Trojan Horse dropper and Google Redirecting [Closed]

Hey, thank you for the reply.

Here is the OTL.txt

OTL logfile created on: 12/9/2009 3:43:20 PM - Run 1
OTL by OldTimer - Version 3.1.12.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 3.59 Gb Available in Paging File | 89.82% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 133.12 Gb Total Space | 56.04 Gb Free Space | 42.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 19.53 Gb Total Space | 3.48 Gb Free Space | 17.79% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICHAELS
Current User Name: Mike
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/09 15:37:30 | 00,537,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2009/12/03 16:42:48 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/12/03 16:42:48 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/12/03 16:42:48 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/12/03 16:42:48 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/12/03 16:42:41 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2009/12/03 16:42:37 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/12/03 16:14:02 | 00,429,392 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/12/01 08:55:10 | 00,066,560 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2009/11/11 07:43:45 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/10/01 21:05:16 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2009/10/01 21:05:02 | 00,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009/07/13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/10 12:08:06 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE
PRC - [2008/07/24 17:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2007/09/07 20:46:28 | 00,492,600 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2007/09/07 20:00:50 | 00,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/08/03 23:56:50 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/11/12 14:31:48 | 00,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe

========== Modules (SafeList) ==========

MOD - [2009/12/09 15:37:30 | 00,537,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2009/12/03 16:42:37 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/12/01 08:55:10 | 00,066,560 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2009/11/11 07:43:45 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/10/01 21:05:16 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009/07/13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/02/25 16:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009/02/25 14:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009/02/04 06:33:29 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/12/23 10:35:20 | 00,117,264 | ---- | M] (CACE Technologies, Inc.) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/10 12:08:06 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE -- (ASTSRV)
SRV - [2008/11/10 12:08:06 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE -- (astcc)
SRV - [2008/07/24 17:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/09/07 20:46:28 | 00,492,600 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007/09/07 20:00:50 | 00,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001/11/12 14:31:48 | 00,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)

========== Driver Services (SafeList) ==========

DRV - [2009/12/08 05:41:06 | 00,024,416 | ---- | M] (Greatis Software) -- C:\WINDOWS\system32\drivers\regguard.sys -- (RegGuard)
DRV - [2009/12/03 16:43:19 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/12/03 16:43:19 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009/12/03 16:43:12 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/12/03 16:43:09 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/12/01 08:55:10 | 00,119,296 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009/10/01 21:05:04 | 00,083,288 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/07/28 10:53:16 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/07/28 10:53:16 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/07/28 10:53:14 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/07/09 11:16:16 | 00,039,424 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/05/09 06:53:39 | 00,441,760 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/05/09 06:53:39 | 00,044,384 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/05/09 06:53:20 | 00,129,248 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/05/09 06:52:04 | 00,368,736 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009/05/09 00:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/04/17 02:00:00 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2009/03/19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/25 17:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/12/23 10:35:02 | 00,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2008/07/24 17:46:12 | 00,012,856 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/07/24 17:46:10 | 00,047,640 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/07/24 17:45:20 | 00,010,144 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\lmimirr.sys -- (lmimirr)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/11/08 02:02:34 | 00,021,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\point32.sys -- (Point32)
DRV - [2004/08/03 22:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 21:59:52 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/06/26 12:22:00 | 00,006,016 | ---- | M] (RDV Soft) -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)
DRV - [2004/06/26 12:22:00 | 00,004,736 | ---- | M] (RDV Soft) -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2003/03/31 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002/11/18 00:51:40 | 00,377,358 | ---- | M] (C-Media Inc) -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci)
DRV - [2001/08/17 14:06:02 | 00,154,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\Icam4USB.sys -- (Icam4USB)
DRV - [2001/08/17 13:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
DRV - [2001/08/17 09:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 07:12:20 | 00,032,840 | ---- | M] (NETGEAR Corporation.) -- C:\WINDOWS\system32\drivers\Ngrpci.sys -- (ngrpci)
DRV - [2001/03/30 07:58:32 | 00,162,096 | ---- | M] (X10) -- C:\WINDOWS\system32\drivers\CA506AV.SYS -- (SPCA506AV)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.464
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701
FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.1.0
FF - prefs.js..extensions.enabledItems: {dc961bb0-dfb2-11dc-95ff-0800200c9a66}:2.090608

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/03 16:42:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/27 21:17:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/25 15:56:50 | 00,000,000 | ---D | M]

[2008/10/16 15:19:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2009/12/07 20:40:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions
[2009/11/19 19:39:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/08/18 14:55:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/06/13 16:14:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}
[2009/12/03 08:56:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/10/09 04:16:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2009/12/01 21:39:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\[email protected]
[2008/12/09 19:06:44 | 00,002,158 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\searchplugins\MySpace.xml
[2009/12/07 20:40:39 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: (767 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Click-to-Call BHO) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL LLC)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\REGISTER MASK PRO 3.0.del ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1224205499109 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files\Stardock\Object Desktop\DeskScapes\deskscapes.dll (Stardock Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - C:\Program Files\Greatis\RegRunSuite\RRShell.dll (Greatis Software, LLC)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/18 21:53:34 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{60a8a2f0-940d-11de-9e92-00c0f05be20a}\Shell - "" = AutoRun
O33 - MountPoints2\{60a8a2f0-940d-11de-9e92-00c0f05be20a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c4f7a99c-2c5a-11de-9d45-00c0f05be20a}\Shell\AutoRun\command - "" = D:\.\Vado\Vado.exe -- File not found
O33 - MountPoints2\{e3e88356-5786-11de-9e05-00c0f05be20a}\Shell\AutoRun\command - "" = D:\wd_windows_tools\WDSetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/10/16 17:53:22 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {54FA444D-DF7B-6B4F-E1B7-739B5128B7F9} - Outlook Express
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {75C2C8BC-3F23-32A0-EFF4-8C3B9B9D7EE7} - Internet Explorer
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Adobe
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

========== Files/Folders - Created Within 30 Days ==========

[2009/12/09 15:37:29 | 00,537,088 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2009/12/09 04:55:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/12/07 19:21:00 | 00,000,000 | ---D | C] -- C:\Program Files\X10 Hardware
[2009/12/07 07:02:00 | 00,000,000 | ---D | C] -- C:\Program Files\XRay Vision Remote
[2009/12/07 06:59:32 | 00,162,096 | ---- | C] (X10) -- C:\WINDOWS\System32\drivers\CA506AV.SYS
[2009/12/07 06:59:32 | 00,039,824 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\CA506AA.sys
[2009/12/07 06:59:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dext5a.ax
[2009/12/07 06:59:30 | 00,135,072 | ---- | C] (Nogatech Ltd.) -- C:\WINDOWS\System32\drivers\NUVISION.SYS
[2009/12/07 06:59:28 | 00,106,496 | ---- | C] (Nogatech inc.) -- C:\WINDOWS\System32\YUV2RGB.DLL
[2009/12/07 06:59:27 | 00,139,264 | ---- | C] (Nogatech Ltd.) -- C:\WINDOWS\System32\NUVTWAIN.DLL
[2009/12/07 06:59:27 | 00,070,656 | ---- | C] (Nogatech Ltd.) -- C:\WINDOWS\System32\NUVISION.AX
[2009/12/07 06:59:10 | 00,000,000 | ---D | C] -- C:\Program Files\XRay Vision
[2009/12/07 06:59:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\X10
[2009/12/06 15:27:49 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srusd.dll
[2009/12/06 15:27:49 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2009/12/06 15:27:49 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fnfilter.dll
[2009/12/06 15:27:49 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2009/12/06 15:27:49 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\serscan.sys
[2009/12/06 15:27:49 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/12/06 14:45:25 | 00,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\Icam4USB.sys
[2009/12/06 14:45:25 | 00,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2009/12/06 14:45:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Icam4EXT.dll
[2009/12/06 14:45:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2009/12/06 14:45:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icam4com.dll
[2009/12/06 14:45:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2009/12/06 14:45:22 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/06 14:45:22 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/06 10:15:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/12/06 10:15:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\SUPERAntiSpyware.com
[2009/12/06 10:15:10 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/12/06 10:14:46 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/12/06 09:46:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Malwarebytes
[2009/12/06 09:46:17 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/06 09:46:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/12/06 09:46:13 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/06 09:46:12 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/04 21:21:59 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\~0
[2009/12/04 21:21:32 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/12/04 21:21:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/12/04 16:01:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2009/12/03 20:57:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\RestoreSafeDeleted
[2009/12/03 20:56:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\RegRunInfo
[2009/12/03 20:51:06 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2009/12/03 20:51:06 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2009/12/03 20:51:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2009/12/03 20:51:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2009/12/03 20:51:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2009/12/03 20:51:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2009/12/03 20:28:37 | 00,024,416 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2009/12/03 20:25:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\RegRun2
[2009/12/03 20:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Greatis
[2009/12/03 16:43:20 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/12/03 16:43:19 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/12/03 16:43:19 | 00,161,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/12/03 16:43:12 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/12/03 16:43:09 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/12/03 16:43:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/12/02 22:59:55 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/12/01 21:14:06 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/11/27 23:31:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\TuneUpMedia
[2009/11/27 23:19:21 | 00,000,000 | ---D | C] -- C:\Program Files\TuneUpMedia
[2009/11/27 23:17:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUpMedia
[2009/11/27 10:54:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Bokeh
[2009/11/27 10:27:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\lockscreen
[2009/11/26 21:28:58 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/11/26 21:28:58 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/11/26 21:28:58 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/11/25 19:59:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Skullcandy-Wallpaper-020
[2009/11/25 19:42:49 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2009/11/25 09:45:44 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/11/22 21:01:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Taeyang - Wedding Dress
[2009/11/22 07:15:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\halo
[2009/11/21 23:56:08 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/11/21 23:55:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/11/21 06:39:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Tricking Shirt
[2009/11/17 18:41:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2009/11/14 07:07:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/11/11 07:43:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\id Software
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/09 15:37:30 | 00,537,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2009/12/09 15:37:29 | 46,405,649 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/09 15:36:57 | 00,122,177 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/09 15:36:46 | 00,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\flsfj.sys
[2009/12/09 14:06:41 | 00,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2009/12/09 05:53:39 | 06,807,745 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dots.psd
[2009/12/09 04:44:26 | 00,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/09 04:44:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/09 04:44:11 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/08 21:53:11 | 08,126,464 | -H-- | M] () -- C:\Documents and Settings\Mike\NTUSER.DAT
[2009/12/08 21:53:11 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Mike\ntuser.ini
[2009/12/08 15:20:54 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2009/12/08 15:20:54 | 00,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2009/12/08 15:20:54 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2009/12/08 15:20:54 | 00,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2009/12/08 15:20:54 | 00,000,021 | ---- | M] () -- C:\WINDOWS\SurCode.INI
[2009/12/08 05:41:06 | 00,024,416 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2009/12/07 20:12:09 | 14,864,017 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\V4B19761848936.flv
[2009/12/07 19:54:55 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/07 06:59:26 | 00,000,072 | ---- | M] () -- C:\WINDOWS\System32\zz07~85_01x.d01
[2009/12/07 06:36:59 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\winscp.rnd
[2009/12/07 05:45:27 | 00,001,634 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2009/12/06 22:14:29 | 00,078,069 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dead3.jpg
[2009/12/06 22:14:20 | 00,023,552 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Model Outline.doc
[2009/12/06 22:10:52 | 00,202,713 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dead2.jpg
[2009/12/06 21:30:41 | 01,591,203 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dead1.jpg
[2009/12/06 10:15:19 | 00,001,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/12/06 09:12:19 | 00,140,288 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\vcleaner.exe
[2009/12/05 23:50:02 | 03,149,918 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dg.psd
[2009/12/05 22:25:55 | 00,321,679 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\acdg.jpg
[2009/12/05 21:50:33 | 00,002,516 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/12/05 21:32:38 | 00,294,448 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dg.jpg
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\utpo.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\Copy of utpo.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\Copy (2) of utpo.exe
[2009/12/04 18:20:05 | 00,030,206 | ---- | M] () -- C:\siuhb.exe
[2009/12/04 18:20:05 | 00,030,206 | ---- | M] () -- C:\Copy of siuhb.exe
[2009/12/04 18:20:05 | 00,010,019 | ---- | M] () -- C:\Copy of acad.exe
[2009/12/04 18:20:05 | 00,010,019 | ---- | M] () -- C:\acad.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | M] () -- C:\dens.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | M] () -- C:\Copy of dens.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\gelcdomj.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\Copy of gelcdomj.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\Copy (2) of gelcdomj.exe
[2009/12/04 16:01:40 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.tgz
[2009/12/04 16:01:40 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.dll
[2009/12/03 22:42:24 | 00,059,833 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dgac.jpg
[2009/12/03 21:07:36 | 02,141,786 | -H-- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\IconCache.db
[2009/12/03 19:22:02 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/03 18:34:42 | 18,030,499 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Swan Song.mp4
[2009/12/03 16:43:20 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/12/03 16:43:20 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2009/12/03 16:43:19 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/12/03 16:43:19 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/12/03 16:43:12 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/12/03 16:43:09 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009/12/03 16:43:09 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/12/03 16:43:00 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/12/03 16:43:00 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/03 09:41:28 | 00,185,344 | ---- | M] () -- C:\WINDOWS\MSA.del
[2009/12/03 09:41:26 | 00,225,792 | ---- | M] () -- C:\WINDOWS\System32\SSHNAS.del
[2009/12/03 09:25:27 | 01,839,529 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dogs.jpg
[2009/12/03 09:18:25 | 18,000,441 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dogs2.psd
[2009/12/03 08:55:09 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\prvlcl.dat
[2009/12/03 06:03:48 | 00,058,048 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/12/03 06:02:57 | 02,293,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/03 00:00:12 | 00,033,280 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Sin essay.doc
[2009/12/02 23:03:07 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/12/02 23:02:10 | 00,000,634 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/02 22:00:28 | 00,362,592 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dance.avi
[2009/12/02 17:27:20 | 00,040,224 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Danny.jpg
[2009/12/02 17:27:19 | 00,039,482 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\anis.jpg
[2009/12/01 20:00:36 | 00,033,061 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\internetHighFive.jpg
[2009/12/01 19:23:00 | 03,677,498 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Zelda - Windmill (techno remix).mp3
[2009/12/01 14:24:46 | 10,538,1521 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dogs.psd
[2009/11/29 19:46:56 | 00,134,369 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\billboards.jpg
[2009/11/28 22:34:08 | 07,825,541 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\darylsin.jpg
[2009/11/28 22:19:50 | 02,654,520 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\lol2.jpg
[2009/11/28 01:49:40 | 04,357,711 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\04 one in a million.mp3
[2009/11/28 00:17:09 | 05,110,531 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Armor for Sleep - The Truth About Heaven.mp3
[2009/11/28 00:04:09 | 06,790,335 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Kings and Queens.mp3
[2009/11/27 09:59:41 | 00,054,930 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\OverBoard1.0 Cracked.deb
[2009/11/25 22:53:26 | 24,503,294 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\font.psd
[2009/11/25 15:56:47 | 00,001,466 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\DivX Movies.lnk
[2009/11/25 15:22:41 | 05,572,461 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Party in the USA.mp4
[2009/11/25 10:35:39 | 00,181,676 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\cc_20091125_103448.reg
[2009/11/24 20:37:18 | 16,742,7291 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Aetutsplus-BohargTutorial723.flv
[2009/11/24 06:25:54 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\PUTTY.RND
[2009/11/23 06:22:03 | 20,752,193 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Tae Yang - Wedding Dress.mp4
[2009/11/23 06:06:32 | 00,081,408 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/21 14:41:13 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/21 13:34:22 | 05,369,986 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\bawlsmug.psd
[2009/11/21 13:04:48 | 00,245,240 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\bawls.jpg
[2009/11/18 16:46:05 | 05,707,982 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\f.c.p.r.e.m.i.x.mp3
[2009/11/18 06:42:10 | 02,333,173 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Unregistered Sex Offender.mp3
[2009/11/18 05:52:53 | 14,288,697 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\video.mp4
[2009/11/17 05:59:34 | 03,888,054 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\hah.bmp
[2009/11/15 21:10:09 | 00,001,975 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\language.rtf
[2009/11/15 19:45:56 | 03,957,073 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Cypress Hill Feat. Tego Calderon - Latin Thugs (Instrumental).mp3
[2009/11/15 13:51:21 | 01,731,204 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\btwist.gif
[2009/11/12 19:28:53 | 02,469,710 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Fireflies-Cover.mp3
[2009/11/12 06:33:25 | 36,411,212 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\30secondstomars-kingsandquens-musicvideo.mp4
[2009/11/12 05:54:48 | 11,906,173 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\30 Seconds To Mars - Kings And Queens.mp3
[2009/11/11 07:51:21 | 00,138,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/11/11 07:50:51 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009/11/11 07:50:51 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/11/11 07:43:45 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/11/11 07:43:44 | 02,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/11/10 22:36:56 | 63,090,085 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\CIMG0799.psd
[2009/11/10 22:27:05 | 01,255,502 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\mmm.jpg
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/09 15:36:45 | 00,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\flsfj.sys
[2009/12/09 05:53:30 | 06,807,745 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dots.psd
[2009/12/08 20:30:02 | 00,010,019 | ---- | C] () -- C:\Copy of acad.exe
[2009/12/08 20:30:02 | 00,001,307 | ---- | C] () -- C:\Copy (2) of utpo.exe
[2009/12/08 20:30:02 | 00,000,000 | ---- | C] () -- C:\Copy of dens.exe
[2009/12/08 20:30:02 | 00,000,000 | ---- | C] () -- C:\Copy (2) of gelcdomj.exe
[2009/12/08 20:29:59 | 00,030,206 | ---- | C] () -- C:\Copy of siuhb.exe
[2009/12/08 20:29:59 | 00,001,307 | ---- | C] () -- C:\Copy of utpo.exe
[2009/12/08 20:29:59 | 00,000,000 | ---- | C] () -- C:\Copy of gelcdomj.exe
[2009/12/07 20:12:07 | 14,864,017 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\V4B19761848936.flv
[2009/12/07 06:59:26 | 00,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2009/12/07 06:59:26 | 00,000,072 | ---- | C] () -- C:\WINDOWS\System32\zz07~85_01x.d01
[2009/12/06 22:14:15 | 00,078,069 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dead3.jpg
[2009/12/06 22:11:43 | 00,033,280 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Sin essay.doc
[2009/12/06 22:10:38 | 00,202,713 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dead2.jpg
[2009/12/06 21:30:26 | 01,591,203 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dead1.jpg
[2009/12/06 20:36:01 | 00,023,552 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Model Outline.doc
[2009/12/06 10:15:19 | 00,001,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/12/06 09:12:18 | 00,140,288 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\vcleaner.exe
[2009/12/05 22:25:41 | 00,321,679 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\acdg.jpg
[2009/12/05 21:49:35 | 03,149,918 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dg.psd
[2009/12/05 21:32:27 | 00,294,448 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dg.jpg
[2009/12/04 18:20:06 | 00,001,307 | ---- | C] () -- C:\utpo.exe
[2009/12/04 18:20:04 | 00,030,206 | ---- | C] () -- C:\siuhb.exe
[2009/12/04 18:20:02 | 00,010,019 | ---- | C] () -- C:\acad.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | C] () -- C:\dens.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | C] () -- C:\gelcdomj.exe
[2009/12/04 16:01:40 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.tgz
[2009/12/04 16:01:40 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2009/12/04 16:01:40 | 00,000,219 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.tgz
[2009/12/04 16:01:40 | 00,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2009/12/04 16:01:39 | 00,000,021 | ---- | C] () -- C:\WINDOWS\SurCode.INI
[2009/12/03 22:42:11 | 00,059,833 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dgac.jpg
[2009/12/03 20:25:44 | 00,126,375 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ShLog.txt
[2009/12/03 20:23:56 | 00,057,556 | ---- | C] () -- C:\WINDOWS\guard.bmp
[2009/12/03 16:43:20 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2009/12/03 16:43:09 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009/12/03 16:43:00 | 46,405,649 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/03 16:43:00 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/12/03 16:43:00 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/12/03 16:43:00 | 00,122,177 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/03 09:41:46 | 00,185,344 | ---- | C] () -- C:\WINDOWS\MSA.del
[2009/12/03 09:41:26 | 00,225,792 | ---- | C] () -- C:\WINDOWS\System32\SSHNAS.del
[2009/12/03 09:25:23 | 01,839,529 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dogs.jpg
[2009/12/02 23:59:59 | 18,030,499 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Swan Song.mp4
[2009/12/02 21:59:40 | 00,362,592 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dance.avi
[2009/12/02 21:03:13 | 18,000,441 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dogs2.psd
[2009/12/02 21:03:06 | 10,538,1521 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dogs.psd
[2009/12/02 17:27:47 | 00,040,224 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Danny.jpg
[2009/12/02 17:27:43 | 00,039,482 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\anis.jpg
[2009/12/01 20:00:35 | 00,033,061 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\internetHighFive.jpg
[2009/12/01 19:20:46 | 03,677,498 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Zelda - Windmill (techno remix).mp3
[2009/11/29 19:46:54 | 00,134,369 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\billboards.jpg
[2009/11/28 22:34:29 | 07,825,541 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\darylsin.jpg
[2009/11/28 22:28:11 | 02,654,520 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\lol2.jpg
[2009/11/27 10:42:01 | 00,057,899 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\LockBackground.jpg
[2009/11/27 09:59:40 | 00,054,930 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\OverBoard1.0 Cracked.deb
[2009/11/25 22:53:22 | 24,503,294 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\font.psd
[2009/11/25 15:19:23 | 05,572,461 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Party in the USA.mp4
[2009/11/25 10:34:51 | 00,181,676 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\cc_20091125_103448.reg
[2009/11/24 20:44:37 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\prvlcl.dat
[2009/11/24 20:23:33 | 16,742,7291 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Aetutsplus-BohargTutorial723.flv
[2009/11/24 07:03:41 | 63,102,4076 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\test psychpyromania.avi
[2009/11/24 07:03:09 | 49,675,4104 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Psychpyromania.avi
[2009/11/22 19:56:42 | 20,752,193 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Tae Yang - Wedding Dress.mp4
[2009/11/21 13:34:21 | 05,369,986 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\bawlsmug.psd
[2009/11/21 13:04:46 | 00,245,240 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\bawls.jpg
[2009/11/18 16:46:01 | 05,707,982 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\f.c.p.r.e.m.i.x.mp3
[2009/11/18 05:41:03 | 14,288,697 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\video.mp4
[2009/11/17 21:25:42 | 02,333,173 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Unregistered Sex Offender.mp3
[2009/11/17 05:59:33 | 03,888,054 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\hah.bmp
[2009/11/15 20:21:10 | 00,001,975 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\language.rtf
[2009/11/15 19:45:33 | 03,957,073 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Cypress Hill Feat. Tego Calderon - Latin Thugs (Instrumental).mp3
[2009/11/15 13:51:20 | 01,731,204 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\btwist.gif
[2009/11/12 19:28:46 | 02,469,710 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Fireflies-Cover.mp3
[2009/11/12 05:53:40 | 11,906,173 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\30 Seconds To Mars - Kings And Queens.mp3
[2009/11/12 05:53:22 | 36,411,212 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\30secondstomars-kingsandquens-musicvideo.mp4
[2009/11/10 22:36:49 | 63,090,085 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\CIMG0799.psd
[2009/11/10 22:27:04 | 01,255,502 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\mmm.jpg
[2009/10/25 08:46:45 | 00,001,634 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2009/10/14 04:11:09 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\PUTTY.RND
[2009/08/28 19:39:02 | 00,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/06/03 16:36:28 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\winscp.rnd
[2009/05/30 23:05:08 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/05/30 23:05:05 | 02,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009/05/30 23:05:05 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/05/30 23:05:04 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/05/30 23:05:04 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/05/30 23:05:03 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/05/03 11:03:37 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/19 05:06:27 | 00,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/03/19 05:06:26 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\PnkBstrK.sys
[2009/03/05 05:42:43 | 00,036,868 | ---- | C] () -- C:\Program Files\uninst-Particular.exe
[2009/01/27 06:35:11 | 00,000,561 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\AutoGK.ini
[2009/01/04 08:41:58 | 06,537,728 | ---- | C] () -- C:\WINDOWS\System32\tliadjust26.dll
[2008/12/23 10:33:18 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2008/11/25 20:48:10 | 01,695,744 | ---- | C] () -- C:\WINDOWS\System32\tliadjust26_dll.dll
[2008/11/06 11:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 11:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 11:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 11:33:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/11/03 21:29:18 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008/10/27 18:54:02 | 00,000,127 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\fusioncache.dat
[2008/10/22 16:39:42 | 00,081,408 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/16 15:52:39 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/16 15:09:37 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008/10/16 15:09:34 | 00,004,333 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2008/10/16 15:08:31 | 00,000,411 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2008/10/16 15:08:31 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2008/10/16 15:06:30 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/06/27 17:13:51 | 00,516,096 | ---- | C] () -- C:\WINDOWS\System32\RegisterDialog.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\rkuvf0b.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2003/03/31 07:00:00 | 00,000,340 | ---- | C] () -- C:\WINDOWS\System32\h86mvzz.dll
[2003/03/31 07:00:00 | 00,000,100 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll
[2003/03/31 07:00:00 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2003/03/31 07:00:00 | 00,000,016 | -H-- | C] () -- C:\WINDOWS\System32\dvd92vr.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/15 17:54:04 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/02/15 12:29:02 | 00,000,172 | ---- | C] () -- C:\WINDOWS\recorsta.ini

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2009/12/04 18:20:05 | 00,010,019 | ---- | M] () -- C:\acad.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\Copy (2) of gelcdomj.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\Copy (2) of utpo.exe
[2009/12/04 18:20:05 | 00,010,019 | ---- | M] () -- C:\Copy of acad.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | M] () -- C:\Copy of dens.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\Copy of gelcdomj.exe
[2009/12/04 18:20:05 | 00,030,206 | ---- | M] () -- C:\Copy of siuhb.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\Copy of utpo.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | M] () -- C:\dens.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\gelcdomj.exe
[2009/12/04 18:20:05 | 00,030,206 | ---- | M] () -- C:\siuhb.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\utpo.exe

< MD5 for: AGP440.SYS >
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\agp440.sys
[2004/08/03 22:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004/08/03 22:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2003/03/31 07:00:00 | 00,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\atapi.sys
[2004/08/03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2009/12/09 14:06:41 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2009/12/09 14:06:41 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\eventlog.dll
[2004/08/03 23:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004/08/03 23:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
[2003/03/31 07:00:00 | 00,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\netlogon.dll
[2003/03/31 07:00:00 | 00,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/03 23:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004/08/03 23:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/03 23:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004/08/03 23:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2003/03/31 07:00:00 | 00,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\scecli.dll

< MD5 for: SVCHOST.EXE >
[2003/03/31 07:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\svchost.exe
[2004/08/03 23:56:58 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004/08/03 23:56:58 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2009-12-09 02:54:21

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:79DD4F33
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >

and here is the Extras.txt

OTL Extras logfile created on: 12/9/2009 3:43:20 PM - Run 1
OTL by OldTimer - Version 3.1.12.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 3.59 Gb Available in Paging File | 89.82% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 133.12 Gb Total Space | 56.04 Gb Free Space | 42.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 19.53 Gb Total Space | 3.48 Gb Free Space | 17.79% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICHAELS
Current User Name: Mike
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe" = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe:*:Enabled:AirMouse -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Mike\Desktop\halo\Halo Custom Edition\haloce.exe" = C:\Documents and Settings\Mike\Desktop\halo\Halo Custom Edition\haloce.exe:*:Disabled:Halo -- File not found
"C:\Program Files\iPhone Tunnel Suite\iTunnel\iTunnel.exe" = C:\Program Files\iPhone Tunnel Suite\iTunnel\iTunnel.exe:*:Enabled:iTunnel -- File not found
"C:\Program Files\iPhone Tunnel Suite\bin\iTunnel.exe" = C:\Program Files\iPhone Tunnel Suite\bin\iTunnel.exe:*:Enabled:iTunnel -- ()
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL LLC)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\XRay Vision\xrv.exe" = C:\Program Files\XRay Vision\xrv.exe:*:Enabled:XRay Vision -- (X10 Wireless Technology)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0219E485-AD36-4840-9FB1-E345D58CC74A}" = LucisArt 3.0.1 ED/SE Demo
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12365698-8042-4774-8CAF-35BE91DC657B}" = Creative Vado HD Codec
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{200FF4D5-1784-437A-A547-BFA7D735A5EB}" = Recording Station
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 17
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2C294A0B-DF22-4023-B168-8C7645B10019}" = Adobe Setup
"{2DFAC810-6DD8-4E23-96A4-BEB118408203}" = Mask Pro 4.1
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{32A72502-BC2C-4C39-ACEA-BC3D463F0697}" = EN
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4324BC93-C82F-ED16-BA86-5E34B9E05303}" = ccc-core-static
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4B215C29-1A3E-4736-92AA-10C83FA56EB9}" = Adobe After Effects CS3 Presets
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{5164E4B0-9CD0-454A-BAC0-6771A15EEB64}" = Air Mouse Server
"{51A438B9-B0C4-4CC7-92BE-20B0EE2AB548}" = Voyetra AudioSurgeon LE
"{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{555B2506-E17C-4EEF-AA70-03985F664BAD}" = Creative Vado Central muvee Plugin
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{59C2E0E4-0859-4EC1-BCD3-53DBCEFE7AFA}" = Topaz Adjust
"{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3
"{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Family Fun Stuff
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{819E24AA-DB15-4BA8-8D76-92BDF710610B}" = Adobe Setup
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AB8D458-939E-403F-0097-9BA1C1F013D5}" = The Sims 2
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8AF3FB06-BDA3-42A3-995C-308812D2F094}" = Adobe After Effects CS3
"{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{99367836-0A29-4EC8-88DB-CA774E5F93BA}_is1" = iPhone Tunnel Suite v3.0
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims 2 Glamour Life Stuff
"{9EB46587-4354-411C-BBAC-A9BBB2131F3D}" = FocalPoint 1.0.2
"{9F8FDE1A-FA91-43F2-887B-CF080156D57E}" = Adobe Setup
"{9FDCD01E-9926-4399-8BB9-74EEBE604C11}" = Quake Live Mozilla Plugin
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF}" = Adobe Photoshop Lightroom 2.2
"{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8AD990E-355A-4413-8647-A9B168978423}_is1" = UltraVNC v1.0.2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC38B36B-90F8-4C1F-8AC9-236B851B8871}" = Genuine Fractals 5.0
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B01DD5B7-9862-43D7-BCA3-7882A17E4328}" = PhotoTools 1.0.3 Professional Edition
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C73A3AB4-99A4-45E5-B77F-09A3065E0D6A}" = Microsoft IntelliType Pro 6.1
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB30938E-2BCE-4837-9FEB-EB5DAB000235}" = LucisArt 3 ED/SE
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E5343B27-55DF-40BD-9FCF-A643C1331E8A}" = Acronis True Image Home
"{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common
"{E8A602BF-C276-4DB2-A9FF-B4C30EA1CB7C}_is1" = iDump (Freeware) Build:29
"{EC68232E-C74E-4F1A-B296-DFD2E1944E10}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nightlife
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB36203-5D80-4D03-9A84-673580CAF5A7}" = Adobe Photoshop Lightroom 3 Beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_26b63376f4efc354dae41af6b5e3343" = Adobe Premiere Pro CS4
"Adobe_2a31ae7a5c43ff52d8577782dd34e04" = Adobe Illustrator CS4
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Adobe_5eba9bbdf1514a06b1a4c79a2920188" = Adobe Media Encoder CS4 Exporter
"Adobe_6e02d32c7e5a9d9fc86bc91618cafda" = Adobe Premiere Pro CS4 Third Party Content
"Adobe_7774cb1e022c49962995a9014500066" = Adobe Media Encoder CS4 Importer
"Adobe_b7dd24a87e82dcf8af8876fd727b7cf" = Adobe After Effects CS3
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AIM_7" = AIM 7
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"AutoGK" = Auto Gordian Knot 2.55
"AVG9Uninstall" = AVG 9.0
"AviSynth" = AviSynth 2.5
"Bokeh" = Alien Skin Bokeh
"Cain & Abel v4.9.31" = Cain & Abel v4.9.31
"CCleaner" = CCleaner
"Color Efex Pro 3.0 Complete" = Color Efex Pro 3.0 Complete
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Vado HD Codec" = Creative Vado HD Codec
"DeskScapes" = DeskScapes
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Shrink_is1" = DVD Shrink 3.2
"DXTXTRA" = Microsoft DirectX Transform optional components
"Exposure 2" = Alien Skin Exposure 2
"iDump" = iDump (Build: 28)
"Image Doctor 2" = Alien Skin Image Doctor 2
"ImagenomicNoisewareProPlugin" = Imagenomic Noiseware 4.2 Professional Plug-in (build 4205)
"ImagenomicPortraiturePlugin" = Imagenomic Portraiture 2.0 Plug-in (build 2006)
"InstallShield_{200FF4D5-1784-437A-A547-BFA7D735A5EB}" = Recording Station
"InstallShield_{51A438B9-B0C4-4CC7-92BE-20B0EE2AB548}" = Voyetra AudioSurgeon LE
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.6 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.15)" = Mozilla Firefox (3.0.15)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"PCI Audio Applications" = Turtle Beach Riviera Applications Setup
"PCI Audio Driver" = Turtle Beach Riviera
"PhotomatixPro3x32_is1" = Photomatix Pro version 3.2.6
"PunkBusterSvc" = PunkBuster Services
"Sandboxie" = Sandboxie 3.42
"Silver Efex Pro" = Silver Efex Pro
"simple2_is1" = Tone Mapping Plug-In 1.2
"Snap Art" = Alien Skin Snap Art
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpyEraser_is1" = Uniblue SpyEraser
"Switch" = Switch Sound File Converter
"TightVNC_is1" = TightVNC 1.3.9
"ToolBox" = NCH Toolbox
"Trapcode 3DStroke" = Trapcode 3DStroke
"Trapcode Shine" = Trapcode Shine
"Trapcode Starglow" = Trapcode Starglow
"TuneUpMedia" = TuneUp Companion 1.1.9
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009
"VertusFluidMask3" = Vertus Fluid Mask 3 3.0.10
"Videora iPod Converter" = Videora iPod Converter 4.03
"ViewpointMediaPlayer" = Viewpoint Media Player
"Viveza" = Viveza
"vixy converter BETA_is1" = vixy converter uninstall
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1 beta5
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.1.9
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X10Hardware" = X10 Hardware™
"Xenofex2" = Alien Skin Xenofex 2
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"xrv" = XRay Vision™ Remote
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/25/2009 7:41:35 PM | Computer Name = MICHAELS | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application winword.exe, version 11.0.8307.0, stamp 49ee835a,
faulting module winword.exe, version 11.0.8307.0, stamp 49ee835a, debug? 0, fault
address 0x003b714c.

Error - 10/27/2009 8:18:40 PM | Computer Name = MICHAELS | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application winword.exe, version 11.0.8307.0, stamp 49ee835a,
faulting module winword.exe, version 11.0.8307.0, stamp 49ee835a, debug? 0, fault
address 0x003b714c.

Error - 10/27/2009 8:19:41 PM | Computer Name = MICHAELS | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application winword.exe, version 11.0.8307.0, stamp 49ee835a,
faulting module winword.exe, version 11.0.8307.0, stamp 49ee835a, debug? 0, fault
address 0x003b6ff2.

Error - 10/27/2009 8:19:55 PM | Computer Name = MICHAELS | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application winword.exe, version 11.0.8307.0, stamp 49ee835a,
faulting module winword.exe, version 11.0.8307.0, stamp 49ee835a, debug? 0, fault
address 0x003b714c.

Error - 10/29/2009 6:45:33 AM | Computer Name = MICHAELS | Source = Application Hang | ID = 1002
Description = Hanging application aim6.exe, version 1.4.9.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 10/29/2009 6:55:32 PM | Computer Name = MICHAELS | Source = Application Error | ID = 1000
Description = Faulting application avgnsx.exe, version 8.5.0.401, faulting module
avgnsx.exe, version 8.5.0.401, fault address 0x00005f9b.

Error - 11/2/2009 11:17:32 PM | Computer Name = MICHAELS | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application winword.exe, version 11.0.8307.0, stamp 49ee835a,
faulting module winword.exe, version 11.0.8307.0, stamp 49ee835a, debug? 0, fault
address 0x003b6ff2.

Error - 11/3/2009 7:50:39 AM | Computer Name = MICHAELS | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application winword.exe, version 11.0.8307.0, stamp 49ee835a,
faulting module winword.exe, version 11.0.8307.0, stamp 49ee835a, debug? 0, fault
address 0x003b6ff2.

Error - 11/3/2009 7:50:46 AM | Computer Name = MICHAELS | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 11.0.8307.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/3/2009 6:32:25 PM | Computer Name = MICHAELS | Source = Application Hang | ID = 1002
Description = Hanging application Illustrator.exe, version 14.0.128.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 12/9/2009 3:06:02 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12/9/2009 3:06:19 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12/9/2009 3:06:38 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12/9/2009 4:46:54 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12/9/2009 4:46:56 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12/9/2009 4:46:58 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12/9/2009 4:47:00 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12/9/2009 4:47:02 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12/9/2009 4:47:04 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 12/9/2009 4:47:06 PM | Computer Name = MICHAELS | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

< End of report >

Thank you for the help.

Edit: I think I messed up the OTL.txt file somehow buy not scanning it right, here it is rescanned.

OTL logfile created on: 12/9/2009 4:32:58 PM - Run 2
OTL by OldTimer - Version 3.1.12.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 3.77 Gb Available in Paging File | 94.15% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 133.12 Gb Total Space | 56.03 Gb Free Space | 42.09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 19.53 Gb Total Space | 3.48 Gb Free Space | 17.79% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICHAELS
Current User Name: Mike
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/09 15:37:30 | 00,537,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2009/12/03 16:42:48 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/12/03 16:42:48 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/12/03 16:42:48 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/12/03 16:42:48 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/12/03 16:42:42 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/12/03 16:42:41 | 00,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2009/12/03 16:42:37 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/12/01 08:55:10 | 00,389,120 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2009/12/01 08:55:10 | 00,066,560 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2009/11/11 07:43:45 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/10/05 14:10:02 | 03,634,024 | ---- | M] (AOL LLC) -- C:\Program Files\AIM\aim.exe
PRC - [2009/10/01 21:05:16 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2009/10/01 21:05:02 | 00,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009/07/13 13:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/07/13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/02/25 16:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/10 12:08:06 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE
PRC - [2008/07/24 17:46:10 | 00,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/07/24 17:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2007/09/07 20:46:28 | 00,492,600 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2007/09/07 20:04:16 | 00,905,056 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2007/09/07 20:00:52 | 00,140,568 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2007/09/07 20:00:50 | 00,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2007/09/07 19:59:40 | 02,595,480 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2007/02/05 18:52:10 | 00,849,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/21 20:08:57 | 00,813,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe
PRC - [2005/08/11 15:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/08/03 23:56:58 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004/08/03 23:56:50 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/02/25 22:52:30 | 01,855,488 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe
PRC - [2001/11/12 14:31:48 | 00,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe

========== Modules (SafeList) ==========

MOD - [2009/12/09 15:37:30 | 00,537,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2009/12/03 16:42:37 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/12/03 16:14:02 | 00,276,816 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/12/01 08:55:10 | 00,066,560 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2009/11/11 07:43:45 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/10/01 21:05:16 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009/07/13 13:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/02/25 16:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009/02/25 14:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009/02/04 06:33:29 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/12/23 10:35:20 | 00,117,264 | ---- | M] (CACE Technologies, Inc.) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/10 12:08:06 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE -- (ASTSRV)
SRV - [2008/11/10 12:08:06 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE -- (astcc)
SRV - [2008/07/24 17:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/09/07 20:46:28 | 00,492,600 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007/09/07 20:00:50 | 00,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001/11/12 14:31:48 | 00,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)

========== Driver Services (SafeList) ==========

DRV - [2009/12/08 05:41:06 | 00,024,416 | ---- | M] (Greatis Software) -- C:\WINDOWS\system32\drivers\regguard.sys -- (RegGuard)
DRV - [2009/12/03 16:43:19 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/12/03 16:43:19 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009/12/03 16:43:12 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/12/03 16:43:09 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/12/01 08:55:10 | 00,119,296 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009/10/01 21:05:04 | 00,083,288 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/07/28 10:53:16 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/07/28 10:53:16 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/07/28 10:53:14 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/07/09 11:16:16 | 00,039,424 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/05/09 06:53:39 | 00,441,760 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/05/09 06:53:39 | 00,044,384 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/05/09 06:53:20 | 00,129,248 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/05/09 06:52:04 | 00,368,736 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009/05/09 00:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/04/17 02:00:00 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2009/03/19 15:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/02/25 17:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/12/23 10:35:02 | 00,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2008/07/24 17:46:12 | 00,012,856 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/07/24 17:46:10 | 00,047,640 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/07/24 17:45:20 | 00,010,144 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\drivers\lmimirr.sys -- (lmimirr)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/11/08 02:02:34 | 00,021,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\point32.sys -- (Point32)
DRV - [2004/08/03 22:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 21:59:52 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004/06/26 12:22:00 | 00,006,016 | ---- | M] (RDV Soft) -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)
DRV - [2004/06/26 12:22:00 | 00,004,736 | ---- | M] (RDV Soft) -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2003/03/31 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002/11/18 00:51:40 | 00,377,358 | ---- | M] (C-Media Inc) -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci)
DRV - [2001/08/17 14:06:02 | 00,154,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\Icam4USB.sys -- (Icam4USB)
DRV - [2001/08/17 13:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
DRV - [2001/08/17 09:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 07:12:20 | 00,032,840 | ---- | M] (NETGEAR Corporation.) -- C:\WINDOWS\system32\drivers\Ngrpci.sys -- (ngrpci)
DRV - [2001/03/30 07:58:32 | 00,162,096 | ---- | M] (X10) -- C:\WINDOWS\system32\drivers\CA506AV.SYS -- (SPCA506AV)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.464
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701
FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.1.0
FF - prefs.js..extensions.enabledItems: {dc961bb0-dfb2-11dc-95ff-0800200c9a66}:2.090608

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/03 16:42:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/27 21:17:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/25 15:56:50 | 00,000,000 | ---D | M]

[2008/10/16 15:19:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2009/12/07 20:40:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions
[2009/11/19 19:39:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/08/18 14:55:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/06/13 16:14:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{dc961bb0-dfb2-11dc-95ff-0800200c9a66}
[2009/12/03 08:56:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/10/09 04:16:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2009/12/01 21:39:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\extensions\[email protected]
[2008/12/09 19:06:44 | 00,002,158 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\xlzq9rfb.default\searchplugins\MySpace.xml
[2009/12/07 20:40:39 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: (767 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Click-to-Call BHO) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL LLC)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\REGISTER MASK PRO 3.0.del ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1224205499109 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\system32\sdra64.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files\Stardock\Object Desktop\DeskScapes\deskscapes.dll (Stardock Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - C:\Program Files\Greatis\RegRunSuite\RRShell.dll (Greatis Software, LLC)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/18 21:53:34 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{60a8a2f0-940d-11de-9e92-00c0f05be20a}\Shell - "" = AutoRun
O33 - MountPoints2\{60a8a2f0-940d-11de-9e92-00c0f05be20a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c4f7a99c-2c5a-11de-9d45-00c0f05be20a}\Shell\AutoRun\command - "" = D:\.\Vado\Vado.exe -- File not found
O33 - MountPoints2\{e3e88356-5786-11de-9e05-00c0f05be20a}\Shell\AutoRun\command - "" = D:\wd_windows_tools\WDSetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/10/16 17:53:22 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {54FA444D-DF7B-6B4F-E1B7-739B5128B7F9} - Outlook Express
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {75C2C8BC-3F23-32A0-EFF4-8C3B9B9D7EE7} - Internet Explorer
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Adobe
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

========== Files/Folders - Created Within 30 Days ==========

[2009/12/09 16:29:57 | 00,000,000 | -HSD | C] -- C:\WINDOWS\System32\lowsec
[2009/12/09 15:37:29 | 00,537,088 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2009/12/07 19:21:00 | 00,000,000 | ---D | C] -- C:\Program Files\X10 Hardware
[2009/12/07 07:02:00 | 00,000,000 | ---D | C] -- C:\Program Files\XRay Vision Remote
[2009/12/07 06:59:32 | 00,162,096 | ---- | C] (X10) -- C:\WINDOWS\System32\drivers\CA506AV.SYS
[2009/12/07 06:59:32 | 00,039,824 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\CA506AA.sys
[2009/12/07 06:59:31 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dext5a.ax
[2009/12/07 06:59:30 | 00,135,072 | ---- | C] (Nogatech Ltd.) -- C:\WINDOWS\System32\drivers\NUVISION.SYS
[2009/12/07 06:59:28 | 00,106,496 | ---- | C] (Nogatech inc.) -- C:\WINDOWS\System32\YUV2RGB.DLL
[2009/12/07 06:59:27 | 00,139,264 | ---- | C] (Nogatech Ltd.) -- C:\WINDOWS\System32\NUVTWAIN.DLL
[2009/12/07 06:59:27 | 00,070,656 | ---- | C] (Nogatech Ltd.) -- C:\WINDOWS\System32\NUVISION.AX
[2009/12/07 06:59:10 | 00,000,000 | ---D | C] -- C:\Program Files\XRay Vision
[2009/12/07 06:59:10 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\X10
[2009/12/06 15:27:49 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srusd.dll
[2009/12/06 15:27:49 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2009/12/06 15:27:49 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fnfilter.dll
[2009/12/06 15:27:49 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2009/12/06 15:27:49 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\serscan.sys
[2009/12/06 15:27:49 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/12/06 14:45:25 | 00,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\Icam4USB.sys
[2009/12/06 14:45:25 | 00,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2009/12/06 14:45:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Icam4EXT.dll
[2009/12/06 14:45:25 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2009/12/06 14:45:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icam4com.dll
[2009/12/06 14:45:23 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2009/12/06 14:45:22 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2009/12/06 14:45:22 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2009/12/06 10:15:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/12/06 10:15:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\SUPERAntiSpyware.com
[2009/12/06 10:15:10 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/12/06 10:14:46 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/12/06 09:46:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\Malwarebytes
[2009/12/06 09:46:17 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/06 09:46:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/12/06 09:46:13 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/06 09:46:12 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/04 21:21:59 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\~0
[2009/12/04 21:21:32 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/12/04 21:21:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/12/04 16:01:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2009/12/03 20:57:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\RestoreSafeDeleted
[2009/12/03 20:56:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\RegRunInfo
[2009/12/03 20:51:06 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2009/12/03 20:51:06 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2009/12/03 20:51:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2009/12/03 20:51:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2009/12/03 20:51:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2009/12/03 20:51:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2009/12/03 20:51:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2009/12/03 20:28:37 | 00,024,416 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2009/12/03 20:25:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\RegRun2
[2009/12/03 20:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Greatis
[2009/12/03 16:43:20 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/12/03 16:43:19 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/12/03 16:43:19 | 00,161,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/12/03 16:43:12 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/12/03 16:43:09 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/12/03 16:43:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/12/02 22:59:55 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2009/12/01 21:14:06 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/11/27 23:31:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\TuneUpMedia
[2009/11/27 23:19:21 | 00,000,000 | ---D | C] -- C:\Program Files\TuneUpMedia
[2009/11/27 23:17:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUpMedia
[2009/11/27 10:54:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Bokeh
[2009/11/27 10:27:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\lockscreen
[2009/11/26 21:28:58 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/11/26 21:28:58 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/11/26 21:28:58 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/11/25 19:59:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Skullcandy-Wallpaper-020
[2009/11/25 19:42:49 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Mike\Recent
[2009/11/25 09:45:44 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/11/22 21:01:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Taeyang - Wedding Dress
[2009/11/22 07:15:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\halo
[2009/11/21 23:56:08 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/11/21 23:55:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/11/21 06:39:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Desktop\Tricking Shirt
[2009/11/17 18:41:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2009/11/14 07:07:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/11/11 07:43:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\id Software
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/09 16:31:37 | 46,426,991 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/09 16:31:17 | 00,122,895 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/09 16:15:18 | 00,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/09 16:14:08 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/09 16:14:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/09 16:11:54 | 08,126,464 | -H-- | M] () -- C:\Documents and Settings\Mike\NTUSER.DAT
[2009/12/09 16:11:54 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Mike\ntuser.ini
[2009/12/09 15:37:30 | 00,537,088 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2009/12/09 14:06:41 | 00,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2009/12/09 05:53:39 | 06,807,745 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dots.psd
[2009/12/08 15:20:54 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2009/12/08 15:20:54 | 00,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2009/12/08 15:20:54 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2009/12/08 15:20:54 | 00,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2009/12/08 15:20:54 | 00,000,021 | ---- | M] () -- C:\WINDOWS\SurCode.INI
[2009/12/08 05:41:06 | 00,024,416 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2009/12/07 20:12:09 | 14,864,017 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\V4B19761848936.flv
[2009/12/07 19:54:55 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/07 06:59:26 | 00,000,072 | ---- | M] () -- C:\WINDOWS\System32\zz07~85_01x.d01
[2009/12/07 06:36:59 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\winscp.rnd
[2009/12/07 05:45:27 | 00,001,634 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2009/12/06 22:14:29 | 00,078,069 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dead3.jpg
[2009/12/06 22:14:20 | 00,023,552 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Model Outline.doc
[2009/12/06 22:10:52 | 00,202,713 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dead2.jpg
[2009/12/06 21:30:41 | 01,591,203 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dead1.jpg
[2009/12/06 10:15:19 | 00,001,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/12/06 09:12:19 | 00,140,288 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\vcleaner.exe
[2009/12/05 23:50:02 | 03,149,918 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dg.psd
[2009/12/05 22:25:55 | 00,321,679 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\acdg.jpg
[2009/12/05 21:50:33 | 00,002,516 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/12/05 21:32:38 | 00,294,448 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dg.jpg
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\utpo.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\Copy of utpo.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\Copy (2) of utpo.exe
[2009/12/04 18:20:05 | 00,030,206 | ---- | M] () -- C:\siuhb.exe
[2009/12/04 18:20:05 | 00,030,206 | ---- | M] () -- C:\Copy of siuhb.exe
[2009/12/04 18:20:05 | 00,010,019 | ---- | M] () -- C:\Copy of acad.exe
[2009/12/04 18:20:05 | 00,010,019 | ---- | M] () -- C:\acad.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | M] () -- C:\dens.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | M] () -- C:\Copy of dens.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\gelcdomj.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\Copy of gelcdomj.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\Copy (2) of gelcdomj.exe
[2009/12/04 16:01:40 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.tgz
[2009/12/04 16:01:40 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.dll
[2009/12/03 22:42:24 | 00,059,833 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dgac.jpg
[2009/12/03 21:07:36 | 02,141,786 | -H-- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\IconCache.db
[2009/12/03 19:22:02 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/03 18:34:42 | 18,030,499 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Swan Song.mp4
[2009/12/03 16:43:20 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/12/03 16:43:20 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2009/12/03 16:43:19 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/12/03 16:43:19 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009/12/03 16:43:12 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/12/03 16:43:09 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009/12/03 16:43:09 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/12/03 16:43:00 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/12/03 16:43:00 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/03 09:41:28 | 00,185,344 | ---- | M] () -- C:\WINDOWS\MSA.del
[2009/12/03 09:41:26 | 00,225,792 | ---- | M] () -- C:\WINDOWS\System32\SSHNAS.del
[2009/12/03 09:25:27 | 01,839,529 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dogs.jpg
[2009/12/03 09:18:25 | 18,000,441 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dogs2.psd
[2009/12/03 08:55:09 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\prvlcl.dat
[2009/12/03 06:03:48 | 00,058,048 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/12/03 06:02:57 | 02,293,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/03 00:00:12 | 00,033,280 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Sin essay.doc
[2009/12/02 23:03:07 | 00,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2009/12/02 23:02:10 | 00,000,634 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/02 22:00:28 | 00,362,592 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dance.avi
[2009/12/02 17:27:20 | 00,040,224 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Danny.jpg
[2009/12/02 17:27:19 | 00,039,482 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\anis.jpg
[2009/12/01 20:00:36 | 00,033,061 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\internetHighFive.jpg
[2009/12/01 19:23:00 | 03,677,498 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Zelda - Windmill (techno remix).mp3
[2009/12/01 14:24:46 | 10,538,1521 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\dogs.psd
[2009/11/29 19:46:56 | 00,134,369 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\billboards.jpg
[2009/11/28 22:34:08 | 07,825,541 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\darylsin.jpg
[2009/11/28 22:19:50 | 02,654,520 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\lol2.jpg
[2009/11/28 01:49:40 | 04,357,711 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\04 one in a million.mp3
[2009/11/28 00:17:09 | 05,110,531 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Armor for Sleep - The Truth About Heaven.mp3
[2009/11/28 00:04:09 | 06,790,335 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Kings and Queens.mp3
[2009/11/27 09:59:41 | 00,054,930 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\OverBoard1.0 Cracked.deb
[2009/11/25 22:53:26 | 24,503,294 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\font.psd
[2009/11/25 15:56:47 | 00,001,466 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\DivX Movies.lnk
[2009/11/25 15:22:41 | 05,572,461 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Party in the USA.mp4
[2009/11/25 10:35:39 | 00,181,676 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\cc_20091125_103448.reg
[2009/11/24 20:37:18 | 16,742,7291 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Aetutsplus-BohargTutorial723.flv
[2009/11/24 06:25:54 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\PUTTY.RND
[2009/11/23 06:22:03 | 20,752,193 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Tae Yang - Wedding Dress.mp4
[2009/11/23 06:06:32 | 00,081,408 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/21 14:41:13 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/21 13:34:22 | 05,369,986 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\bawlsmug.psd
[2009/11/21 13:04:48 | 00,245,240 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\bawls.jpg
[2009/11/18 16:46:05 | 05,707,982 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\f.c.p.r.e.m.i.x.mp3
[2009/11/18 06:42:10 | 02,333,173 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Unregistered Sex Offender.mp3
[2009/11/18 05:52:53 | 14,288,697 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\video.mp4
[2009/11/17 05:59:34 | 03,888,054 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\hah.bmp
[2009/11/15 21:10:09 | 00,001,975 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\language.rtf
[2009/11/15 19:45:56 | 03,957,073 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Cypress Hill Feat. Tego Calderon - Latin Thugs (Instrumental).mp3
[2009/11/15 13:51:21 | 01,731,204 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\btwist.gif
[2009/11/12 19:28:53 | 02,469,710 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Fireflies-Cover.mp3
[2009/11/12 06:33:25 | 36,411,212 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\30secondstomars-kingsandquens-musicvideo.mp4
[2009/11/12 05:54:48 | 11,906,173 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\30 Seconds To Mars - Kings And Queens.mp3
[2009/11/11 07:51:21 | 00,138,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/11/11 07:50:51 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2009/11/11 07:50:51 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/11/11 07:43:45 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/11/11 07:43:44 | 02,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/11/10 22:36:56 | 63,090,085 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\CIMG0799.psd
[2009/11/10 22:27:05 | 01,255,502 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\mmm.jpg
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/09 05:53:30 | 06,807,745 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dots.psd
[2009/12/08 20:30:02 | 00,010,019 | ---- | C] () -- C:\Copy of acad.exe
[2009/12/08 20:30:02 | 00,001,307 | ---- | C] () -- C:\Copy (2) of utpo.exe
[2009/12/08 20:30:02 | 00,000,000 | ---- | C] () -- C:\Copy of dens.exe
[2009/12/08 20:30:02 | 00,000,000 | ---- | C] () -- C:\Copy (2) of gelcdomj.exe
[2009/12/08 20:29:59 | 00,030,206 | ---- | C] () -- C:\Copy of siuhb.exe
[2009/12/08 20:29:59 | 00,001,307 | ---- | C] () -- C:\Copy of utpo.exe
[2009/12/08 20:29:59 | 00,000,000 | ---- | C] () -- C:\Copy of gelcdomj.exe
[2009/12/07 20:12:07 | 14,864,017 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\V4B19761848936.flv
[2009/12/07 06:59:26 | 00,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2009/12/07 06:59:26 | 00,000,072 | ---- | C] () -- C:\WINDOWS\System32\zz07~85_01x.d01
[2009/12/06 22:14:15 | 00,078,069 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dead3.jpg
[2009/12/06 22:11:43 | 00,033,280 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Sin essay.doc
[2009/12/06 22:10:38 | 00,202,713 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dead2.jpg
[2009/12/06 21:30:26 | 01,591,203 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dead1.jpg
[2009/12/06 20:36:01 | 00,023,552 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Model Outline.doc
[2009/12/06 10:15:19 | 00,001,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2009/12/06 09:12:18 | 00,140,288 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\vcleaner.exe
[2009/12/05 22:25:41 | 00,321,679 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\acdg.jpg
[2009/12/05 21:49:35 | 03,149,918 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dg.psd
[2009/12/05 21:32:27 | 00,294,448 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dg.jpg
[2009/12/04 18:20:06 | 00,001,307 | ---- | C] () -- C:\utpo.exe
[2009/12/04 18:20:04 | 00,030,206 | ---- | C] () -- C:\siuhb.exe
[2009/12/04 18:20:02 | 00,010,019 | ---- | C] () -- C:\acad.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | C] () -- C:\dens.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | C] () -- C:\gelcdomj.exe
[2009/12/04 16:01:40 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.tgz
[2009/12/04 16:01:40 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2009/12/04 16:01:40 | 00,000,219 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.tgz
[2009/12/04 16:01:40 | 00,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2009/12/04 16:01:39 | 00,000,021 | ---- | C] () -- C:\WINDOWS\SurCode.INI
[2009/12/03 22:42:11 | 00,059,833 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dgac.jpg
[2009/12/03 20:25:44 | 00,131,663 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\ShLog.txt
[2009/12/03 20:23:56 | 00,057,556 | ---- | C] () -- C:\WINDOWS\guard.bmp
[2009/12/03 16:43:20 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 9.0.lnk
[2009/12/03 16:43:09 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009/12/03 16:43:00 | 46,426,991 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/12/03 16:43:00 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/12/03 16:43:00 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/12/03 16:43:00 | 00,122,895 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/12/03 09:41:46 | 00,185,344 | ---- | C] () -- C:\WINDOWS\MSA.del
[2009/12/03 09:41:26 | 00,225,792 | ---- | C] () -- C:\WINDOWS\System32\SSHNAS.del
[2009/12/03 09:25:23 | 01,839,529 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dogs.jpg
[2009/12/02 23:59:59 | 18,030,499 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Swan Song.mp4
[2009/12/02 21:59:40 | 00,362,592 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dance.avi
[2009/12/02 21:03:13 | 18,000,441 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dogs2.psd
[2009/12/02 21:03:06 | 10,538,1521 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\dogs.psd
[2009/12/02 17:27:47 | 00,040,224 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Danny.jpg
[2009/12/02 17:27:43 | 00,039,482 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\anis.jpg
[2009/12/01 20:00:35 | 00,033,061 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\internetHighFive.jpg
[2009/12/01 19:20:46 | 03,677,498 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Zelda - Windmill (techno remix).mp3
[2009/11/29 19:46:54 | 00,134,369 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\billboards.jpg
[2009/11/28 22:34:29 | 07,825,541 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\darylsin.jpg
[2009/11/28 22:28:11 | 02,654,520 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\lol2.jpg
[2009/11/27 10:42:01 | 00,057,899 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\LockBackground.jpg
[2009/11/27 09:59:40 | 00,054,930 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\OverBoard1.0 Cracked.deb
[2009/11/25 22:53:22 | 24,503,294 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\font.psd
[2009/11/25 15:19:23 | 05,572,461 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Party in the USA.mp4
[2009/11/25 10:34:51 | 00,181,676 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\cc_20091125_103448.reg
[2009/11/24 20:44:37 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\prvlcl.dat
[2009/11/24 20:23:33 | 16,742,7291 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Aetutsplus-BohargTutorial723.flv
[2009/11/24 07:03:41 | 63,102,4076 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\test psychpyromania.avi
[2009/11/24 07:03:09 | 49,675,4104 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Psychpyromania.avi
[2009/11/22 19:56:42 | 20,752,193 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Tae Yang - Wedding Dress.mp4
[2009/11/21 13:34:21 | 05,369,986 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\bawlsmug.psd
[2009/11/21 13:04:46 | 00,245,240 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\bawls.jpg
[2009/11/18 16:46:01 | 05,707,982 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\f.c.p.r.e.m.i.x.mp3
[2009/11/18 05:41:03 | 14,288,697 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\video.mp4
[2009/11/17 21:25:42 | 02,333,173 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Unregistered Sex Offender.mp3
[2009/11/17 05:59:33 | 03,888,054 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\hah.bmp
[2009/11/15 20:21:10 | 00,001,975 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\language.rtf
[2009/11/15 19:45:33 | 03,957,073 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Cypress Hill Feat. Tego Calderon - Latin Thugs (Instrumental).mp3
[2009/11/15 13:51:20 | 01,731,204 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\btwist.gif
[2009/11/12 19:28:46 | 02,469,710 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Fireflies-Cover.mp3
[2009/11/12 05:53:40 | 11,906,173 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\30 Seconds To Mars - Kings And Queens.mp3
[2009/11/12 05:53:22 | 36,411,212 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\30secondstomars-kingsandquens-musicvideo.mp4
[2009/11/10 22:36:49 | 63,090,085 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\CIMG0799.psd
[2009/11/10 22:27:04 | 01,255,502 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\mmm.jpg
[2009/10/25 08:46:45 | 00,001,634 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2009/10/14 04:11:09 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\PUTTY.RND
[2009/08/28 19:39:02 | 00,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/06/03 16:36:28 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\winscp.rnd
[2009/05/30 23:05:08 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/05/30 23:05:05 | 02,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009/05/30 23:05:05 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/05/30 23:05:04 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/05/30 23:05:04 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/05/30 23:05:03 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/05/03 11:03:37 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/19 05:06:27 | 00,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/03/19 05:06:26 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\PnkBstrK.sys
[2009/03/05 05:42:43 | 00,036,868 | ---- | C] () -- C:\Program Files\uninst-Particular.exe
[2009/01/27 06:35:11 | 00,000,561 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\AutoGK.ini
[2009/01/04 08:41:58 | 06,537,728 | ---- | C] () -- C:\WINDOWS\System32\tliadjust26.dll
[2008/12/23 10:33:18 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2008/11/25 20:48:10 | 01,695,744 | ---- | C] () -- C:\WINDOWS\System32\tliadjust26_dll.dll
[2008/11/06 11:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 11:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 11:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 11:33:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/11/03 21:29:18 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008/10/27 18:54:02 | 00,000,127 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\fusioncache.dat
[2008/10/22 16:39:42 | 00,081,408 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/16 15:52:39 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/16 15:09:37 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008/10/16 15:09:34 | 00,004,333 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2008/10/16 15:08:31 | 00,000,411 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2008/10/16 15:08:31 | 00,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2008/10/16 15:06:30 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/06/27 17:13:51 | 00,516,096 | ---- | C] () -- C:\WINDOWS\System32\RegisterDialog.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\rkuvf0b.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2003/03/31 07:00:00 | 00,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2003/03/31 07:00:00 | 00,000,340 | ---- | C] () -- C:\WINDOWS\System32\h86mvzz.dll
[2003/03/31 07:00:00 | 00,000,100 | ---- | C] () -- C:\WINDOWS\System32\prsgrc.dll
[2003/03/31 07:00:00 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2003/03/31 07:00:00 | 00,000,016 | -H-- | C] () -- C:\WINDOWS\System32\dvd92vr.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/15 17:54:04 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/02/15 12:29:02 | 00,000,172 | ---- | C] () -- C:\WINDOWS\recorsta.ini

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2009/12/04 18:20:05 | 00,010,019 | ---- | M] () -- C:\acad.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\Copy (2) of gelcdomj.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\Copy (2) of utpo.exe
[2009/12/04 18:20:05 | 00,010,019 | ---- | M] () -- C:\Copy of acad.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | M] () -- C:\Copy of dens.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\Copy of gelcdomj.exe
[2009/12/04 18:20:05 | 00,030,206 | ---- | M] () -- C:\Copy of siuhb.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\Copy of utpo.exe
[2009/12/04 18:19:57 | 00,000,000 | ---- | M] () -- C:\dens.exe
[2009/12/04 18:19:44 | 00,000,000 | ---- | M] () -- C:\gelcdomj.exe
[2009/12/04 18:20:05 | 00,030,206 | ---- | M] () -- C:\siuhb.exe
[2009/12/04 18:20:12 | 00,001,307 | ---- | M] () -- C:\utpo.exe

< MD5 for: AGP440.SYS >
[2008/04/13 13:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\agp440.sys
[2004/08/03 22:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004/08/03 22:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2003/03/31 07:00:00 | 00,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/13 13:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\atapi.sys
[2004/08/03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2009/12/09 14:06:41 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2009/12/09 14:06:41 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\eventlog.dll
[2004/08/03 23:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004/08/03 23:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
[2003/03/31 07:00:00 | 00,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\netlogon.dll
[2003/03/31 07:00:00 | 00,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/03 23:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004/08/03 23:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/03 23:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004/08/03 23:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2003/03/31 07:00:00 | 00,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/12/09 16:29:48 | 00,174,592 | ---- | M] () MD5=040FBAC2AB7518903F42D23626CBF3D4 -- C:\WINDOWS\Temp\wpse.tmp\svchost.exe
[2003/03/31 07:00:00 | 00,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008/04/13 19:12:36 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\svchost.exe
[2004/08/03 23:56:58 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004/08/03 23:56:58 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\system32\svchost.exe

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2009-12-09 02:54:21

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:79DD4F33
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >

Edited by shmick, 09 December 2009 - 03:51 PM.

Trojan Horse dropper and Google Redirecting [Closed]

#1
shmick

Posted 08 December 2009 - 06:48 PM

Advertisements

#2
Rorschach112

Posted 09 December 2009 - 08:46 AM

#3
shmick

Posted 09 December 2009 - 03:08 PM

#4
Rorschach112

Posted 09 December 2009 - 05:16 PM

#5
Rorschach112

Posted 16 December 2009 - 03:27 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Trojan Horse dropper and Google Redirecting [Closed]

#1 shmick Posted 08 December 2009 - 06:48 PM

Advertisements

#2 Rorschach112 Posted 09 December 2009 - 08:46 AM

#3 shmick Posted 09 December 2009 - 03:08 PM

#4 Rorschach112 Posted 09 December 2009 - 05:16 PM

#5 Rorschach112 Posted 16 December 2009 - 03:27 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
shmick

Posted 08 December 2009 - 06:48 PM

#2
Rorschach112

Posted 09 December 2009 - 08:46 AM

#3
shmick

Posted 09 December 2009 - 03:08 PM

#4
Rorschach112

Posted 09 December 2009 - 05:16 PM

#5
Rorschach112

Posted 16 December 2009 - 03:27 PM