Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Popups & BSOD


  • Please log in to reply

#1
kingofny.hova

kingofny.hova

    Member

  • Member
  • PipPip
  • 53 posts
Hello All,

I am having problems with something that I can't quite put my finger on yet. I was using Google Chrome(5.0.307.1) a couple of days ago and had popups come up whenever I went to a Google site. For example, search, Gmail & Google Reader. I haven't had problems like this before due to previous experiences with viruses & spyware. I run MBAM and Microsoft Security Essentials for scanning. I haven't had anything come up except for tracking cookies, which was a month ago or so. I just started getting the BSOD yesterday as I was running the GMER program that I was told to run prior to posting here. It has happened three times now about 30 seconds to a minute into the scan. I cannot finish the scan and cannot produce a log. I have checked the Event logs & Resource Performance logs and saved it to a text file if anyone could take a look at that as well to the others. I think its hardware, but when I spoke to a "tech" at a repair shop he said it sounded like malware. If I'm in the wrong forum, I apologize. I can't think of anything else related but could answer any question you have about it. So here are my logs. Thanks for the help.

Malwarebytes' Anti-Malware 1.44
Database version: 3683
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2/3/2010 8:14:33 AM
mbam-log-2010-02-03 (08-14-33).txt

Scan type: Quick Scan
Objects scanned: 107008
Time elapsed: 5 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL Extras logfile created on: 2/3/2010 9:49:59 AM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\Andres\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 58.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146.02 Gb Total Space | 36.56 Gb Free Space | 25.04% Space Free | Partition Type: NTFS
Drive D: | 3.02 Gb Total Space | 1.07 Gb Free Space | 35.32% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 931.51 Gb Total Space | 334.06 Gb Free Space | 35.86% Space Free | Partition Type: NTFS
Drive O: | 298.09 Gb Total Space | 20.14 Gb Free Space | 6.76% Space Free | Partition Type: NTFS

Computer Name: MYPC
Current User Name: Andres
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Andres\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" /ADD "%1" (Ventis Media Inc.)
Directory [OneNote.Open] -- C:\PROGRA~1\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1800_series" = Canon iP1800 series
"{11F5D779-7BD9-465A-BBC4-10701386BCB9}" = FW LiveUpdate
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = WN111v2
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{370BCBBA-67D7-4535-ADCD-58CD1C8DEC99}" = Zune Language Pack (DE)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40EC6323-497B-44DA-8A88-74578622D9B3}" = Zune Language Pack (IT)
"{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}" = Microsoft Security Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{4F77F6EE-2C99-49F7-940A-2E9C208C3BE1}" = Paint.NET v3.5.2
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{5C1DA723-24FC-48AD-93BA-925695C3EF26}" = Logitech Gaming Software
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63C98752-1B7D-4C8F-8C70-0B0A29D5ECBF}" = ArcSoft MediaConverter 2.5
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78E9A751-5616-233F-1249-16AC5758C646}" = muvee Reveal Seagate Edition
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8429A3E7-F308-47D5-9025-9823848D724C}" = Lala Music Mover
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{888FFC82-688D-46AB-A776-B417885432B6}" = Zune
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}" = Microsoft Antimalware
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1" = Fast Duplicate File Finder 1.1.0.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BC2FE771-EDBE-3087-A676-2B6C45A2BF7E}" = Google Gears
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ Beta 4.2
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.8.320
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F318330F-DE7D-4B22-AF7C-C3760DDC2EF3}" = Xmarks for IE
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"7 Sins" = 7 Sins
"7-Zip" = 7-Zip 9.10 beta
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe® Flash® Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALchemy" = Creative ALchemy
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.10
"Audacity_is1" = Audacity 1.2.6
"AudioCS" = Creative Audio Control Panel
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"Cooking Dash - DinerTown Studios1.0" = Cooking Dash - DinerTown Studios
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVDFab 6_is1" = DVDFab 6.2.0.5 (11/11/2009)
"Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Feeding Frenzy 2" = Feeding Frenzy 2
"FileHippo.com" = FileHippo.com Update Checker
"Foxit Reader" = Foxit Reader
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.2
"GMailFS" = GMail Drive Shell Extension
"Google Calendar Sync" = Google Calendar Sync
"HandBrake" = Handbrake 0.9.4
"HijackThis" = HijackThis 2.0.2
"InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = RangeMax Wireless-N USB Adapter WN111v2
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"IObit Security 360_is1" = IObit Security 360
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Orb" = Orb
"Picasa 3" = Picasa 3
"SDEFree14_is1" = SkyDrive Explorer 1.4
"SpywareBlaster_is1" = SpywareBlaster 4.2
"Switch" = Switch Sound File Converter
"SystemRequirementsLab" = System Requirements Lab
"UltraISO_is1" = UltraISO Premium V8.62
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.3
"WaveStudio 7" = Creative WaveStudio 7
"WinLiveSuite_Wave3" = Windows Live Essentials
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Zune" = Zune

