21 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [On_Demand | Stopped])
[2008/01/21 10:32:21 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Boot | Running])
[2008/01/21 10:32:22 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot | Running])
[2009/04/11 14:33:03 | 00,292,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot | Running])
[2008/01/21 10:32:49 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Boot | Running])
[2006/11/02 16:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [On_Demand | Stopped])
[2008/01/21 10:32:50 | 00,022,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Boot | Running])
[2008/01/21 10:33:23 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot | Running])
[2009/04/11 12:42:52 | 00,031,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys -- (winusb [On_Demand | Stopped])
[2008/01/21 10:32:21 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand | Running])
[2008/01/21 10:34:35 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\System32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...all&pf=cmnb
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

O1 HOSTS File: (761 bytes) - C:\windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key does not exist or could not be opened. File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Key does not exist or could not be opened. File not found
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CrawlerNotes] c:\progra~1\crawler\notes\cnotes.exe /notesshow (Crawler.com)
O4 - HKCU..\Run: [Google Update] "C:\Users\Yvonne\AppData\Local\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1



O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler: - grooveLocalGWS - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - c:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - c:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler: - ms-help - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" (HKLM) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders" = credssp.dll
>[2008/01/21 10:34:21 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

========== LSA *Security Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages" = kerberos,msv1_0,schannel,wdigest,tspkg,
>[2008/01/21 10:34:21 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

autorun.inf []
[2008/10/07 21:56:02 00,000,000 | RHSD | M] -- D:\autorun.inf -- [ NTFS ]


========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2632f2cd-d184-11dd-9b59-00218662935f}\Shell\AutoRun\command]
"" = d8ur3qs.bat


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2632f2cd-d184-11dd-9b59-00218662935f}\Shell\explore\Command]
"" = d8ur3qs.bat


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2632f2cd-d184-11dd-9b59-00218662935f}\Shell\open\Command]
"" = d8ur3qs.bat

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6552b7b5-abc7-11dd-bc64-00218662935f}\Shell]
"" = AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6552b7b5-abc7-11dd-bc64-00218662935f}\Shell\AutoRun\command]
"" = E:\USBNB.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b04b82-fe80-11dd-80c4-00218662935f}\Shell]
"" = AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b04b82-fe80-11dd-80c4-00218662935f}\Shell\AutoRun\command]
"" = E:\AutoRun.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b04b8f-fe80-11dd-80c4-00218662935f}\Shell]
"" = AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b04b8f-fe80-11dd-80c4-00218662935f}\Shell\AutoRun\command]
"" = F:\AutoRun.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b04b9b-fe80-11dd-80c4-00218662935f}\Shell]
"" = AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b04b9b-fe80-11dd-80c4-00218662935f}\Shell\AutoRun\command]
"" = E:\AutoRun.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b04b9d-fe80-11dd-80c4-00218662935f}\Shell]
"" = AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b04b9d-fe80-11dd-80c4-00218662935f}\Shell\AutoRun\command]
"" = E:\AutoRun.exe -- File not found


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7375e29-8780-11dd-b845-00218662935f}\Shell\AutoRun\command]
"" = E:\d8ur3qs.bat -- File not found


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7375e29-8780-11dd-b845-00218662935f}\Shell\explore\Command]
"" = E:\d8ur3qs.bat -- File not found


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7375e29-8780-11dd-b845-00218662935f}\Shell\open\Command]
"" = E:\d8ur3qs.bat -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell]
"" = AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command]
"" = E:\Autorun.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/09/02 13:32:36 | 05,110,272 | ---- | C] () -- C:\Users\Yvonne\Desktop\Thesis Softbound copy.doc
[2009/09/02 13:25:14 | 01,870,329 | ---- | C] () -- C:\Users\Yvonne\Desktop\dixmlsetup.exe
[2009/09/02 09:31:13 | 00,001,584 | ---- | C] () -- C:\Users\Yvonne\Documents\cc_20090902_093104.reg
[2009/09/01 23:36:48 | 01,869,363 | -H-- | C] () -- C:\Users\Yvonne\AppData\Local\IconCache.db
[2009/09/01 23:34:57 | 00,061,924 | ---- | C] () -- C:\Users\Yvonne\Documents\cc_20090901_233355.reg
[2009/09/01 23:24:32 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/09/01 22:53:07 | 18,751,81568 | -HS- | C] () -- C:\hiberfil.sys
[2009/09/01 09:11:53 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/09/01 09:10:59 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/09/01 09:10:50 | 00,000,000 | ---D | C] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/09/01 09:10:50 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/09/01 09:04:47 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/09/01 09:02:45 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/08/31 15:11:06 | 00,000,000 | ---D | C] -- C:\Users\Yvonne\AppData\Local\Yahoo!
[2009/08/29 19:33:29 | 00,000,000 | ---D | C] -- C:\Program Files\Game Accelerator
[2009/08/29 18:51:44 | 00,000,000 | ---D | C] -- C:\Yvonne
[2009/08/26 16:20:16 | 00,000,000 | ---D | C] -- C:\Program Files\Chinese Lunar Calendar
[2009/08/26 14:10:57 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2009/08/26 14:09:22 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Apphlpdm.dll
[2009/08/26 14:09:20 | 04,240,384 | ---- | C] (Microsoft) -- C:\windows\System32\GameUXLegacyGDFs.dll
[2009/08/24 19:15:20 | 00,019,922 | ---- | C] () -- C:\Users\Yvonne\Desktop\HIMYM.docx
[2009/08/23 16:00:44 | 00,451,072 | ---- | C] () -- C:\Users\Yvonne\Desktop\erd.doc
[2009/08/23 10:16:05 | 00,000,000 | ---D | C] -- C:\Program Files\VisustinV3
[2009/08/23 09:08:21 | 00,000,000 | ---D | C] -- C:\Program Files\Visustin
[2009/08/23 09:08:00 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\windows\Setup1.exe
[2009/08/23 09:07:57 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\ST6UNST.EXE
[2009/08/23 09:07:19 | 00,000,303 | ---- | C] () -- C:\windows\ST6UNST.000
[2009/08/22 19:20:31 | 00,133,373 | ---- | C] () -- C:\Users\Yvonne\Desktop\COE+Final+Examination+Sched.pdf
[2009/08/17 19:13:18 | 00,000,000 | ---D | C] -- C:\Program Files\Crawler
[2009/08/14 10:53:55 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\avifil32.dll
[2009/08/14 10:53:50 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\atl.dll
[2009/08/14 10:53:30 | 10,628,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmp.dll
[2009/08/14 10:53:24 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpdxm.dll
[2009/08/14 10:53:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdxm.ocx
[2009/08/14 10:53:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxmasf.dll
[2009/08/14 10:53:21 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwmp.dll
[2009/08/14 10:53:20 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL
[2009/08/14 10:53:17 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdxm.tlb
[2009/08/14 10:53:17 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\amcompat.tlb
[2009/08/14 10:53:06 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wkssvc.dll
[2009/08/14 10:51:52 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstscax.dll
[2009/08/14 10:50:30 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kerberos.dll
[2009/08/14 10:50:28 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msv1_0.dll
[2009/08/14 10:50:27 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wdigest.dll
[2009/08/14 10:50:25 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schannel.dll
[2009/08/14 10:50:21 | 01,259,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\lsasrv.dll
[2009/08/14 10:50:20 | 00,439,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ksecdd.sys
[2009/08/14 10:50:20 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secur32.dll
[2009/08/14 10:50:19 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\lsass.exe


========== Files - Modified Within 30 Days ==========

[2009/09/02 14:02:53 | 05,110,272 | ---- | M] () -- C:\Users\Yvonne\Desktop\Thesis Softbound copy.doc
[2009/09/02 13:43:29 | 00,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/09/02 13:43:29 | 00,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/09/02 13:25:24 | 01,870,329 | ---- | M] () -- C:\Users\Yvonne\Desktop\dixmlsetup.exe
[2009/09/02 10:07:38 | 00,751,146 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2009/09/02 10:07:38 | 00,636,992 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2009/09/02 10:07:38 | 00,118,088 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2009/09/02 09:44:08 | 00,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe
[2009/09/02 09:44:05 | 00,056,680 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll
[2009/09/02 09:43:41 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2009/09/02 09:43:15 | 00,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2009/09/02 09:43:07 | 18,751,81568 | -HS- | M] () -- C:\hiberfil.sys
[2009/09/02 09:41:29 | 01,869,363 | -H-- | M] () -- C:\Users\Yvonne\AppData\Local\IconCache.db
[2009/09/02 09:31:42 | 00,001,584 | ---- | M] () -- C:\Users\Yvonne\Documents\cc_20090902_093104.reg
[2009/09/01 23:35:17 | 00,061,924 | ---- | M] () -- C:\Users\Yvonne\Documents\cc_20090901_233355.reg
[2009/09/01 22:55:37 | 00,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.dll
[2009/09/01 22:53:48 | 01,752,648 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2009/09/01 16:53:39 | 00,000,420 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{CE799302-79F2-46BB-B552-5479B93750FE}.job
[2009/09/01 09:11:53 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/08/29 19:33:50 | 00,000,324 | ---- | M] () -- C:\windows\system.ini
[2009/08/28 16:58:39 | 00,019,922 | ---- | M] () -- C:\Users\Yvonne\Desktop\HIMYM.docx
[2009/08/27 22:19:58 | 00,001,111 | ---- | M] () -- C:\Users\Yvonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2009/08/23 19:52:09 | 00,451,072 | ---- | M] () -- C:\Users\Yvonne\Desktop\erd.doc
[2009/08/23 10:15:45 | 00,286,720 | ---- | M] (Microsoft Corporation) -- C:\windows\Setup1.exe
[2009/08/23 10:15:43 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\windows\ST6UNST.EXE
[2009/08/23 09:07:19 | 00,000,303 | ---- | M] () -- C:\windows\ST6UNST.000
[2009/08/22 19:20:32 | 00,133,373 | ---- | M] () -- C:\Users\Yvonne\Desktop\COE+Final+Examination+Sched.pdf
[2009/08/19 17:34:12 | 00,159,232 | ---- | M] () -- C:\Users\Yvonne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

< End of report >

------------------------------------------------------------------------------------------------------------------------
Here's the Extras from OTL:

OTListIt Extras logfile created on: 9/2/2009 2:31:04 PM - Run 4
OTListIt by OldTimer - Version 1.0.8.0 Folder = C:\Users\Yvonne\geeks to go
Windows Vista Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 49.68% Memory free
3.73 Gb Paging File | 2.75 Gb Available in Paging File | 73.67% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.05 Gb Total Space | 52.78 Gb Free Space | 37.69% Space Free | Partition Type: NTFS
Drive D: | 9.00 Gb Total Space | 2.22 Gb Free Space | 24.70% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP-PC
Current User Name: Yvonne
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hta [@ = Reg Error: Value does not exist or could not be read.] -- Reg Error: Key does not exist or could not be opened. File not found
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" =
"VistaSp2" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{035E680E-B668-472F-91F3-E850BCC5051F}_is1" = Crawler Desktop Notes
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{17B66E83-1BC9-11D5-A54A-0090278A1BB8}" = Microsoft FrontPage Client - English
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{207A8D54-51C9-48B6-80E6-CBA5403B3ED4}" = Vista Default Settings
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 15
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3C830C70-16E8-4FDA-BDF2-3CE38518AF25}" = MySQL Server 5.0
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{4C203E35-B5C7-4E35-9834-619668C0FFEE}" = HP 3D DriveGuard
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{63C8FE88-478F-4E14-ADD0-B55227CC3234}" = Tour Your PC
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0804-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Simplified)) 2007
"{90120000-0015-0C04-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0804-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Simplified)) 2007
"{90120000-0016-0C04-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0804-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
"{90120000-0018-0C04-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0804-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Simplified)) 2007
"{90120000-0019-0C04-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0804-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Simplified)) 2007
"{90120000-001A-0C04-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0804-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Simplified)) 2007
"{90120000-001B-0C04-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-0804-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Simplified)) 2007
"{90120000-002C-0C04-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0804-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Simplified)) 2007
"{90120000-006E-0C04-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD78DE74-95DB-429D-A66F-6306BCEDA640}" = Arena 10.0 (CPR 7)
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D4D24FE5-FAB3-4FE2-AFFC-623955F4DF3A}" = Visual Studio.NET Baseline - English
"{DA6F2FB4-151C-4807-9775-D308C31EE505}" = HP User Guides 0089
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"4shared_Uploader" = 4shared Uploader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.7 (Unicode)
"avast!" = avast! Antivirus
"Burger Island 2_is1" = Burger Island 2
"CCleaner" = CCleaner (remove only)
"Chocolatier Decadence by Design1.0" = Chocolatier Decadence by Design
"Chrome9HC" = VIA Chrome9 HC IGP Family Display 7.14.14.0052
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"jZip" = jZip
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"Mp3tag" = Mp3tag v2.43
"Picasa2" = Picasa 2
"PRJPRO" = Microsoft Office Project Professional 2007
"PROHYBRIDR" = 2007 Microsoft Office system
"ProModel 6" = ProModel 6.2
"RealPlayer 6.0" = RealPlayer
"Spyware Doctor" = Spyware Doctor 6.0
"ST6UNST #1" = Visustin v5
"ST6UNST #2" = Visustin v3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TTPlayer" = 千千靜聽 5.2
"Vensim® PLE" = Vensim® PLE
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 0.9.4
"xampp" = XAMPP 1.7.1
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Yahoo! Widget Engine" = Yahoo! Widgets
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/1/2009 9:25:22 AM | Computer Name = hp-PC | Source = WinMgmt | ID = 24
Description =

Error - 9/1/2009 9:33:11 AM | Computer Name = hp-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/1/2009 9:36:44 AM | Computer Name = hp-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/1/2009 9:43:34 AM | Computer Name = hp-PC | Source = EventSystem | ID = 4609
Description =

Error - 9/1/2009 9:44:13 AM | Computer Name = hp-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/1/2009 10:51:50 AM | Computer Name = hp-PC | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =

Error - 9/1/2009 10:56:17 AM | Computer Name = hp-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/1/2009 8:54:11 PM | Computer Name = hp-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/1/2009 9:44:33 PM | Computer Name = hp-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/1/2009 10:05:09 PM | Computer Name = hp-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 10.0.0.525, time
stamp 0x4a8b5447, faulting module ymsdk.dll_unloaded, version 0.0.0.0, time stamp
0x4a8b54f0, exception code 0xc0000005, fault offset 0x60d8384d, process id 0x27c,
application start time 0x01ca2b6f297e826b.

[ OSession Events ]
Error - 9/22/2008 10:24:45 AM | Computer Name = hp-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1524
seconds with 960 seconds of active time. This session ended with a crash.

Error - 9/23/2008 9:46:38 AM | Computer Name = hp-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 419
seconds with 360 seconds of active time. This session ended with a crash.

Error - 3/11/2009 2:39:29 AM | Computer Name = hp-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 80
seconds with 60 seconds of active time. This session ended with a crash.

Error - 3/11/2009 7:43:11 PM | Computer Name = hp-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 28
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/15/2009 7:24:16 AM | Computer Name = hp-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 1918 seconds with 600 seconds of active time. This session ended with a
crash.

[ System Events ]
Error - 9/1/2009 9:44:13 AM | Computer Name = hp-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/1/2009 10:55:16 AM | Computer Name = hp-PC | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 9/1/2009 10:56:22 AM | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/1/2009 10:56:45 AM | Computer Name = hp-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/1/2009 8:53:18 PM | Computer Name = hp-PC | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 9/1/2009 8:54:12 PM | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/1/2009 8:54:34 PM | Computer Name = hp-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/1/2009 9:43:53 PM | Computer Name = hp-PC | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 9/1/2009 9:44:33 PM | Computer Name = hp-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/1/2009 9:44:33 PM | Computer Name = hp-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP