OTListIt logfile created on: 1/9/2010 8:43:36 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.10.0 Folder = C:\Documents and Settings\StarGalaxy\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1015.35 Mb Total Physical Memory | 440.96 Mb Available Physical Memory | 43.43% Memory free
2.44 Gb Paging File | 1.86 Gb Available in Paging File | 76.28% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 38.26 Gb Free Space | 51.34% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: USER-XP
Current User Name: StarGalaxy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (All) ==========
PRC - [2008/04/14 06:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\smss.exe
PRC - [2008/04/14 06:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008/04/14 06:00:00 | 00,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2009/02/06 05:11:05 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008/04/14 06:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
PRC - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/14 06:00:00 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
PRC - [2009/08/19 08:11:13 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/04/03 04:01:00 | 01,680,704 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2009/12/07 06:45:51 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
PRC - [2009/08/19 08:11:23 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/19 08:11:19 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/19 08:11:10 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/19 08:11:22 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2008/04/14 06:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/09/07 09:22:32 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2007/09/07 09:22:42 | 00,137,752 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2008/06/13 13:50:30 | 16,871,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2007/09/07 09:22:44 | 00,252,440 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2003/07/25 08:14:02 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
PRC - [2003/08/20 13:57:00 | 00,221,184 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2003/08/20 15:15:48 | 00,483,328 | R--- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2009/12/07 06:45:51 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2010/01/07 20:25:15 | 00,058,368 | ---- | M] () -- C:\WINDOWS\system32\oriqycj.exe
PRC - [2007/09/02 13:58:52 | 00,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2003/05/14 06:45:04 | 00,065,795 | R--- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/04/14 06:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2009/12/22 11:41:29 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/09 19:47:35 | 00,499,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\StarGalaxy\My Documents\Downloads\OTListIt2.exe
========== Win32 Services (All) ==========
SRV - [2009/10/30 21:03:48 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe -- (Akamai [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter [Disabled | Stopped])
SRV - [2008/04/14 06:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\alg.exe -- (ALG [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (AppMgmt [On_Demand | Stopped])
SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\audiosrv.dll -- (AudioSrv [Auto | Running])
SRV - [2009/08/19 08:11:10 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/08/19 08:11:13 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll -- (BITS [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browser.dll -- (Browser [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv [Disabled | Stopped])
SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/04/03 04:01:00 | 01,680,704 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe -- (COMSysApp [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptsvc.dll -- (CryptSvc [Auto | Running])
SRV - [2009/02/09 06:10:48 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpcsvc.dll -- (Dhcp [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,224,768 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,023,552 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\System32\dmserver.dll -- (dmserver [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dnsrslvr.dll -- (Dnscache [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll -- (Dot3svc [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll -- (EapHost [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ersvc.dll -- (ERSvc [Auto | Running])
SRV - [2009/02/06 05:11:05 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe -- (Eventlog [Auto | Running])
SRV - [2008/07/07 14:26:58 | 00,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll -- (EventSystem [On_Demand | Running])
SRV - [2008/04/14 06:00:00 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shsvcs.dll -- (FastUserSwitchingCompatibility [On_Demand | Running])
SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/04/14 04:41:56 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll -- (HidServ [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll -- (hkmsvc [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ssl.dll -- (HTTPFilter [On_Demand | Stopped])
SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/04/14 06:00:00 | 00,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imapi.exe -- (ImapiService [On_Demand | Stopped])
SRV - [2009/12/07 06:45:51 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\srvsvc.dll -- (LanmanServer [Auto | Running])
SRV - [2009/06/10 00:14:49 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wkssvc.dll -- (lanmanworkstation [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lmhsvc.dll -- (LmHosts [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msgsvc.dll -- (Messenger [Disabled | Stopped])
SRV - [2008/04/14 06:00:00 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msiexec.exe -- (MSIServer [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,291,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll -- (napagent [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netdde.exe -- (NetDDE [Disabled | Stopped])
SRV - [2008/04/14 06:00:00 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm [Disabled | Stopped])
SRV - [2008/04/14 06:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (Netlogon [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netman.dll -- (Netman [On_Demand | Running])
SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/06/20 11:46:57 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswsock.dll -- (Nla [On_Demand | Running])
SRV - [2008/04/14 06:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,435,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc [On_Demand | Stopped])
SRV - [2009/02/06 05:11:05 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe -- (PlugPlay [Auto | Running])
SRV - [2003/05/14 06:45:04 | 00,065,795 | R--- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Running])
SRV - [2008/04/14 06:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasauto.dll -- (RasAuto [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rasmans.dll -- (RasMan [On_Demand | Running])
SRV - [2008/04/14 06:00:00 | 00,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mprdim.dll -- (RemoteAccess [Disabled | Stopped])
SRV - [2008/04/14 06:00:00 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\locator.exe -- (RpcLocator [On_Demand | Stopped])
SRV - [2009/02/09 06:10:48 | 00,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvp.exe -- (RSVP [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe -- (SamSs [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\SCardSvr.exe -- (SCardSvr [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\seclogon.dll -- (seclogon [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll -- (SENS [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ipnathlp.dll -- (SharedAccess [Auto | Stopped])
SRV - [2008/04/14 06:00:00 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shsvcs.dll -- (ShellHWDetection [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll -- (srservice [Auto | Stopped])
SRV - [2008/04/14 06:00:00 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ssdpsrv.dll -- (SSDPSRV [On_Demand | Running])
SRV - [2008/04/14 06:00:00 | 00,333,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dllhost.exe -- (SwPrv [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tapisrv.dll -- (TapiSrv [On_Demand | Running])
SRV - [2008/04/14 06:00:00 | 00,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll -- (TermService [On_Demand | Running])
SRV - [2008/04/14 06:00:00 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shsvcs.dll -- (Themes [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\upnphost.dll -- (upnphost [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ups.exe -- (UPS [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vssvc.exe -- (VSS [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,175,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll -- (W32Time [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\webclnt.dll -- (WebClient [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\WMIsvc.dll -- (winmgmt [Auto | Running])
SRV - [2006/10/18 20:47:16 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSNSv.dll -- (WmdmPmSN [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv [On_Demand | Stopped])
SRV - [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2008/04/14 06:00:00 | 00,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc [Disabled | Stopped])
SRV - [2008/04/14 06:00:00 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe -- (WudfSvc [On_Demand | Stopped])
SRV - [2008/04/14 05:42:12 | 00,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsvc.dll -- (WZCSVC [Auto | Running])
SRV - [2008/04/14 06:00:00 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprov.dll -- (xmlprov [On_Demand | Stopped])
========== Driver Services (All) ==========
DRV - File not found -- -- (Abiosdsk [Disabled | Stopped])
DRV - File not found -- -- (abp480n5 [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,187,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,011,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC [Disabled | Stopped])
DRV - [2001/08/17 11:11:18 | 00,020,160 | ---- | M] (ADMtek Incorporated) -- C:\WINDOWS\system32\DRIVERS\ADM8511.SYS -- (ADM8511 [On_Demand | Stopped])
DRV - File not found -- -- (adpu160m [Disabled | Stopped])
DRV - [2008/04/13 21:09:24 | 00,142,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aec.sys -- (aec [On_Demand | Stopped])
DRV - [2008/08/14 04:04:36 | 00,138,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD [System | Running])
DRV - File not found -- -- (Aha154x [Disabled | Stopped])
DRV - File not found -- -- (aic78u2 [Disabled | Stopped])
DRV - File not found -- -- (aic78xx [Disabled | Stopped])
DRV - File not found -- -- (AliIde [Disabled | Stopped])
DRV - File not found -- -- (amsint [Disabled | Stopped])
DRV - File not found -- -- (asc [Disabled | Stopped])
DRV - File not found -- -- (asc3350p [Disabled | Stopped])
DRV - File not found -- -- (asc3550 [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\asyncmac.sys -- (AsyncMac [On_Demand | Stopped])
DRV - [2010/01/09 16:44:29 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi [Boot | Running])
DRV - File not found -- -- (Atdisk [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\atmarpc.sys -- (Atmarpc [On_Demand | Stopped])
DRV - [2001/08/17 07:59:44 | 00,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\audstub.sys -- (audstub [On_Demand | Running])
DRV - [2009/08/19 08:11:22 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/08/19 08:11:22 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/06/12 09:58:18 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2008/07/25 00:18:32 | 00,176,640 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep [System | Running])
DRV - [2008/04/14 06:00:00 | 00,013,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k [Disabled | Stopped])
DRV - File not found -- -- (cd20xrnt [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio [System | Stopped])
DRV - [2008/04/14 06:00:00 | 00,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs [Disabled | Running])
DRV - [2008/04/14 06:00:00 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\cdrom.sys -- (Cdrom [System | Running])
DRV - File not found -- -- (Changer [System | Stopped])
DRV - File not found -- -- (CmdIde [Disabled | Stopped])
DRV - File not found -- -- (Cpqarray [Disabled | Stopped])
DRV - File not found -- -- (dac960nt [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,799,744 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\drivers\dmboot.sys -- (dmboot [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,153,344 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload [Disabled | Stopped])
DRV - [2008/04/13 23:15:02 | 00,052,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic [On_Demand | Stopped])
DRV - File not found -- -- (dpti2o [Disabled | Stopped])
DRV - [2008/04/13 23:15:14 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,027,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\fdc.sys -- (Fdc [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips [System | Running])
DRV - [2008/04/14 06:00:00 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\flpydisk.sys -- (Flpydisk [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,129,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\fltMgr.sys -- (FltMgr [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,125,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\msgpc.sys -- (Gpc [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2008/04/13 23:15:28 | 00,010,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\hidusb.sys -- (HidUsb [On_Demand | Stopped])
DRV - File not found -- -- (hpn [Disabled | Stopped])
DRV - [2003/05/14 06:19:52 | 00,051,056 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
DRV - [2003/05/14 06:19:54 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
DRV - [2003/05/14 06:17:54 | 00,021,488 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
DRV - [2009/10/20 10:20:16 | 00,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\HTTP.sys -- (HTTP [On_Demand | Running])
DRV - File not found -- -- (i2omgmt [System | Stopped])
DRV - File not found -- -- (i2omp [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,052,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\i8042prt.sys -- (i8042prt [System | Running])
DRV - [2007/08/24 10:22:56 | 05,776,928 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys -- (ialm [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,042,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\imapi.sys -- (Imapi [System | Running])
DRV - File not found -- -- (ini910u [Disabled | Stopped])
DRV - [2008/06/17 15:49:22 | 04,756,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - File not found -- -- (IntelIde [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\intelppm.sys -- (intelppm [System | Running])
DRV - [2008/04/14 06:00:00 | 00,036,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys -- (Ip6Fw [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys -- (IpFilterDriver [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,020,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,152,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ipnat.sys -- (IpNat [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ipsec.sys -- (IPSec [System | Running])
DRV - [2008/04/14 06:00:00 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\irenum.sys -- (IRENUM [On_Demand | Stopped])
DRV - [2008/04/13 23:06:42 | 00,037,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\kbdclass.sys -- (Kbdclass [System | Running])
DRV - [2008/04/14 00:09:50 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\kbdhid.sys -- (kbdhid [System | Stopped])
DRV - [2008/04/13 23:15:10 | 00,172,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer [On_Demand | Running])
DRV - [2009/06/24 05:18:41 | 00,092,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD [Boot | Running])
DRV - File not found -- -- (lbrtfdc [System | Stopped])
DRV - [2008/04/14 06:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd [System | Running])
DRV - [2008/04/14 06:00:00 | 00,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem [On_Demand | Stopped])
DRV - [2008/04/14 00:09:48 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mouclass.sys -- (Mouclass [System | Running])
DRV - [2001/08/17 13:48:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mouhid.sys -- (mouhid [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,042,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr [Boot | Running])
DRV - File not found -- -- (mraid35x [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,180,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mrxdav.sys -- (MRxDAV [On_Demand | Running])
DRV - [2008/10/24 05:21:09 | 00,455,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mrxsmb.sys -- (MRxSmb [System | Running])
DRV - [2008/04/14 06:00:00 | 00,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs [System | Running])
DRV - [2008/04/13 23:09:54 | 00,007,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV [On_Demand | Stopped])
DRV - [2008/04/13 23:09:52 | 00,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK [On_Demand | Stopped])
DRV - [2008/04/13 23:09:52 | 00,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\mssmbios.sys -- (mssmbios [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,105,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,182,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,010,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ndistapi.sys -- (NdisTapi [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ndisuio.sys -- (Ndisuio [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,091,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\ndiswan.sys -- (NdisWan [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,040,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,034,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\netbios.sys -- (NetBIOS [System | Running])
DRV - [2008/04/14 06:00:00 | 00,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\netbt.sys -- (NetBT [System | Running])
DRV - [2008/04/14 06:00:00 | 00,030,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs [System | Running])
DRV - [2008/04/14 06:00:00 | 00,574,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs [Disabled | Running])
DRV - [2008/04/14 06:00:00 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\null.sys -- (Null [System | Running])
DRV - [2008/04/14 06:00:00 | 00,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,080,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\parport.sys -- (Parport [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,019,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm [Auto | Running])
DRV - [2008/04/13 23:06:46 | 00,068,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI [Boot | Running])
DRV - File not found -- -- (PCIDump [System | Stopped])
DRV - [2001/08/17 12:51:52 | 00,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\pciide.sys -- (PCIIde [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,120,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia [Disabled | Stopped])
DRV - File not found -- -- (PDCOMP [On_Demand | Stopped])
DRV - File not found -- -- (PDFRAME [On_Demand | Stopped])
DRV - File not found -- -- (PDRELI [On_Demand | Stopped])
DRV - File not found -- -- (PDRFRAME [On_Demand | Stopped])
DRV - File not found -- -- (perc2 [Disabled | Stopped])
DRV - File not found -- -- (perc2hib [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,048,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\raspptp.sys -- (PptpMiniport [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\psched.sys -- (PSched [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - File not found -- -- (ql1080 [Disabled | Stopped])
DRV - File not found -- -- (Ql10wnt [Disabled | Stopped])
DRV - File not found -- -- (ql12160 [Disabled | Stopped])
DRV - File not found -- -- (ql1240 [Disabled | Stopped])
DRV - File not found -- -- (ql1280 [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\rasacd.sys -- (RasAcd [System | Running])
DRV - [2008/04/14 06:00:00 | 00,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\rasl2tp.sys -- (Rasl2tp [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\raspppoe.sys -- (RasPppoe [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,016,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\raspti.sys -- (Raspti [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,175,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\rdbss.sys -- (Rdbss [System | Running])
DRV - [2008/04/14 06:00:00 | 00,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\RDPCDD.sys -- (RDPCDD [System | Running])
DRV - [2008/04/14 06:00:00 | 00,139,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD [On_Demand | Stopped])
DRV - [2008/04/13 18:10:28 | 00,057,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\redbook.sys -- (redbook [System | Running])
DRV - [2008/04/14 06:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,015,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\serenum.sys -- (serenum [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\serial.sys -- (Serial [System | Running])
DRV - [2008/04/14 06:00:00 | 00,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy [System | Stopped])
DRV - File not found -- -- (Simbad [Disabled | Stopped])
DRV - [2001/08/17 12:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
DRV - File not found -- -- (Sparrow [Disabled | Stopped])
DRV - [2008/04/13 23:15:08 | 00,006,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,073,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr [Disabled | Stopped])
DRV - [2008/12/11 04:57:09 | 00,333,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\srv.sys -- (Srv [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\swenum.sys -- (swenum [On_Demand | Running])
DRV - [2008/04/13 23:15:10 | 00,056,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi [On_Demand | Stopped])
DRV - File not found -- -- (symc810 [Disabled | Stopped])
DRV - File not found -- -- (symc8xx [Disabled | Stopped])
DRV - File not found -- -- (sym_hi [Disabled | Stopped])
DRV - File not found -- -- (sym_u3 [Disabled | Stopped])
DRV - [2007/10/24 10:47:26 | 00,023,288 | ---- | M] (SIA Syncrosoft) -- C:\WINDOWS\system32\drivers\SynasUSB.sys -- (SynasUSB [On_Demand | Stopped])
DRV - [2008/04/13 23:45:56 | 00,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio [On_Demand | Running])
DRV - [2008/06/20 05:51:12 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\tcpip.sys -- (Tcpip [System | Running])
DRV - [2008/04/14 06:00:00 | 00,012,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE [On_Demand | Stopped])
DRV - [2008/04/14 06:00:00 | 00,021,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP [On_Demand | Stopped])
DRV - [2008/04/14 04:43:22 | 00,040,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\termdd.sys -- (TermDD [System | Running])
DRV - File not found -- -- (TosIde [Disabled | Stopped])
DRV - [2009/08/21 15:05:40 | 00,090,472 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs [Disabled | Stopped])
DRV - File not found -- -- (ultra [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,384,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\update.sys -- (Update [On_Demand | Running])
DRV - [2008/04/13 23:15:14 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
DRV - [2008/04/13 23:15:40 | 00,032,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbccgp.sys -- (usbccgp [On_Demand | Running])
DRV - [2008/04/13 23:15:36 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbehci.sys -- (usbehci [On_Demand | Running])
DRV - [2008/04/13 23:15:38 | 00,059,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbhub.sys -- (usbhub [On_Demand | Running])
DRV - [2008/04/13 23:17:38 | 00,025,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbprint.sys -- (usbprint [On_Demand | Running])
DRV - [2008/04/13 23:15:36 | 00,015,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbscan.sys -- (usbscan [On_Demand | Running])
DRV - [2008/04/13 23:15:40 | 00,026,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS -- (USBSTOR [On_Demand | Running])
DRV - [2008/04/13 23:15:36 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbuhci.sys -- (usbuhci [On_Demand | Running])
DRV - [2008/04/14 06:00:00 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave [System | Running])
DRV - File not found -- -- (ViaIde [Disabled | Stopped])
DRV - [2008/04/14 06:00:00 | 00,052,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap [Boot | Running])
DRV - [2008/04/14 06:00:00 | 00,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\wanarp.sys -- (Wanarp [On_Demand | Running])
DRV - [2008/05/06 16:06:00 | 00,011,520 | ---- | M] (Western Digital Technologies) -- C:\WINDOWS\system32\DRIVERS\wdcsam.sys -- (WDC_SAM [On_Demand | Stopped])
DRV - File not found -- -- (WDICA [On_Demand | Stopped])
DRV - [2008/04/13 23:47:20 | 00,083,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud [On_Demand | Running])
DRV - [2008/04/13 18:06:40 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\wmiacpi.sys -- (WmiAcpi [System | Running])
DRV - [2006/09/28 17:55:50 | 00,077,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf [On_Demand | Stopped])
DRV - [2006/09/28 18:00:34 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\wudfrd.sys -- (WudfRd [On_Demand | Stopped])
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.bing.com;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o...?o=15153&l=dis"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.5.1.110
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
FF - prefs.js..keyword.URL: "http://supertoolbar....ocale=en_US&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/07/01 21:29:04 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/12/07 06:45:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT [2009/12/12 16:09:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2010/01/09 15:37:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2010/01/08 12:41:55 | 00,000,000 | ---D | M]
[2010/01/08 12:42:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\mozilla\Extensions
[2010/01/08 12:42:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/01/09 15:44:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\mozilla\Firefox\Profiles\sj930uxl.default\extensions
[2010/01/08 13:05:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\mozilla\Firefox\Profiles\sj930uxl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/09 19:00:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\mozilla\Firefox\Profiles\sj930uxl.default\extensions\[email protected]
[2010/01/09 19:01:00 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\StarGalaxy\Application Data\Mozilla\FireFox\Profiles\sj930uxl.default\searchplugins\askcom.xml
[2010/01/09 15:44:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/01/08 12:41:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/12/07 06:46:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2009/12/22 11:41:43 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/12/22 11:41:44 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/12/21 20:32:20 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/12/21 20:32:20 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/12/21 20:32:20 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/12/21 20:32:20 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/12/21 20:32:20 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/12/21 20:32:20 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/12/21 20:32:20 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (306096 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10539 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [oriqycj] C:\WINDOWS\system32\oriqycj.exe \u ()
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [System Files Updater] C:\WINDOWS\FlyakiteOSX\System Files Updater.exe /S File not found
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot (Simply Super Software)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" ()
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [Tcpip] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [NTDS] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [Network Location Awareness (NLA) Namespace] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\system32\LogonUI.EXE (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/16 08:35:44 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2010/01/09 20:42:57 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\196462.exe
[2010/01/09 20:15:12 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/01/09 20:14:54 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2010/01/09 20:14:45 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/01/09 20:14:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2010/01/09 20:00:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Local Settings\Application Data\AskToolbar
[2010/01/09 19:54:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Desktop\GooredFix Backups
[2010/01/09 19:45:44 | 00,000,000 | ---D | C] -- C:\Rooter$
[2010/01/09 19:43:28 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/09 19:35:00 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsapi.dll
[2010/01/09 19:35:00 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wzcsapi.dll
[2010/01/09 19:34:59 | 00,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsvc.dll
[2010/01/09 19:34:59 | 00,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wzcsvc.dll
[2010/01/09 19:34:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\New Folder
[2010/01/09 19:33:25 | 00,000,453 | ---- | C] () -- C:\Documents and Settings\StarGalaxy\Desktop\Shortcut to system32.lnk
[2010/01/09 19:11:07 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010/01/09 15:37:53 | 00,000,244 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/01/09 15:37:50 | 00,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/01/09 15:36:50 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/01/09 15:36:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\uTorrent
[2010/01/09 12:40:55 | 00,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010/01/09 12:40:55 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010/01/09 12:40:55 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010/01/09 12:40:55 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010/01/09 12:40:55 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
[2010/01/09 12:40:53 | 00,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/01/09 12:40:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\My Documents\Simply Super Software
[2010/01/09 12:40:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Simply Super Software
[2010/01/09 12:40:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2010/01/08 14:02:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/01/08 13:15:04 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/08 13:15:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Malwarebytes
[2010/01/08 13:02:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/01/08 12:42:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Local Settings\Application Data\Mozilla
[2010/01/08 12:42:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Mozilla
[2010/01/08 12:41:57 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/08 12:36:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Sun
[2010/01/08 11:49:35 | 00,000,578 | ---- | C] () -- C:\WINDOWS\System32\Shortcut to 216699.lnk
[2010/01/08 11:42:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\My Documents\Downloads
[2010/01/08 11:21:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Macromedia
[2010/01/08 11:21:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Adobe
[2010/01/08 11:12:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\My Documents\photoshop
[2010/01/08 10:34:41 | 00,064,072 | ---- | C] () -- C:\Documents and Settings\StarGalaxy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/01/08 10:34:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\The Skins Factory
[2010/01/08 10:34:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Skinux
[2010/01/08 10:29:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Real
[2010/01/08 10:29:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Identities
[2010/01/08 10:28:54 | 00,000,081 | -HS- | C] () -- C:\Documents and Settings\StarGalaxy\My Documents\desktop.ini
[2010/01/08 10:28:54 | 00,000,000 | --SD | C] -- C:\Documents and Settings\StarGalaxy\My Documents\My Pictures
[2010/01/08 10:28:54 | 00,000,000 | --SD | C] -- C:\Documents and Settings\StarGalaxy\My Documents\My Music
[2010/01/08 10:27:13 | 06,413,360 | -H-- | C] () -- C:\Documents and Settings\StarGalaxy\Local Settings\Application Data\IconCache.db
[2010/01/08 10:26:58 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\StarGalaxy\Start Menu\Programs\Startup\desktop.ini
[2010/01/08 10:26:58 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\StarGalaxy\Application Data\desktop.ini
[2010/01/08 10:26:58 | 00,000,000 | --SD | C] -- C:\Documents and Settings\StarGalaxy\Application Data\Microsoft
[2010/01/08 10:26:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\StarGalaxy\Local Settings\Application Data\Microsoft
[2010/01/08 08:27:57 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/01/07 20:41:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Identities
[2010/01/07 20:28:47 | 00,000,000 | ---D | C] -- C:\Program Files\Cakewalk
[2010/01/07 20:28:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2010/01/07 20:28:47 | 00,000,000 | ---D | C] -- C:\Cakewalk Projects
[2010/01/07 20:25:25 | 00,058,368 | ---- | C] () -- C:\WINDOWS\System32\oriqycj.exe
[2010/01/07 20:25:05 | 00,000,010 | ---- | C] () -- C:\WINDOWS\System32\kr_done1
[2010/01/04 12:54:29 | 00,000,000 | ---D | C] -- C:\Program Files\MoparScape
[2010/01/04 12:46:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\.mpr_file_store_32
[2010/01/01 20:52:16 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2010/01/01 20:52:16 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2010/01/01 20:52:16 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2010/01/01 20:52:16 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2010/01/01 20:52:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2010/01/01 20:52:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2010/01/01 20:52:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2010/01/01 20:52:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2010/01/01 20:52:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2010/01/01 20:52:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2010/01/01 20:52:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2010/01/01 20:52:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2009/12/30 16:24:37 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2009/12/30 16:24:37 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2009/12/30 16:24:11 | 00,015,656 | ---- | C] (Wacom Technology) -- C:\WINDOWS\System32\drivers\wacmoumonitor.sys
[2009/12/30 16:24:02 | 00,000,112 | ---- | C] () -- C:\WINDOWS\System32\WacomTabletUserDefaults.xml
[2009/12/30 14:46:40 | 00,000,662 | ---- | C] () -- C:\Documents and Settings\StarGalaxy\Desktop\RocketDock.lnk
[2009/12/29 06:56:13 | 00,331,263 | ---- | C] () -- C:\WINDOWS\LOOP.exe
[2009/12/28 11:53:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Line 6
[2009/12/28 11:53:03 | 00,406,528 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\ReWire.dll
[2009/12/28 11:53:03 | 00,233,472 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\REX Shared Library.dll
[2009/12/28 11:51:57 | 00,000,000 | ---D | C] -- C:\Program Files\CodeMeter
[2009/12/28 11:46:06 | 00,000,000 | ---D | C] -- C:\Program Files\Propellerhead
[2009/12/25 16:30:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/12/25 14:32:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2009/12/20 19:21:11 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2009/12/20 19:21:11 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2009/12/20 18:17:53 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009/11/09 19:34:40 | 00,217,088 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2009/09/13 19:06:35 | 00,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009/09/12 09:01:08 | 00,000,088 | ---- | C] () -- C:\WINDOWS\StyleBuilder.INI
[2009/08/14 20:44:27 | 00,025,601 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2009/08/13 13:48:44 | 00,001,486 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/08/13 06:52:44 | 00,000,159 | ---- | C] () -- C:\WINDOWS\Video Converter Standard.ini
[2009/08/13 06:51:44 | 00,000,234 | ---- | C] () -- C:\WINDOWS\pro Video Converter Standard.ini
[2009/08/03 17:25:39 | 00,002,892 | ---- | C] () -- C:\WINDOWS\System32\audcon.sys
[2009/07/16 20:05:29 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/06/12 11:18:32 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/16 08:50:49 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2009/05/16 08:35:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2009/05/16 08:34:14 | 00,000,002 | ---- | C] () -- C:\WINDOWS\desktop.ini
[2009/05/16 08:33:13 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2009/05/16 08:33:13 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2009/05/16 08:32:19 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2009/05/16 08:32:18 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2009/05/16 02:56:02 | 00,521,942 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/16 02:56:01 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/14 06:00:00 | 01,291,264 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2008/04/14 06:00:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2008/04/14 06:00:00 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2008/04/14 06:00:00 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2008/04/14 06:00:00 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2008/04/14 06:00:00 | 00,386,048 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2008/04/14 06:00:00 | 00,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2008/04/14 06:00:00 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2008/04/14 06:00:00 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2008/04/14 06:00:00 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2008/04/14 06:00:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2008/04/14 06:00:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2008/04/14 06:00:00 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2008/04/14 06:00:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2008/04/14 06:00:00 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2008/04/14 06:00:00 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2008/04/14 06:00:00 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2008/04/14 06:00:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2008/04/14 06:00:00 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2008/04/14 06:00:00 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2008/04/14 06:00:00 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2008/04/14 06:00:00 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2008/04/14 06:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2008/04/14 06:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2008/04/14 06:00:00 | 00,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2008/04/14 06:00:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2008/04/14 06:00:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2008/04/14 06:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2008/04/14 06:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2008/04/14 06:00:00 | 00,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2008/04/14 06:00:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2008/04/14 06:00:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2008/04/14 06:00:00 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2008/04/14 06:00:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2008/04/14 06:00:00 | 00,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2008/04/14 06:00:00 | 00,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2008/04/14 06:00:00 | 00,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2008/04/14 06:00:00 | 00,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2008/04/14 06:00:00 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2008/04/14 06:00:00 | 00,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2008/04/14 06:00:00 | 00,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2008/04/14 06:00:00 | 00,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2008/04/14 06:00:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2008/04/14 06:00:00 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2008/04/14 06:00:00 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini
[2008/04/14 06:00:00 | 00,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2008/04/14 06:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/03/16 18:00:00 | 00,007,420 | ---- | C] () -- C:\WINDOWS\UA000106.DLL
[2001/08/17 16:36:28 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
========== Files - Modified Within 30 Days ==========
[2 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2010/01/09 20:47:39 | 00,035,328 | ---- | M] () -- C:\WINDOWS\System32\204767.exe
[2010/01/09 20:42:57 | 00,035,328 | ---- | M] () -- C:\WINDOWS\System32\196462.exe
[2010/01/09 20:23:58 | 00,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/09 20:23:58 | 00,441,454 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/09 20:23:58 | 00,071,264 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/09 20:20:30 | 00,000,081 | -HS- | M] () -- C:\Documents and Settings\StarGalaxy\My Documents\desktop.ini
[2010/01/09 20:19:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/09 20:19:18 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/09 20:17:23 | 06,413,360 | -H-- | M] () -- C:\Documents and Settings\StarGalaxy\Local Settings\Application Data\IconCache.db
[2010/01/09 20:01:00 | 00,000,244 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/01/09 19:33:25 | 00,000,453 | ---- | M] () -- C:\Documents and Settings\StarGalaxy\Desktop\Shortcut to system32.lnk
[2010/01/09 18:01:36 | 47,657,522 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/01/09 18:01:36 | 00,137,331 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2010/01/09 17:08:00 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2010/01/09 16:44:29 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atapi.sys
[2010/01/09 16:44:29 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/01/09 15:36:50 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/01/08 13:15:04 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/08 12:41:57 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/01/08 11:49:35 | 00,000,578 | ---- | M] () -- C:\WINDOWS\System32\Shortcut to 216699.lnk
[2010/01/08 10:34:41 | 00,064,072 | ---- | M] () -- C:\Documents and Settings\StarGalaxy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/01/08 10:10:23 | 02,290,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/07 20:54:11 | 00,012,540 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/07 20:54:11 | 00,012,540 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010/01/07 20:25:15 | 00,058,368 | ---- | M] () -- C:\WINDOWS\System32\oriqycj.exe
[2010/01/07 20:25:05 | 00,000,010 | ---- | M] () -- C:\WINDOWS\System32\kr_done1
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/03 03:50:00 | 00,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2009/12/30 19:14:27 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/30 14:46:40 | 00,000,662 | ---- | M] () -- C:\Documents and Settings\StarGalaxy\Desktop\RocketDock.lnk
[2009/12/30 14:00:05 | 00,025,601 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
[2009/12/30 12:13:48 | 00,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/12/29 10:53:21 | 00,001,486 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2009/12/28 11:53:03 | 00,406,528 | ---- | M] (Propellerhead Software AB) -- C:\WINDOWS\System32\ReWire.dll
[2009/12/28 11:53:03 | 00,233,472 | ---- | M] (Propellerhead Software AB) -- C:\WINDOWS\System32\REX Shared Library.dll
[2009/12/28 10:48:10 | 00,000,318 | ---- | M] () -- C:\WINDOWS\tasks\HP DArC Task #Hewlett-Packard#7200#CN37L2B1V5I3.job
[2009/12/12 16:08:23 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
========== LOP Check ==========
[2010/01/09 12:40:53 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/12/29 14:39:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/10/30 21:51:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2009/07/14 20:42:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2009/07/14 21:44:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/05/16 08:55:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/08/13 05:19:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2010/01/08 09:36:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2009/07/16 20:19:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2010/01/08 13:02:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/01/07 20:41:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Identities
[2009/12/28 11:53:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Line 6
[2009/05/16 08:53:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/08/13 18:49:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/11/09 21:29:46 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/05/16 09:36:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/11/09 19:39:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2009/12/29 07:16:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2009/10/30 21:25:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2009/07/16 20:09:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/01/09 12:40:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2009/08/03 10:20:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/12/29 14:33:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/08/03 18:13:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steinberg
[2009/08/03 17:25:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Syncrosoft
[2010/01/09 20:05:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/01/08 10:34:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Skins Factory
[2009/07/14 21:38:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2009/05/16 09:03:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/01/09 15:36:42 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\StarGalaxy\Application Data
[2010/01/08 11:21:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Adobe
[2010/01/08 10:29:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Identities
[2010/01/08 11:21:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Macromedia
[2010/01/08 13:15:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Malwarebytes
[2010/01/08 14:02:06 | 00,000,000 | --SD | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Microsoft
[2010/01/08 12:42:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Mozilla
[2010/01/08 10:29:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Real
[2010/01/09 12:40:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Simply Super Software
[2010/01/08 10:34:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Skinux
[2010/01/08 12:36:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\Sun
[2010/01/09 20:21:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\StarGalaxy\Application Data\uTorrent
[2008/04/14 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2010/01/03 03:50:00 | 00,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2009/12/28 10:48:10 | 00,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#7200#CN37L2B1V5I3.job
[2010/01/09 17:08:00 | 00,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\HP Usg Daily.job
[2010/01/09 20:19:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2010/01/09 20:01:00 | 00,000,244 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 1237 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:UvBuOh2cFsTOhsmcouOR3f
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 1120 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:DDydhqOfNcp1q8vCHKbT
@Alternate Data Stream - 1112 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:MavDYfDCz3QbCl0UUH0g2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E4B8B9F7
@Alternate Data Stream - 1045 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:Cgu8PiyVvYBDmr0Viqs5
< End of report >
OTListIt Extras logfile created on: 1/9/2010 8:43:37 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.10.0 Folder = C:\Documents and Settings\StarGalaxy\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1015.35 Mb Total Physical Memory | 440.96 Mb Available Physical Memory | 43.43% Memory free
2.44 Gb Paging File | 1.86 Gb Available in Paging File | 76.28% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 38.26 Gb Free Space | 51.34% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: USER-XP
Current User Name: StarGalaxy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\system32\shell32.DLL (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\system32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\system32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 06:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 06:00:00 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2009/04/03 04:01:00 | 01,680,704 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 06:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 06:00:00 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2009/08/19 08:11:10 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
[2009/12/12 09:15:10 | 01,143,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
[2009/08/19 08:11:19 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
[2010/01/09 15:36:45 | 00,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
File not found -- C:\Documents and Settings\User\Application Data\PowerChallenge\PowerSoccer\PowerSoccer.exe:*:Enabled:PowerSoccer
File not found -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
File not found -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
File not found -- C:\Documents and Settings\User\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack
[2008/04/14 06:00:00 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
[2008/04/14 06:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App
[2009/12/22 11:41:29 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
[2009/04/03 04:01:00 | 01,680,704 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server
[2008/04/14 04:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2009/12/07 06:45:50 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary
[2009/12/07 06:45:50 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary
File not found -- C:\Documents and Settings\User\dfiuhiu.exe:*:Enabled:ENABLE
[2010/01/07 20:25:15 | 00,058,368 | ---- | M] () -- C:\WINDOWS\system32\oriqycj.exe:*:Enabled:ENABLE
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17
"{26B46206-DF80-4DA2-AEAB-FF146320C344}" = CodeMeter Runtime Kit v4.01
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}" = MSN Toolbar
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{60758250-C8CF-47EB-8CB6-E0C3B84D8207}" = PSShortcuts
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BB045C3-D5E4-4620-B536-DC11AACD5942}" = Broadcom Management Programs
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A15B3CF2-7FB7-4102-BBC9-9680B7F0825F}" = InterLok Driver Kit
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{BCE46757-7674-4416-BEDB-68205A60409E}" = Canon CanoScan Toolbox 4.1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DE4997B5-55AD-4878-97A7-C9FA84FE23C7}" = PSUsage
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8282D32-0924-47CB-B6E8-001B3C5716A0}" = PS7200
"{F870B987-18BC-45FC-9BE8-35C02DCDA10F}" = Broadcom NetXtreme Ethernet Controller
"Adobe AIR" = Adobe AIR
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Antares Autotune VST_is1" = Antares Autotune VST v5.09
"ASIO4ALL" = ASIO4ALL
"AVG8Uninstall" = AVG 8.5
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"iZotope Alloy_is1" = iZotope Alloy
"iZotope Ozone 4_is1" = iZotope Ozone 4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 12.0" = RealPlayer
"RocketDock_is1" = RocketDock 1.3.5
"Syncrosoft License Control" = Syncrosoft License Control
"Trojan Remover_is1" = Trojan Remover 6.8.0
"uTorrent" = µTorrent
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/24/2009 3:57:14 PM | Computer Name = USER-XP | Source = Google Update | ID = 20
Description =
Error - 10/24/2009 4:57:05 PM | Computer Name = USER-XP | Source = Google Update | ID = 20
Description =
Error - 10/24/2009 6:24:43 PM | Computer Name = USER-XP | Source = Application Error | ID = 1000
Description = Faulting application photoshop.exe, version 11.0.0.0, faulting module
, version 0.0.0.0, fault address 0x00000000.
Error - 10/28/2009 4:57:15 PM | Computer Name = USER-XP | Source = Google Update | ID = 20
Description =
Error - 10/28/2009 5:57:05 PM | Computer Name = USER-XP | Source = Google Update | ID = 20
Description =
Error - 10/31/2009 11:56:54 PM | Computer Name = USER-XP | Source = Application Error | ID = 1000
Description = Faulting application autotune.exe, version 0.0.0.0, faulting module
autotune.exe, version 0.0.0.0, fault address 0x0000cf4d.
Error - 10/31/2009 11:57:04 PM | Computer Name = USER-XP | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Error - 11/1/2009 12:04:23 AM | Computer Name = USER-XP | Source = Application Hang | ID = 1002
Description = Hanging application autotune.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/1/2009 10:56:02 AM | Computer Name = USER-XP | Source = Application Error | ID = 1000
Description = Faulting application au_.exe, version 1.0.0.0, faulting module unknown,
version 0.0.0.0, fault address 0x00b61067.
Error - 11/1/2009 3:45:30 PM | Computer Name = USER-XP | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
npswf32.dll, version 10.0.32.18, fault address 0x000cdda5.
[ System Events ]
Error - 1/9/2010 9:26:23 PM | Computer Name = USER-XP | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 1/9/2010 9:27:37 PM | Computer Name = USER-XP | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%2
Error - 1/9/2010 9:31:06 PM | Computer Name = USER-XP | Source = DCOM | ID = 10010
Description = The server {66B093B7-B5E3-4CFE-B32B-FEB55F172481} did not register
with DCOM within the required timeout.
Error - 1/9/2010 9:32:55 PM | Computer Name = USER-XP | Source = DCOM | ID = 10010
Description = The server {66B093B7-B5E3-4CFE-B32B-FEB55F172481} did not register
with DCOM within the required timeout.
Error - 1/9/2010 10:17:54 PM | Computer Name = USER-XP | Source = DCOM | ID = 10010
Description = The server {66B093B7-B5E3-4CFE-B32B-FEB55F172481} did not register
with DCOM within the required timeout.
Error - 1/9/2010 10:19:34 PM | Computer Name = USER-XP | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 1/9/2010 10:19:37 PM | Computer Name = USER-XP | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.
Error - 1/9/2010 10:19:37 PM | Computer Name = USER-XP | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.
Error - 1/9/2010 10:20:54 PM | Computer Name = USER-XP | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%2
Error - 1/9/2010 10:20:54 PM | Computer Name = USER-XP | Source = Service Control Manager | ID = 7023
Description = The Windows Firewall/Internet Connection Sharing (ICS) service terminated
with the following error: %%2
< End of report >