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2™
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/3/2010 2:40:01 AM | Computer Name = MyPC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files\microsoft\search
enhancement pack\search helper\SEPsearchhelperie.dll".Error in manifest or policy
file "c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll"
on line 2. Invalid Xml syntax.

Error - 2/3/2010 2:40:27 AM | Computer Name = MyPC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy
file "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
on line 2. Invalid Xml syntax.

Error - 2/3/2010 3:06:05 AM | Computer Name = MyPC | Source = Google Update | ID = 20
Description =

Error - 2/3/2010 4:06:05 AM | Computer Name = MyPC | Source = Google Update | ID = 20
Description =

Error - 2/3/2010 5:06:05 AM | Computer Name = MyPC | Source = Google Update | ID = 20
Description =

Error - 2/3/2010 6:06:05 AM | Computer Name = MyPC | Source = Google Update | ID = 20
Description =

Error - 2/3/2010 7:06:05 AM | Computer Name = MyPC | Source = Google Update | ID = 20
Description =

Error - 2/3/2010 8:06:05 AM | Computer Name = MyPC | Source = Google Update | ID = 20
Description =

Error - 2/3/2010 9:06:05 AM | Computer Name = MyPC | Source = Google Update | ID = 20
Description =

Error - 2/3/2010 11:37:15 AM | Computer Name = MyPC | Source = Application Error | ID = 1000
Description = Faulting application name: gmer.exe, version: 1.0.15.15281, time stamp:
0x4b2763f0 Faulting module name: gmer.exe, version: 1.0.15.15281, time stamp: 0x4b2763f0
Exception
code: 0xc0000005 Fault offset: 0x0000c4b1 Faulting process id: 0x17ec Faulting application
start time: 0x01caa4e6a3e013e4 Faulting application path: C:\Users\Andres\Desktop\gmer.exe
Faulting
module path: C:\Users\Andres\Desktop\gmer.exe Report Id: 005bf527-10da-11df-9a11-0013d303519a

[ Media Center Events ]
Error - 1/23/2010 2:20:29 PM | Computer Name = Andres-PC | Source = MCUpdate | ID = 0
Description = 12:20:29 PM - Error connecting to the internet. 12:20:29 PM - Unable
to contact server..

Error - 1/31/2010 8:38:45 PM | Computer Name = Andres-PC | Source = MCUpdate | ID = 0
Description = 6:38:40 PM - Error connecting to the internet. 6:38:40 PM - Unable
to contact server..

Error - 2/2/2010 8:10:24 AM | Computer Name = MyPC | Source = MCUpdate | ID = 0
Description = 6:10:24 AM - Error connecting to the internet. 6:10:24 AM - Unable
to contact server..

Error - 2/2/2010 8:10:35 AM | Computer Name = MyPC | Source = MCUpdate | ID = 0
Description = 6:10:29 AM - Error connecting to the internet. 6:10:29 AM - Unable
to contact server..

Error - 2/2/2010 9:10:39 AM | Computer Name = MyPC | Source = MCUpdate | ID = 0
Description = 7:10:39 AM - Error connecting to the internet. 7:10:39 AM - Unable
to contact server..

Error - 2/2/2010 9:10:47 AM | Computer Name = MyPC | Source = MCUpdate | ID = 0
Description = 7:10:45 AM - Error connecting to the internet. 7:10:45 AM - Unable
to contact server..

Error - 2/3/2010 8:21:53 AM | Computer Name = MyPC | Source = MCUpdate | ID = 0
Description = 6:21:53 AM - Error connecting to the internet. 6:21:53 AM - Unable
to contact server..

Error - 2/3/2010 8:22:03 AM | Computer Name = MyPC | Source = MCUpdate | ID = 0
Description = 6:21:58 AM - Error connecting to the internet. 6:21:58 AM - Unable
to contact server..

Error - 2/3/2010 9:22:08 AM | Computer Name = MyPC | Source = MCUpdate | ID = 0
Description = 7:22:08 AM - Error connecting to the internet. 7:22:08 AM - Unable
to contact server..

Error - 2/3/2010 9:22:16 AM | Computer Name = MyPC | Source = MCUpdate | ID = 0
Description = 7:22:14 AM - Error connecting to the internet. 7:22:14 AM - Unable
to contact server..

[ System Events ]
Error - 1/27/2010 3:49:39 AM | Computer Name = Andres-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.71.2485.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.5302.0 Error
code: 0x80240022 Error description: The program can't check for definition updates.


Error - 1/27/2010 3:49:47 AM | Computer Name = Andres-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.71.2485.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....DE-D861FCBCFCDE

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.5302.0 Error code: 0x80072f76 Error description: The
requested header was not found

Error - 1/27/2010 3:49:47 AM | Computer Name = Andres-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.71.2485.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....DE-D861FCBCFCDE

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.5302.0 Error code: 0x80072f76 Error description: The
requested header was not found

Error - 1/27/2010 3:49:47 AM | Computer Name = Andres-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.71.2485.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....DE-D861FCBCFCDE

Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.5302.0 Error code: 0x80072f76 Error description: The
requested header was not found

Error - 1/27/2010 3:49:47 AM | Computer Name = Andres-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.71.2485.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....DE-D861FCBCFCDE

Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.5302.0 Error code: 0x80072f76 Error description: The
requested header was not found

Error - 1/27/2010 5:16:48 AM | Computer Name = Andres-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.

Error - 1/27/2010 5:21:05 AM | Computer Name = Andres-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%861 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 1/27/2010 1:24:16 PM | Computer Name = Andres-PC | Source = DCOM | ID = 10001
Description =

Error - 1/27/2010 3:28:55 PM | Computer Name = Andres-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - 1/27/2010 4:05:46 PM | Computer Name = Andres-PC | Source = Service Control Manager | ID = 7016
Description = The NVIDIA Display Driver Service service has reported an invalid
current state 32.


< End of report >


OTL logfile created on: 2/3/2010 9:49:59 AM - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\Andres\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 58.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146.02 Gb Total Space | 36.56 Gb Free Space | 25.04% Space Free | Partition Type: NTFS
Drive D: | 3.02 Gb Total Space | 1.07 Gb Free Space | 35.32% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 931.51 Gb Total Space | 334.06 Gb Free Space | 35.86% Space Free | Partition Type: NTFS
Drive O: | 298.09 Gb Total Space | 20.14 Gb Free Space | 6.76% Space Free | Partition Type: NTFS

Computer Name: MYPC
Current User Name: Andres
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/02/02 11:12:05 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\Andres\Desktop\OTL.exe
PRC - [2010/02/01 15:50:41 | 000,126,976 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2010/01/28 18:14:51 | 000,514,032 | ---- | M] (Google Inc.) -- C:\Users\Andres\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010/01/22 19:16:42 | 000,141,608 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2010/01/11 22:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/12/04 18:01:39 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/11/14 11:51:22 | 000,312,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe
PRC - [2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/10 10:07:04 | 001,728,512 | ---- | M] (NETGEAR) -- C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/13 17:52:50 | 001,048,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/18 17:47:36 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/07/16 16:29:04 | 000,510,416 | ---- | M] (Orb Networks) -- C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
PRC - [2009/07/13 22:18:12 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/07/13 19:14:50 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2009/07/13 19:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 19:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe
PRC - [2009/07/02 16:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/18 13:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/08/01 13:31:00 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/06/13 15:26:54 | 002,498,560 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
PRC - [2008/01/29 20:19:34 | 000,041,472 | ---- | M] (Orb Networks) -- C:\Program Files\Orb Networks\Orb\bin\OrbMediaService.exe


========== Modules (SafeList) ==========

MOD - [2010/02/02 11:12:05 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\Andres\Desktop\OTL.exe
MOD - [2009/07/13 19:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 19:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 19:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 19:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 19:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 19:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 19:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 19:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 19:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 19:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 19:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/02/01 08:20:19 | 000,326,792 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/01/27 14:12:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/01/27 03:06:51 | 001,181,328 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2010/01/11 22:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2010/01/07 14:38:18 | 000,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/01/07 14:38:08 | 005,950,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010/01/05 14:35:28 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/11/14 11:51:22 | 000,312,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Security 360\is360srv.exe -- (IS360service)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/18 20:38:46 | 000,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/08/18 17:47:35 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/13 22:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009/07/13 19:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 19:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 19:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 19:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 19:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 19:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 19:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 19:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 19:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 19:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 19:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 19:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 19:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 19:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 19:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 19:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 19:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 19:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 19:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 19:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/07/02 16:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/18 13:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/08/01 13:31:00 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/02/29 02:07:18 | 000,942,080 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe -- (jswpsapi)
SRV - [2008/01/29 20:19:34 | 000,041,472 | ---- | M] (Orb Networks) [Auto | Running] -- C:\Program Files\Orb Networks\Orb\bin\OrbMediaService.exe -- (OrbMediaService)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/04/03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FD D6 72 42 43 7B CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co...en&source=mpes"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: [email protected]:1.4.3
FF - prefs.js..extensions.enabledItems: [email protected]:3.4.10
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.62
FF - prefs.js..extensions.enabledItems: {9f94fab0-58a2-11dd-ae16-0800200c9a66}:3.0.26
FF - prefs.js..extensions.enabledItems: {d62e0de0-401b-11dd-ae16-0800200c9a66}:4.0.89

FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/01/05 13:50:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/27 14:44:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/01 16:32:22 | 000,000,000 | ---D | M]

[2010/01/05 14:07:54 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Mozilla\Extensions
[2010/02/02 19:09:06 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions
[2010/01/29 06:55:22 | 000,000,000 | ---D | M] (IE View) -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010/01/05 14:08:00 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2010/02/02 19:08:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/01/05 14:08:00 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2010/01/11 21:11:27 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/05 14:08:00 | 000,000,000 | ---D | M] (AvantGarde Skylight) -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\{d62e0de0-401b-11dd-ae16-0800200c9a66}
[2010/01/05 14:07:55 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\[email protected]
[2010/01/05 14:07:55 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\[email protected]
[2010/01/05 14:07:55 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\[email protected]
[2010/01/29 06:55:26 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\[email protected]
[2010/01/05 14:07:59 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\extensions\[email protected]
[2009/12/05 08:51:18 | 000,002,171 | ---- | M] () -- C:\Users\Andres\AppData\Roaming\Mozilla\Firefox\Profiles\id4g6qyp.default\searchplugins\bing.xml
[2010/02/02 19:09:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/01 16:31:56 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2009/12/15 19:45:56 | 000,416,584 | ---- | M] (Lala Media) -- C:\Program Files\Mozilla Firefox\plugins\nplalaDl.dll

O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [jswtrayutil] C:\Program Files\NETGEAR\WN111v2\jswtrayutil.exe File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [P17RunE] C:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to &Evernote - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003/08/09 00:24:26 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/12/26 19:18:43 | 000,000,067 | ---- | M] () - M:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{6cb56ad4-ec23-11de-8321-0013d303519a}\Shell - "" = AutoRun
O33 - MountPoints2\{6cb56ad4-ec23-11de-8321-0013d303519a}\Shell\AutoRun\command - "" = L:\WD SmartWare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/07/13 20:37:08 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2010/02/02 13:31:56 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/02/02 11:11:56 | 000,548,864 | ---- | C] (OldTimer Tools) -- C:\Users\Andres\Desktop\OTL.exe
[2010/02/02 11:10:05 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Andres\Desktop\erunt_setup.exe
[2010/02/02 11:09:07 | 000,439,808 | ---- | C] (OldTimer Tools) -- C:\Users\Andres\Desktop\TFC.exe
[2010/02/02 10:54:29 | 000,000,000 | ---D | C] -- C:\Users\Andres\AppData\Roaming\vghd
[2010/02/01 19:40:24 | 008,438,515 | ---- | C] (SeriousBit ) -- C:\Users\Andres\Desktop\EnhanceMySe7enFreeSetup.exe
[2010/02/01 16:30:25 | 005,359,048 | ---- | C] (Foxit Software) -- C:\Users\Andres\Desktop\FoxitReader31_enu_Setup_091125.exe
[2010/02/01 15:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010/02/01 08:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/01/28 14:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010/01/28 10:51:35 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/01/28 10:09:35 | 000,000,000 | ---D | C] -- C:\DVR116D
[2010/01/27 16:26:59 | 000,000,000 | ---D | C] -- C:\Users\Andres\AppData\Local\Electronic Arts
[2010/01/27 16:26:45 | 000,000,000 | ---D | C] -- C:\Users\Andres\Documents\Electronic Arts
[2010/01/27 14:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/01/27 14:38:15 | 000,000,000 | ---D | C] -- C:\Users\Andres\AppData\Roaming\Creative
[2010/01/27 14:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/01/27 14:13:20 | 000,068,200 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/01/27 11:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/01/27 11:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/01/27 11:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/01/27 10:09:35 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/01/27 10:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/01/27 10:00:28 | 000,000,000 | ---D | C] -- C:\Users\Andres\AppData\Roaming\SystemRequirementsLab
[2010/01/25 14:12:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NETGEAR
[2010/01/25 14:10:43 | 000,000,000 | ---D | C] -- C:\Users\Andres\.littleshoot
[2010/01/25 14:10:34 | 000,000,000 | ---D | C] -- C:\Users\Andres\AppData\Roaming\LittleShoot
[2010/01/25 10:40:08 | 000,000,000 | ---D | C] -- C:\Dead Space
[2010/01/24 16:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\Monte Cristo
[2010/01/24 14:30:10 | 000,000,000 | ---D | C] -- C:\Users\Andres\Documents\Eidos
[2010/01/24 13:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos
[2010/01/20 18:06:06 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\7994829.sys
[2010/01/20 18:06:06 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\79948291.sys
[2010/01/20 18:06:06 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\79948292.sys
[2009/08/18 17:36:58 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Andres\AppData\Roaming\pcouffin.sys
[2002/04/10 19:41:06 | 000,065,536 | ---- | C] ( ) -- C:\Windows\System32\A3D.DLL

========== Files - Modified Within 14 Days ==========

[2010/02/03 09:47:30 | 000,000,000 | ---- | M] () -- C:\OrbPVR.db
[2010/02/03 09:47:13 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/02/03 09:47:13 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2010/02/03 09:47:12 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2010/02/03 09:47:12 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2010/02/03 09:47:12 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2010/02/03 09:46:57 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/03 09:45:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/03 09:45:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/03 09:45:23 | 1609,474,048 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/03 09:45:21 | 280,044,870 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/02/03 09:43:13 | 003,932,160 | -HS- | M] () -- C:\Users\Andres\ntuser.dat
[2010/02/03 09:11:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2094548159-3345128425-1565910906-1000UA.job
[2010/02/03 09:06:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/02 23:41:43 | 000,025,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/02 23:41:43 | 000,025,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/02 22:34:15 | 1174,142,894 | ---- | M] () -- C:\Users\Andres\Desktop\House.S06E12.720p.HDTV.x264-IMMERSE.mkv
[2010/02/02 20:50:30 | 367,350,630 | ---- | M] () -- C:\Users\Andres\Desktop\American.Idol.S09E06.Dallas.Auditions.HDTV.XviD-FQM.avi
[2010/02/02 20:42:32 | 364,529,262 | ---- | M] () -- C:\Users\Andres\Desktop\American.Idol.S09E05.HDTV.XviD-2HD.avi
[2010/02/02 20:24:16 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2094548159-3345128425-1565910906-1000Core.job
[2010/02/02 17:33:08 | 003,039,290 | ---- | M] () -- C:\Users\Andres\Desktop\WNDR3300-V1.0.45_1.0.45NA.chk
[2010/02/02 15:07:21 | 000,001,446 | ---- | M] () -- C:\Users\Andres\Desktop\cheat - Shortcut.lnk
[2010/02/02 11:12:05 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\Andres\Desktop\OTL.exe
[2010/02/02 11:10:20 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Andres\Desktop\erunt_setup.exe
[2010/02/02 11:09:16 | 000,439,808 | ---- | M] (OldTimer Tools) -- C:\Users\Andres\Desktop\TFC.exe
[2010/02/02 03:15:16 | 004,577,282 | -H-- | M] () -- C:\Users\Andres\AppData\Local\IconCache.db
[2010/02/01 19:42:35 | 008,438,515 | ---- | M] (SeriousBit ) -- C:\Users\Andres\Desktop\EnhanceMySe7enFreeSetup.exe
[2010/02/01 16:31:40 | 005,359,048 | ---- | M] (Foxit Software) -- C:\Users\Andres\Desktop\FoxitReader31_enu_Setup_091125.exe
[2010/02/01 13:01:43 | 002,921,472 | ---- | M] () -- C:\Users\Andres\Documents\HomeNetworkPassword.doc
[2010/02/01 12:44:43 | 000,029,216 | ---- | M] () -- C:\Users\Andres\Documents\Weekly Weigh-ins.docx
[2010/02/01 12:06:43 | 000,065,560 | ---- | M] () -- C:\Users\Andres\Desktop\NETGEAR_WNDR3300.cfg
[2010/01/30 08:03:21 | 000,626,794 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/30 08:03:21 | 000,108,366 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/30 08:03:20 | 000,731,366 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/29 10:22:48 | 000,058,880 | ---- | M] () -- C:\Users\Andres\Documents\2010 Resume.doc
[2010/01/29 10:07:24 | 000,030,154 | ---- | M] () -- C:\Users\Andres\Desktop\vacancies_jan25_10.pdf
[2010/01/27 14:00:55 | 000,002,002 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2010/01/27 12:01:00 | 000,015,360 | ---- | M] () -- C:\Windows\System32\BASSMOD.dll
[2010/01/27 11:34:30 | 000,000,287 | ---- | M] () -- C:\Windows\game.ini
[2010/01/27 03:07:05 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010/01/26 22:59:26 | 000,003,584 | ---- | M] () -- C:\Users\Andres\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/25 14:13:06 | 000,002,027 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk

========== Files Created - No Company Name ==========

[2010/02/03 09:47:30 | 000,000,000 | ---- | C] () -- C:\OrbPVR.db
[2010/02/03 09:47:13 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/02/03 09:47:13 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2010/02/03 09:47:12 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2010/02/03 09:47:12 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2010/02/03 09:47:12 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2010/02/02 19:00:47 | 1174,142,894 | ---- | C] () -- C:\Users\Andres\Desktop\House.S06E12.720p.HDTV.x264-IMMERSE.mkv
[2010/02/02 18:46:58 | 367,350,630 | ---- | C] () -- C:\Users\Andres\Desktop\American.Idol.S09E06.Dallas.Auditions.HDTV.XviD-FQM.avi
[2010/02/02 18:45:09 | 364,529,262 | ---- | C] () -- C:\Users\Andres\Desktop\American.Idol.S09E05.HDTV.XviD-2HD.avi
[2010/02/02 17:32:52 | 003,039,290 | ---- | C] () -- C:\Users\Andres\Desktop\WNDR3300-V1.0.45_1.0.45NA.chk
[2010/02/02 15:07:21 | 000,001,446 | ---- | C] () -- C:\Users\Andres\Desktop\cheat - Shortcut.lnk
[2010/02/02 14:44:41 | 000,293,376 | ---- | C] () -- C:\Users\Andres\Desktop\gmer.exe
[2010/02/01 13:01:39 | 002,921,472 | ---- | C] () -- C:\Users\Andres\Documents\HomeNetworkPassword.doc
[2010/02/01 12:06:42 | 000,065,560 | ---- | C] () -- C:\Users\Andres\Desktop\NETGEAR_WNDR3300.cfg
[2010/01/29 10:07:23 | 000,030,154 | ---- | C] () -- C:\Users\Andres\Desktop\vacancies_jan25_10.pdf
[2010/01/28 10:51:27 | 280,044,870 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/01/27 14:13:20 | 000,007,437 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010/01/27 14:00:55 | 000,002,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2010/01/27 12:01:00 | 000,015,360 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010/01/27 11:34:30 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2010/01/26 22:59:25 | 000,003,584 | ---- | C] () -- C:\Users\Andres\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/25 14:13:06 | 000,002,027 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk
[2010/01/11 18:16:13 | 000,037,845 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/01/10 18:21:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/05 15:32:49 | 000,000,017 | ---- | C] () -- C:\Users\Andres\AppData\Local\resmon.resmoncfg
[2010/01/05 13:42:19 | 000,166,912 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2010/01/05 13:42:19 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2009/12/28 14:07:40 | 000,000,760 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\setup_ldm.iss
[2009/12/08 15:54:13 | 000,000,582 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\AutoGK.ini
[2009/12/04 20:42:26 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/10/16 06:50:54 | 000,003,930 | ---- | C] () -- C:\Windows\System32\ludap17.ini
[2009/08/19 20:39:55 | 000,001,041 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\vso_ts_preview.xml
[2009/08/18 18:15:17 | 000,000,462 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\SamsungLiveUpdateConfig.ini
[2009/08/18 17:38:54 | 000,000,034 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\pcouffin.log
[2009/08/18 17:36:58 | 000,087,608 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\inst.exe
[2009/08/18 17:36:58 | 000,007,887 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\pcouffin.cat
[2009/08/18 17:36:58 | 000,001,144 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\pcouffin.inf
[2009/08/18 17:36:23 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/08/18 17:36:22 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/08/17 13:29:51 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
[2009/08/16 17:14:21 | 000,022,328 | ---- | C] () -- C:\Users\Andres\AppData\Roaming\PnkBstrK.sys
[2009/08/16 16:44:57 | 000,000,268 | RH-- | C] () -- C:\Users\Andres\AppData\Roaming\Specifications
[2009/08/16 16:26:14 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/13 17:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/04/14 07:43:32 | 000,154,144 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
[2008/11/13 06:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2007/12/04 05:20:30 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini
[2007/06/07 05:25:42 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini
[2005/05/03 05:38:42 | 000,064,512 | ---- | C] () -- C:\Windows\System32\P17.DLL
[2005/03/08 06:17:00 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2003/10/02 04:48:18 | 000,053,248 | ---- | C] () -- C:\Windows\System32\P17CPI.DLL

========== LOP Check ==========

[2010/01/05 14:06:39 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\.purple
[2010/01/05 14:06:39 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Actecom
[2010/01/05 14:07:44 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Canneverbe_Limited
[2009/12/10 09:23:31 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\cspa
[2010/01/05 14:07:44 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Dropbox
[2010/01/05 14:07:44 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\DVDFab
[2010/01/05 14:07:44 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Foxit
[2010/01/05 14:07:45 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\HandBrake
[2010/01/05 14:07:45 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Hardcore
[2010/01/05 14:07:45 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Juce VST Host
[2010/01/18 22:54:45 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Lala Music Mover
[2010/01/05 14:07:45 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Leadertech
[2010/01/25 14:10:36 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\LittleShoot
[2010/01/05 21:54:24 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Ludia
[2010/02/01 16:37:06 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\muvee Technologies
[2010/01/05 14:08:00 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\NCH Swift Sound
[2010/01/05 14:08:00 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Nikon
[2010/01/05 14:08:00 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\OpenOffice.org
[2010/01/05 22:27:25 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\PlayFirst
[2010/01/05 14:08:08 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\RipIt4Me
[2010/01/05 14:08:08 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Sawer
[2010/01/05 14:08:09 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Software4u
[2010/01/27 10:01:04 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\SystemRequirementsLab
[2010/02/02 22:42:44 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\uTorrent
[2010/02/02 10:54:29 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\vghd
[2010/01/05 14:08:11 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Vso
[2009/12/10 08:53:09 | 000,000,000 | ---D | M] -- C:\Users\Andres\AppData\Roaming\Windows Live Writer
[2010/02/03 09:47:12 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 1).job
[2010/02/03 09:47:12 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 2).job
[2010/02/03 09:47:12 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 3).job
[2010/02/03 09:47:13 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 4).job
[2010/02/03 09:47:13 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/07/13 22:53:46 | 000,008,354 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009/07/13 19:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 19:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 19:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 19:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 19:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 19:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 19:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/13 19:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2009/07/13 19:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/13 19:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 19:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 19:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/13 19:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 19:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/13 19:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 19:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 19:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/13 19:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Attached Files


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP