when i ran malwarebytes it didn't find anything but still get the downloader.zlob warnings
thanks for your help and let me know what else i need to do or run
ots:
OTS logfile created on: 2/8/2010 12:47:37 PM - Run 2
OTS by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
446.00 Mb Total Physical Memory | 101.00 Mb Available Physical Memory | 23.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.06 Gb Total Space | 23.49 Gb Free Space | 16.19% Space Free | Partition Type: NTFS
Drive D: | 3.98 Gb Total Space | 2.72 Gb Free Space | 68.31% Space Free | Partition Type: FAT32
Drive E: | 382.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3.73 Gb Total Space | 3.73 Gb Free Space | 99.83% Space Free | Partition Type: FAT32
Computer Name: R-W2A4L6L8
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 90 Days
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/02/08 12:08:38 | 000,632,320 | ---- | M] (OldTimer Tools)
avgtray.exe -> C:\Program Files\AVG\AVG9\avgtray.exe -> [2009/12/31 11:39:07 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgrsx.exe -> C:\Program Files\AVG\AVG9\avgrsx.exe -> [2009/12/11 17:52:00 | 000,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgnsx.exe -> C:\Program Files\AVG\AVG9\avgnsx.exe -> [2009/12/11 17:51:59 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgchsvx.exe -> C:\Program Files\AVG\AVG9\avgchsvx.exe -> [2009/11/30 22:34:58 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgcsrvx.exe -> C:\Program Files\AVG\AVG9\avgcsrvx.exe -> [2009/11/30 22:34:55 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2009/11/30 22:34:34 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.)
ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> [2009/11/12 16:33:10 | 000,141,600 | ---- | M] (Apple Inc.)
ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.)
qttask.exe -> C:\Program Files\QuickTime\QTTask.exe -> [2009/11/10 23:08:18 | 000,417,792 | ---- | M] (Apple Inc.)
applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.)
ymsgr_tray.exe -> C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe -> [2009/05/26 20:06:32 | 000,079,088 | ---- | M] (Yahoo! Inc.)
askupgrade.exe -> C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -> [2009/04/02 12:47:04 | 000,234,888 | ---- | M] ()
askservice.exe -> C:\Program Files\AskBarDis\bar\bin\AskService.exe -> [2009/04/02 12:47:02 | 000,464,264 | ---- | M] ()
teatimer.exe -> C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -> [2009/03/05 15:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.)
searchprotection.exe -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe -> [2009/02/23 08:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc)
mdnsresponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.)
yahooauservice.exe -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
wscntfy.exe -> C:\WINDOWS\system32\wscntfy.exe -> [2008/04/13 19:12:41 | 000,013,824 | ---- | M] (Microsoft Corporation)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
googletoolbarnotifier.exe -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2007/07/26 20:58:28 | 000,068,856 | ---- | M] (Google Inc.)
viewpointservice.exe -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation)
ustorsrv.exe -> C:\WINDOWS\system32\UStorSrv.exe -> [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi)
lexbces.exe -> C:\WINDOWS\system32\LEXBCES.EXE -> [2002/02/11 13:29:44 | 000,303,104 | ---- | M] (Lexmark International, Inc.)
lexpps.exe -> C:\WINDOWS\system32\LEXPPS.EXE -> [2002/02/09 14:48:42 | 000,174,592 | ---- | M] (Lexmark International, Inc.)
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/02/08 12:08:38 | 000,632,320 | ---- | M] (OldTimer Tools)
[Win32 Services - Safe List]
(gupdate) Google Update Service (gupdate) [Auto | Stopped] -> C:\Program Files\Google\Update\GoogleUpdate.exe -> [2010/02/03 17:42:34 | 000,135,664 | ---- | M] (Google Inc.)
(avg9wd) AVG Free WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2009/11/30 22:34:34 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.)
(iPod Service) iPod Service [On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.)
(Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.)
(gusvc) Google Software Updater [On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/06/19 16:14:30 | 000,182,768 | ---- | M] (Google)
(ASKUpgrade) ASKUpgrade [Auto | Running] -> C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -> [2009/04/02 12:47:04 | 000,234,888 | ---- | M] ()
(ASKService) ASKService [Auto | Running] -> C:\Program Files\AskBarDis\bar\bin\AskService.exe -> [2009/04/02 12:47:02 | 000,464,264 | ---- | M] ()
(Bonjour Service) Bonjour Service [Auto | Running] -> C:\Program Files\Bonjour\mDNSResponder.exe -> [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.)
(YahooAUService) Yahoo! Updater [Auto | Running] -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
(Viewpoint Manager Service) Viewpoint Manager Service [Auto | Running] -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation)
(WinDefend) Windows Defender [Auto | Stopped] -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation)
(UStorage Server Service) UStorage Server Service [Auto | Running] -> C:\WINDOWS\System32\UStorSrv.exe -> [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi)
(PrismXL) PrismXL [Disabled | Stopped] -> C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -> [2005/07/29 07:08:53 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.)
(IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation)
(ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 14:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation)
(LexBceS) LexBce Server [Auto | Running] -> C:\WINDOWS\system32\LEXBCES.EXE -> [2002/02/11 13:29:44 | 000,303,104 | ---- | M] (Lexmark International, Inc.)
[Driver Services - Safe List]
(AvgTdiX) AVG Free8 Network Redirector [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgtdix.sys -> [2009/11/30 22:35:58 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgldx86.sys -> [2009/11/30 22:35:55 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> C:\WINDOWS\System32\Drivers\avgmfx86.sys -> [2009/11/30 22:35:55 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.)
(USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbaapl.sys -> [2009/08/28 19:42:52 | 000,040,448 | ---- | M] (Apple, Inc.)
(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -> [2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(Secdrv) Secdrv [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 05:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2007/07/25 21:53:30 | 000,043,528 | ---- | M] (Sonic Solutions)
(VIAudio) Vinyl AC'97 Audio Controller (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\vinyl97.sys -> [2006/08/10 06:32:14 | 000,204,672 | ---- | M] (VIA Technologies, Inc.)
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\mdmxsdk.sys -> [2005/10/05 15:57:08 | 000,012,544 | ---- | M] (Conexant)
(ASCTRM) ASCTRM [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\asctrm.sys -> [2005/07/29 07:26:48 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2005/07/22 11:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.)
(HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWBS2.sys -> [2005/07/22 11:01:10 | 000,231,168 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2005/07/22 11:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.)
(viagfx) viagfx [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\vtmini.sys -> [2005/04/06 20:31:36 | 000,173,696 | ---- | M] (Copyright (C) VIA/S3 Graphics Co, Ltd.)
(SunkFilt) Alcor Micro Corp Reader [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Sunkfilt.sys -> [2004/11/15 19:41:54 | 000,036,804 | ---- | M] (Alcor Micro Corp.)
(RTL8023) Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtlnic51.sys -> [2004/08/13 12:49:00 | 000,065,280 | ---- | M] (Realtek Semiconductor Corporation )
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/04 14:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.)
(rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\RTL8139.sys -> [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(HSF_DP) HSF_DP [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\HSF_DP.sys -> [2004/06/17 17:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.)
(ldiskl) ldiskl [Kernel | On_Demand | Stopped] -> C:\Documents and Settings\Owner\Local Settings\Temp\ldiskl.sys -> [2004/04/19 11:17:41 | 000,015,872 | ---- | M] ()
(incdrm) InCD EasyWrite Reader [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\incdrm.sys -> [2003/12/30 06:38:52 | 000,028,080 | ---- | M] (Ahead Software AG)
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ALCXWDM.SYS -> [2003/12/09 13:16:00 | 000,626,977 | ---- | M] (Realtek Semiconductor Corp.)
(ALCXSENS) Service for WDM 3D Audio Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ALCXSENS.SYS -> [2003/12/09 13:16:00 | 000,400,384 | ---- | M] (Sensaura)
(viaagp1) VIA AGP Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\viaagp1.sys -> [2003/07/02 07:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.)
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\wanatw4.sys -> [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.)
(Sparrow) Sparrow [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/17 23:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.)
(sym_u3) sym_u3 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/17 23:07:42 | 000,030,688 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/17 23:07:40 | 000,028,384 | ---- | M] (LSI Logic)
(symc8xx) symc8xx [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/17 23:07:36 | 000,032,640 | ---- | M] (LSI Logic)
(symc810) symc810 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/17 23:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.)
(ultra) ultra [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 22:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.)
(ql12160) ql12160 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 22:52:20 | 000,045,312 | ---- | M] (QLogic Corporation)
(ql1080) ql1080 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 22:52:20 | 000,040,320 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 22:52:18 | 000,049,024 | ---- | M] (QLogic Corporation)
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 22:52:16 | 000,179,584 | ---- | M] (Mylex Corporation)
(mraid35x) mraid35x [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 22:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.)
(asc) asc [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 22:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 22:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.)
(AliIde) AliIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 22:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.)
(CmdIde) CmdIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/17 22:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.)
(mxnic) Macronix MX987xx Family Fast Ethernet NT Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mxnic.sys -> [2001/08/17 15:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. )
(FastPara) FastPara [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\fastpara.sys -> [1999/04/13 11:00:58 | 000,037,696 | ---- | M] (Microsoft Corporation)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Search\\"CustomSearch" -> http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html ->
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/ie ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: Main\\"Search Page" -> http://www.google.com ->
HKEY_USERS\.DEFAULT\: SearchURL\\"" -> http://www.google.com/keyword/%s ->
HKEY_USERS\.DEFAULT\: SearchURL\\"provider" -> gogl ->
HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2009/11/25 13:01:54 | 001,230,080 | ---- | M] ()
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: Main\\"Search Page" -> http://www.google.com ->
HKEY_USERS\S-1-5-18\: SearchURL\\"" -> http://www.google.com/keyword/%s ->
HKEY_USERS\S-1-5-18\: SearchURL\\"provider" -> gogl ->
HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2009/11/25 13:01:54 | 001,230,080 | ---- | M] ()
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\] > -> ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: Main\\"Search Page" -> http://www.google.com ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: Main\\"Start Page" -> http://www.ewebforce.com/ ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: Search\\"SearchAssistant" -> http://www.google.com/ie ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: SearchURL\\"" -> http://www.google.com/search?q=%s ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: URLSearchHooks\\"*{C94E154B-1459-4A47-966B-4B843BEFC7DB}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: URLSearchHooks\\"*{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2009/11/25 13:01:54 | 001,230,080 | ---- | M] ()
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: "ProxyEnable" -> 1 ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: "ProxyOverride" -> <local> ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\: "ProxyServer" -> http=127.0.0.1:5555 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions -> [2009/12/28 13:10:02 | 000,000,000 | ---D | M]
No name found -> C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} -> [2009/12/28 13:10:03 | 000,000,000 | ---D | M]
< HOSTS File > (351267 bytes and 12086 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
First 25 entries...
Reset Hosts
127.0.0.1 localhost
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 136136.net
127.0.0.1 www.136136.net
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17-plus.com
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 22:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/12/11 17:51:59 | 001,484,056 | ---- | M] (AVG Technologies CZ, s.r.o.)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 13:25:44 | 001,562,960 | RHS- | M] (Safer Networking Limited)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> [2007/07/12 03:00:35 | 000,501,136 | ---- | M] (Sun Microsystems, Inc.)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [Google Toolbar Notifier BHO] -> [2010/02/03 17:42:28 | 000,812,528 | ---- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}" [HKLM] -> C:\Program Files\AskBarDis\bar\bin\askBar.dll [Ask Toolbar] -> [2009/04/02 12:47:00 | 000,333,192 | ---- | M] (Ask.com)
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2009/11/25 13:01:54 | 001,230,080 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
ShellBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
WebBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{4982D40A-C53B-4615-B15B-B5B5E98D167C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2009/11/25 13:01:54 | 001,230,080 | ---- | M] ()
WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AVG9_TRAY" -> C:\Program Files\AVG\AVG9\avgtray.exe [C:\PROGRA~1\AVG\AVG9\avgtray.exe] -> [2009/12/31 11:39:07 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.)
"iTunesHelper" -> C:\Program Files\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2009/11/12 16:33:10 | 000,141,600 | ---- | M] (Apple Inc.)
"QuickTime Task" -> C:\Program Files\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2009/11/10 23:08:18 | 000,417,792 | ---- | M] (Apple Inc.)
"yrbufvpr" -> C:\Documents and Settings\Owner\Local Settings\Application Data\hhtpeo\kxnasftav.exe [C:\Documents and Settings\Owner\Local Settings\Application Data\hhtpeo\kxnasftav.exe] -> [2010/02/06 20:57:38 | 000,279,808 | ---- | M] ()
"YSearchProtection" -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe ["C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"] -> [2009/02/23 08:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc)
< RunServices [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices ->
"RegisterDropHandler" -> C:\Program Files\TextBridge Classic 2.0\Bin\RegisterDropHandler.exe [C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE] -> [1998/07/07 16:20:30 | 000,022,528 | ---- | M] ()
< Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DWQueuedReporting" -> C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE ["C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t] -> [2007/03/22 19:29:28 | 000,039,264 | ---- | M] (Microsoft Corporation)
"MySpaceIM" -> C:\Program Files\MySpace\IM\MySpaceIM.exe [C:\Program Files\MySpace\IM\MySpaceIM.exe] -> [2007/08/13 19:04:18 | 005,562,368 | ---- | M] ()
< Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DWQueuedReporting" -> C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE ["C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t] -> [2007/03/22 19:29:28 | 000,039,264 | ---- | M] (Microsoft Corporation)
"MySpaceIM" -> C:\Program Files\MySpace\IM\MySpaceIM.exe [C:\Program Files\MySpace\IM\MySpaceIM.exe] -> [2007/08/13 19:04:18 | 005,562,368 | ---- | M] ()
< Run [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DW6" -> C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe ["C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"] -> [2009/03/19 14:10:10 | 000,801,904 | ---- | M] (The Weather Channel Interactive, Inc.)
"Messenger (Yahoo!)" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe ["C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet] -> [2009/05/26 20:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.)
"Search Protection" -> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe] -> [2009/02/23 08:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc)
"SpybotSD TeaTimer" -> C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> [2009/03/05 15:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.)
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2007/07/26 20:58:28 | 000,068,856 | ---- | M] (Google Inc.)
"yrbufvpr" -> C:\Documents and Settings\Owner\Local Settings\Application Data\hhtpeo\kxnasftav.exe [C:\Documents and Settings\Owner\Local Settings\Application Data\hhtpeo\kxnasftav.exe] -> [2010/02/06 20:57:38 | 000,279,808 | ---- | M] ()
< RunOnce [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"Shockwave Updater" -> C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident\4.0; [C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6.3; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www8.agame.com/games/shockwave/t/traffic_slam/game_agame_com.htm"] -> File not found
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup ->
C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE -> [2005/10/20 12:04:08 | 000,038,912 | ---- | M] ()
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE -> [2005/10/20 12:04:08 | 000,038,912 | ---- | M] ()
-> C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler.exe -> [2009/10/13 20:49:20 | 000,189,952 | ---- | M] ()
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
\\"CDRAutoRun" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
\\"CDRAutoRun" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Google Search -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html] -> File not found
Backward Links -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html] -> File not found
Cached Snapshot of Page -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html] -> File not found
Similar Pages -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html] -> File not found
Translate into English -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Google Search -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html] -> File not found
Backward Links -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html] -> File not found
Cached Snapshot of Page -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html] -> File not found
Similar Pages -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html] -> File not found
Translate into English -> C:\Program Files\Google\GoogleToolbar1.dll [res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\Software\Microsoft\Internet Explorer\MenuExt\ ->
Google Sidewiki... -> C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> [2010/02/03 17:34:24 | 000,848,896 | ---- | M] (Google Inc.)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Menu: Sun Java Console] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2008/09/15 13:25:44 | 001,562,960 | RHS- | M] (Safer Networking Limited)
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}:Exec [HKLM] -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [Button: Yahoo! Messenger] -> [2009/05/26 20:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.)
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}:Exec [HKLM] -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [Menu: Yahoo! Messenger] -> [2009/05/26 20:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.)
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Sun Java Console] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{3369AF0D-62E9-4bda-8103-B4C75499B578}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{4982D40A-C53B-4615-B15B-B5B5E98D167C}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2008/09/15 13:25:44 | 001,562,960 | RHS- | M] (Safer Networking Limited)
CmdMapping\\"{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}" [HKLM] -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [Messenger Class] -> [2009/05/26 20:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Sun Java Console] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{3369AF0D-62E9-4bda-8103-B4C75499B578}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{4982D40A-C53B-4615-B15B-B5B5E98D167C}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2008/09/15 13:25:44 | 001,562,960 | RHS- | M] (Safer Networking Limited)
CmdMapping\\"{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}" [HKLM] -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [Messenger Class] -> [2009/05/26 20:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Sun Java Console] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{4982D40A-C53B-4615-B15B-B5B5E98D167C}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2008/09/15 13:25:44 | 001,562,960 | RHS- | M] (Safer Networking Limited)
CmdMapping\\"{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}" [HKLM] -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [Messenger Class] -> [2009/05/26 20:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6237 domain(s) found. ->
59 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6236 domain(s) found. ->
58 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6236 domain(s) found. ->
58 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4152 domain(s) found. ->
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4152 domain(s) found. ->
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6236 domain(s) found. ->
58 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> http://www.apple.com/qtactivex/qtplugin.cab [QuickTime Object] ->
{15B782AF-55D8-11D1-B477-006097098764} [HKLM] -> http://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab [Macromedia Authorware Web Player Control] ->
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://go.microsoft.com/fwlink/?linkid=39204 [Windows Genuine Advantage Validation Tool] ->
{1EF9F042-C2EB-4293-8213-474CAEEF531D} [HKLM] -> http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB [TmHcmsX Control] ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} [HKLM] -> http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab [Trend Micro ActiveX Scan Agent 6.6] ->
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} [HKLM] -> C:\Program Files\Yahoo!\Common\yinsthelper.dll [YInstStarter Class] ->
{3DCEC959-378A-4922-AD7E-FD5C925D927F} [HKLM] -> http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab [Disney Online Games ActiveX Control] ->
{48DD0448-9209-4F81-9F6D-D83562940134} [HKLM] -> http://lads.myspace.com/upload/MySpaceUploader1006.cab [MySpace Uploader Control] ->
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [HKLM] -> http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab [Reg Error: Key error.] ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155994418250 [MUWebControl Class] ->
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Java Plug-in 1.6.0_02] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] ->
{B1826A9F-4AA0-4510-BA77-9013E74E4B9B} [HKLM] -> http://www.trendmicro.com/spyware-scan/as4web.cab [Reg Error: Key error.] ->
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} [HKLM] -> http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab [Reg Error: Key error.] ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab [Java Plug-in 1.5.0_06] ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab [Java Plug-in 1.5.0_09] ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab [Java Plug-in 1.5.0_10] ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab [Java Plug-in 1.5.0_11] ->
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Java Plug-in 1.6.0_01] ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Java Plug-in 1.6.0_02] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab [Java Plug-in 1.6.0_02] ->
{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [HKLM] -> [Reg Error: Value error.] ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
avgrsstarter -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/11/30 22:35:26 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" [HKLM] -> C:\Program Files\Windows Defender\MpShHook.dll [Microsoft AntiMalware ShellExecuteHook] -> [2006/11/03 18:20:00 | 000,083,224 | ---- | M] (Microsoft Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\Program Files\AVG\AVG9\avgnsx.exe" -> C:\Program Files\AVG\AVG9\avgnsx.exe [C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe] -> [2009/12/11 17:51:59 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" -> C:\Program Files\AVG\AVG9\avgupd.exe [C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe] -> [2009/12/11 17:49:25 | 001,007,896 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2009/11/12 16:33:04 | 010,358,048 | ---- | M] (Apple Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> File not found
"C:\Program Files\Pearl Harbor - Zero Hour\PHarbor.exe" -> C:\Program Files\Pearl Harbor - Zero Hour\PHarbor.exe [C:\Program Files\Pearl Harbor - Zero Hour\PHarbor.exe:*:Disabled:PHarbor] -> [2001/05/14 16:19:28 | 000,340,019 | ---- | M] ()
"C:\Program Files\VideoLAN\VLC\vlc.exe" -> C:\Program Files\VideoLAN\VLC\vlc.exe [C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player] -> [2008/11/13 06:34:18 | 000,114,840 | ---- | M] ()
"C:\Program Files\Vuze\Azureus.exe" -> C:\Program Files\Vuze\Azureus.exe [C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus] -> [2009/06/22 18:45:12 | 000,199,616 | ---- | M] (Vuze Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> [2009/05/26 20:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/08/26 13:04:39 | 000,000,000 | ---- | M] ()
D:\Autorun.inf [[AUTORUN] | SHELLEXECUTE=Info.exe folder.htt 480 480 | ] -> D:\Autorun.inf [ FAT32 ] -> [2004/09/13 12:15:24 | 000,000,053 | -HS- | M] ()
D:\autorun.inf.aug.8 [[AUTORUN] | OPEN=Info.exe folder.htt 480 480 | ] -> D:\autorun.inf.aug.8 [ FAT32 ] -> [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] ()
E:\Autorun.inf [[autorun] | OPEN=Install.EXE | ICON=VDSFish.ICO | ] -> E:\Autorun.inf [ CDFS ] -> [1999/01/08 22:53:24 | 000,000,047 | R--- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{36db705f-3c72-11d8-a150-806d6172696f}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36db705f-3c72-11d8-a150-806d6172696f}\Shell
\{36db705f-3c72-11d8-a150-806d6172696f}\Shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36db705f-3c72-11d8-a150-806d6172696f}\Shell\AutoRun
\{36db705f-3c72-11d8-a150-806d6172696f}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found
\{4021e6df-0a2a-11da-b762-806d6172696f}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4021e6df-0a2a-11da-b762-806d6172696f}\Shell
\{4021e6df-0a2a-11da-b762-806d6172696f}\Shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4021e6df-0a2a-11da-b762-806d6172696f}\Shell\AutoRun
\{4021e6df-0a2a-11da-b762-806d6172696f}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found
\{dcd886df-1ef9-11da-9a49-806d6172696f}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcd886df-1ef9-11da-9a49-806d6172696f}\Shell
\{dcd886df-1ef9-11da-9a49-806d6172696f}\Shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcd886df-1ef9-11da-9a49-806d6172696f}\Shell\AutoRun
\{dcd886df-1ef9-11da-9a49-806d6172696f}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found
\{deff3a65-0821-11da-8b7d-806d6172696f}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deff3a65-0821-11da-8b7d-806d6172696f}\Shell
\{deff3a65-0821-11da-8b7d-806d6172696f}\Shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deff3a65-0821-11da-8b7d-806d6172696f}\Shell\AutoRun
\{deff3a65-0821-11da-8b7d-806d6172696f}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
[Registry - Additional Scans - Safe List]
< Disabled MSConfig Services [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services ->
"Apple Mobile Device" -> ->
"AresChatServer" -> ->
"AVGEMS" -> ->
"gusvc" -> ->
"iPod Service" -> ->
"PrismXL" -> ->
< Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ ->
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> File not found
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk -> C:\Program Files\BigFix\BigFix.exe -> [2002/07/31 12:22:26 | 001,742,384 | ---- | M] (BigFix Inc.)
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EZ Station.lnk -> C:\WINDOWS\twain_32\IBMScanner\SxCenter.exe -> [1999/04/29 17:03:54 | 000,452,608 | ---- | M] (Compeye Corp.)
C:^Documents and Settings^Owner^Start Menu^Programs^Startup^reminder-ScanSoft Product Registration.lnk -> C:\Program Files\TextBridge Classic 2.0\Ereg\REMIND32.EXE -> [1998/07/07 14:13:58 | 000,045,056 | ---- | M] ()
< Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ ->
Adobe Photo Downloader hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> [2007/03/09 10:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated)
Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe -> [2008/10/15 00:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated)
Aim6 hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
CanonMyPrinter hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Canon\MyPrinter\BJMyPrt.exe -> [2006/10/16 20:40:00 | 001,197,648 | ---- | M] (CANON INC.)
ctfmon.exe hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
dqdnsxdxuq hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> c:\documents and settings\owner\local settings\application data\dqdnsxdxuq.exe -> File not found
DSS hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE -> File not found
HostManager hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\AOL\1142267845\ee\aolsoftware.exe -> [2006/05/09 19:24:16 | 000,050,760 | ---- | M] (America Online, Inc.)
InCD hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Ahead\InCD\InCD.exe -> File not found
InstantAccess hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\TextBridge Classic 2.0\Bin\InstantAccess.exe -> [1998/07/07 16:04:24 | 000,037,376 | ---- | M] ()
IPHSend hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe -> [2006/02/17 11:59:46 | 000,124,520 | ---- | M] (America Online, Inc.)
iTunesHelper hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\iTunes\iTunesHelper.exe -> [2009/11/12 16:33:10 | 000,141,600 | ---- | M] (Apple Inc.)
MySpaceIM hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\MySpace\IM\MySpaceIM.exe -> [2007/08/13 19:04:18 | 005,562,368 | ---- | M] ()
NeroFilterCheck hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
QuickTime Task hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\QuickTime\QTTask.exe -> [2009/11/10 23:08:18 | 000,417,792 | ---- | M] (Apple Inc.)
Random scan hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
Recguard hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\SMINST\Recguard.exe -> [2002/09/14 01:42:26 | 000,212,992 | ---- | M] ()
RegisterDropHandler hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\TextBridge Classic 2.0\Bin\RegisterDropHandler.exe -> [1998/07/07 16:20:30 | 000,022,528 | ---- | M] ()
Reminder hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\creator\remind_xp.exe -> [2005/03/15 12:04:08 | 000,966,656 | ---- | M] (SoftThinks)
RemoteControl hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe -> [2004/11/02 22:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.)
SoundMan hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\SOUNDMAN.EXE -> [2003/12/09 13:17:00 | 000,067,584 | ---- | M] (Realtek Semiconductor Corp.)
SpybotSD TeaTimer hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -> [2009/03/05 15:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.)
SunJavaUpdateSched hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe -> [2007/07/12 03:00:36 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
SunKistEM hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Digital Media Reader\shwiconEM.exe -> [2004/11/15 17:04:32 | 000,135,168 | ---- | M] (Alcor Micro, Corp.)
swg hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2007/07/26 20:58:28 | 000,068,856 | ---- | M] (Google Inc.)
VTTimer hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
Windows Defender hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Windows Defender\MSASCui.exe -> [2006/11/03 18:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation)
wpmpormd.exe hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
< Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state ->
"bootini" -> 0 ->
"services" -> 2 ->
"startup" -> 2 ->
"system.ini" -> 0 ->
"win.ini" -> 0 ->
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
"msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2000/06/23 13:06:08 | 000,192,000 | ---- | M] (Ligos Corporation)
"msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2008/04/13 19:09:57 | 000,290,816 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008/04/13 19:10:50 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.)
"msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2004/08/04 14:00:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.)
"vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2008/04/13 19:11:54 | 000,080,384 | ---- | M] (Radius Inc.)
"vidc.DIVX" -> C:\WINDOWS\System32\DivX.dll [DivX.dll] -> [2008/11/21 16:45:06 | 000,684,032 | ---- | M] (DivX, Inc.)
"vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 14:00:00 | 000,199,168 | ---- | M] ()
"vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 14:00:00 | 000,199,168 | ---- | M] ()
"vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008/04/13 19:12:42 | 000,848,384 | ---- | M] (Intel Corporation)
"vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2000/06/23 09:36:48 | 000,745,984 | ---- | M] (Ligos Corporation)
"vidc.yv12" -> C:\WINDOWS\System32\DivX.dll [DivX.dll] -> [2008/11/21 16:45:06 | 000,684,032 | ---- | M] (DivX, Inc.)
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ ->
{0291E591-EA41-4c82-8106-3DC6CE7F7664} [HKLM] -> C:\Program Files\Yahoo!\Common\yinsthelper.dll [YInstStarterUpgrade Class] -> [2006/07/30 13:25:34 | 000,188,968 | ---- | M] (Yahoo! Inc.)
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.)
{03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2007/01/05 10:32:12 | 000,254,022 | ---- | M] (Viewpoint Corporation)
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\WINDOWS\system32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2009/01/16 16:19:40 | 000,202,168 | ---- | M] (Adobe Systems, Inc.)
{1A7793DE-2598-4fa8-9EC5-9442CDE5E1CC} [HKLM] -> C:\Program Files\Screensavers.com\SSSInst\bin\SSSInst.dll [Installer Class] -> File not found
{1B00725B-C455-4DE6-BFB6-AD540AD427CD} [HKLM] -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll [MetaStreamCtl Class] -> [2007/01/05 10:32:12 | 000,254,022 | ---- | M] (Viewpoint Corporation)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2009/01/16 16:19:40 | 000,202,168 | ---- | M] (Adobe Systems, Inc.)
{2C70F37F-144A-49b4-BC53-3CB658E6D247} [HKLM] -> C:\Program Files\Screensavers.com\SSSInst\bin\SSSInst.dll [Sinstaller Class] -> File not found
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [HKLM] -> C:\Program Files\Yahoo!\Common\yinsthelper.dll [YInstStarter Class] -> [2006/07/30 13:25:34 | 000,188,968 | ---- | M] (Yahoo! Inc.)
{33B16641-F94B-4CD0-8D2B-0633B2C35790} [HKLM] -> C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll [Google Update Plugin] -> [2010/02/03 17:42:34 | 000,220,144 | ---- | M] (Google Inc.)
{347B0667-C7ED-429B-BDE3-CC8D3BACAA31} [HKLM] -> C:\Program Files\Yahoo!\Common\yinsthelper.dll [YSearchSetting2 Class] -> [2006/07/30 13:25:34 | 000,188,968 | ---- | M] (Yahoo! Inc.)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.)
{444785F1-DE89-4295-863A-D46C3A781394} [HKLM] -> C:\Program Files\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2009/04/13 14:06:11 | 000,591,088 | ---- | M] (Unity Technologies ApS)
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\wsdetect.dll [isInstalled Class] -> [2007/07/12 03:00:46 | 000,110,592 | ---- | M] (Sun Microsystems, Inc.)
{64AA7031-C150-4118-8D31-FD273A2BB22C} [HKLM] -> C:\Program Files\Yahoo!\Common\Yverinfo.dll [PSFactoryBuffer] -> [2007/08/27 13:53:58 | 000,079,128 | ---- | M] (Yahoo! Inc.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> [2007/07/12 03:00:35 | 000,501,136 | ---- | M] (Sun Microsystems, Inc.)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Java Plug-in 1.6.0_02] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
{B345F37E-6763-433b-BC53-9B526A9B7B8B} [HKLM] -> C:\Program Files\Yahoo!\Common\Yverinfo.dll [Yahoo! VersionInfo2] -> [2007/08/27 13:53:58 | 000,079,128 | ---- | M] (Yahoo! Inc.)
{BAEB32D0-732D-11d2-8BF4-0060B0A4A9EA} [HKLM] -> C:\Program Files\AIM6\services\imApp\ver6_5_9_1\isAim.dll [aimlocator Class] -> [2008/01/03 11:12:25 | 000,083,296 | ---- | M] (America Online Inc)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2008/10/14 20:29:50 | 000,632,168 | ---- | M] (Adobe Systems, Inc.)
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Java Plug-in 1.6.0_02] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Java Plug-in 1.6.0_02] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Java Plug-in 1.6.0_02] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.)
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2005/07/29 07:26:50 | 000,157,696 | ---- | M] (RealNetworks)
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx [Shockwave Flash Object] -> [2009/10/27 22:31:12 | 003,982,240 | R--- | M] (Adobe Systems, Inc.)
{D5184A39-CBDF-4A4F-AC1A-7A45A852C883} [HKLM] -> C:\Program Files\Yahoo!\Common\Yverinfo.dll [Yahoo! VersionInfo] -> [2007/08/27 13:53:58 | 000,079,128 | ---- | M] (Yahoo! Inc.)
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2009/11/12 16:33:00 | 000,111,912 | ---- | M] (Apple Inc.)
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] -> C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll [MessengerChecker Class] -> [2009/05/26 20:06:34 | 000,103,664 | ---- | M] (Yahoo! Inc.)
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 22:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated)
{201F27D4-3704-41D6-89C1-AA35E39143ED} [HKLM] -> C:\Program Files\AskBarDis\bar\bin\askBar.dll [AskBar BHO] -> [2009/04/02 12:47:00 | 000,333,192 | ---- | M] (Ask.com)
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2009/01/16 16:19:40 | 000,202,168 | ---- | M] (Adobe Systems, Inc.)
{3041D03E-FD4B-44E0-B742-2D9B88305F98} [HKLM] -> C:\Program Files\AskBarDis\bar\bin\askBar.dll [Ask Toolbar] -> [2009/04/02 12:47:00 | 000,333,192 | ---- | M] (Ask.com)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/12/11 17:51:59 | 001,484,056 | ---- | M] (AVG Technologies CZ, s.r.o.)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 13:25:44 | 001,562,960 | RHS- | M] (Safer Networking Limited)
{754FF233-5D4E-11D2-875B-00A0C93C09B3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> [2007/07/12 03:00:35 | 000,501,136 | ---- | M] (Sun Microsystems, Inc.)
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx [Facebook Photo Uploader 5 Control] -> [2009/07/29 21:21:24 | 003,540,488 | ---- | M] ()
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Java Plug-in 1.6.0_02] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
{A3BC75A2-1F87-4686-AA43-5347D756017C} [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2009/11/25 13:01:54 | 001,230,080 | ---- | M] ()
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [Google Toolbar Notifier BHO] -> [2010/02/03 17:42:28 | 000,812,528 | ---- | M] (Google Inc.)
{B1549E58-3894-11D2-BB7F-00A0C999C4C1} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BDD307C3-7BC0-4542-9F8F-A9611FE6C1BF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C533ADF1-0C80-11D1-8C54-00A02468F316} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2009/11/25 13:01:54 | 001,230,080 | ---- | M] ()
{CCCCCCD3-666F-4F81-8B69-745DE9F6D897} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx [Shockwave Flash Object] -> [2009/10/27 22:31:12 | 003,982,240 | R--- | M] (Adobe Systems, Inc.)
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ ->
{0006F033-0000-0000-C000-000000000046} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE [Microsoft Outlook 8.0 Object Library] -> [2009/06/22 20:23:38 | 000,196,424 | ---- | M] (Microsoft Corporation)
{0006F03A-0000-0000-C000-000000000046} [HKLM] -> Reg Error: Value error. [Microsoft Office Outlook] -> File not found
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Script Object] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 22:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated)
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
{201F27D4-3704-41D6-89C1-AA35E39143ED} [HKLM] -> C:\Program Files\AskBarDis\bar\bin\askBar.dll [AskBar BHO] -> [2009/04/02 12:47:00 | 000,333,192 | ---- | M] (Ask.com)
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\WINDOWS\system32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2009/01/16 16:19:40 | 000,202,168 | ---- | M] (Adobe Systems, Inc.)
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx [DHTML Edit Control Safe for Scripting for IE5] -> [2009/07/27 17:27:12 | 000,128,512 | ---- | M] (Microsoft Corporation)
{3041D03E-FD4B-44E0-B742-2D9B88305F98} [HKLM] -> C:\Program Files\AskBarDis\bar\bin\askBar.dll [Ask Toolbar] -> [2009/04/02 12:47:00 | 000,333,192 | ---- | M] (Ask.com)
{38481807-CA0E-42D2-BF39-B33AF135CC4D} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL [IETag Factory] -> [2007/04/19 14:09:30 | 000,167,256 | ---- | M] (Microsoft Corporation)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/12/11 17:51:59 | 001,484,056 | ---- | M] (AVG Technologies CZ, s.r.o.)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/10 23:35:52 | 000,795,952 | ---- | M] (Apple Inc.)
{444785F1-DE89-4295-863A-D46C3A781394} [HKLM] -> C:\Program Files\Unity\WebPlayer\loader\UnityWebPluginAX.ocx [UnityWebPlayer Control] -> [2009/04/13 14:06:11 | 000,591,088 | ---- | M] (Unity Technologies ApS)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 13:25:44 | 001,562,960 | RHS- | M] (Safer Networking Limited)
{54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> [2007/07/12 03:00:35 | 000,501,136 | ---- | M] (Sun Microsystems, Inc.)
{7CED64F0-1DD2-11B2-B67A-EBF3610319AB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx [Facebook Photo Uploader 5 Control] -> [2009/07/29 21:21:24 | 003,540,488 | ---- | M] ()
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll [Java Plug-in 1.6.0_02] -> [2007/07/12 03:00:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9522B3FB-7A2B-4646-8AF6-36E7F593073C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A057A204-BACC-4D26-9990-79A187E2698E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A3BC75A2-1F87-4686-AA43-5347D756017C} [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2009/11/25 13:01:54 | 001,230,080 | ---- | M] ()
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/02/03 17:33:47 | 000,279,664 | ---- | M] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [Google Toolbar Notifier BHO] -> [2010/02/03 17:42:28 | 000,812,528 | ---- | M] (Google Inc.)
{BD96C556-65A3-11D0-983A-00C04FC29E36} [HKLM] -> C:\Program Files\Common Files\System\msadc\msadco.dll [RDS.DataSpace] -> [2008/04/13 19:11:58 | 000,143,360 | ---- | M] (Microsoft Corporation)
{BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSClientMiscApis Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation)
{BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\OWSCLT.DLL [OWSBrowserUI Class] -> [2007/04/19 14:10:32 | 000,648,544 | ---- | M] (Microsoft Corporation)
{BEAC7DC8-E106-4C6A-931E-5A42E7362883} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2008/10/14 20:29:50 | 000,632,168 | ---- | M] (Adobe Systems, Inc.)
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2009/11/25 13:01:54 | 001,230,080 | ---- | M] ()
{CD67F990-D8E9-11D2-98FE-00C0F0318AFE} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [HKLM] -> C:\WINDOWS\system32\rmoc3260.dll [RealPlayer G2 Control] -> [2005/07/29 07:26:50 | 000,157,696 | ---- | M] (RealNetworks)
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx [Shockwave Flash Object] -> [2009/10/27 22:31:12 | 003,982,240 | R--- | M] (Adobe Systems, Inc.)
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2009/11/12 16:33:00 | 000,111,912 | ---- | M] (Apple Inc.)
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] -> C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll [MessengerChecker Class] -> [2009/05/26 20:06:34 | 000,103,664 | ---- | M] (Yahoo! Inc.)
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [HKLM] -> C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx [QuickTimeCheck Class] -> [2009/11/10 23:35:52 | 000,136,496 | ---- | M] (Apple Inc.)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{E18FEC31-2EA1-49A2-A7A6-902DC0D1FF05} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\NAME.DLL [NameCtrl Class] -> [2007/04/19 14:10:26 | 000,080,216 | ---- | M] (Microsoft Corporation)
{E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e3e02f12-2adb-478c-8742-5f0819f9f0f4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e473a65c-8087-49a3-affd-c5bc4a10669b} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} [HKLM] -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [Messenger Class] -> [2009/05/26 20:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.)
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{F0E42D40-368C-11D0-AD81-00A0C90DC8D9} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Snapshot Viewer\SNAPVIEW.OCX [Snapshot Viewer Control 11.0] -> [2008/07/12 12:35:48 | 000,136,200 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{FC345D4C-B8F4-4674-BFF7-3C37D2E535EE} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{fd6484ed-ebe3-4c3d-938a-8238003b41b7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.html [@ = htmlfile] -> C:\Program Files\Internet Explorer\IEXPLORE.EXE -> [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 -> -> File not found
Ias -> C:\WINDOWS\system32\ias -> [2004/08/26 13:03:54 | 000,000,000 | ---D | M]
Iprip -> -> File not found
Irmon -> -> File not found
NWCWorkstation -> -> File not found
Nwsapagent -> -> File not found
Wmi -> C:\WINDOWS\system32\wmi.dll -> [2008/04/13 19:11:15 | 000,005,632 | ---- | M] (Microsoft Corporation)
WmdmPmSp -> -> File not found
*MultiFile Done* -> ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKLM] -> C:\Program Files\AVG\AVG9\avgpp.dll[XPLPPFilter Class] -> [2009/11/30 22:35:08 | 000,091,416 | ---- | M] (AVG Technologies CZ, s.r.o.)
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
System Bus Extender -> Driver Group
vds -> Service
vga.sys -> Driver
WinDefend -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation)
< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
NDIS Wrapper -> Driver Group
NetBIOSGroup -> Driver Group
NetDDEGroup -> Driver Group
Network -> Driver Group
NetworkProvider -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sermouse.sys -> Driver
Streams Drivers -> Driver Group
System Bus Extender -> Driver Group
TDI -> Driver Group
vga.sys -> Driver
WinDefend -> C:\Program Files\Windows Defender\MsMpEng.exe -> [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"FirstRunDisabled" -> [1] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
\\"AntiVirusOverride" -> [0] -> File not found
\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [0] -> File not found
\\"DoNotAllowExceptions" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2008/12/12 10:11:44 | 000,147,456 | ---- | M] (Apple Inc.)
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{07287123-B8AC-41CE-8346-3D777245C35B} -> Bonjour
{0A053D60-9267-11D5-8A2B-0050DA8B7D89} -> Planescape - Torment
{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1800_series -> Canon iP1800 series
{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} -> QuickTime
{15377C3E-9655-400F-B441-E69F0A6BEAFE} -> Recovery Software Suite eMachines
{18455581-E099-4BA8-BC6B-F34B2F06600C} -> Google Toolbar for Internet Explorer
{18D10072035C4515918F7E37EAFAACFC} -> AutoUpdate
{1C7575B0-CCE2-4B96-83A8-F6DB45C0B945} -> Atlantis - Trial by Fire
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer
{2B43252C-A1E3-4C47-927C-9F2C276D3515} -> S3GSetup
{3248F0A8-6813-11D6-A77B-00B0D0150020} -> J2SE Runtime Environment 5.0 Update 2
{3248F0A8-6813-11D6-A77B-00B0D0150060} -> J2SE Runtime Environment 5.0 Update 6
{3248F0A8-6813-11D6-A77B-00B0D0150090} -> J2SE Runtime Environment 5.0 Update 9
{3248F0A8-6813-11D6-A77B-00B0D0150100} -> J2SE Runtime Environment 5.0 Update 10
{3248F0A8-6813-11D6-A77B-00B0D0150110} -> J2SE Runtime Environment 5.0 Update 11
{3248F0A8-6813-11D6-A77B-00B0D0160010} -> Java(TM) SE Runtime Environment 6 Update 1
{3248F0A8-6813-11D6-A77B-00B0D0160020} -> Java(TM) 6 Update 2
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{3FA365DF-2D68-45ED-8F83-8C8A33E65143} -> Apple Application Support
{416D80BA-6F6D-4672-B7CF-F54DA2F80B44} -> Microsoft Works
{5ED9E38C-9A96-49D8-89B3-92E278003FCF} -> TRS2006
{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} -> Windows Genuine Advantage v1.3.0254.0
{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD
{6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update
{6DE13770-01B7-4366-8DA6-48237793F445} -> VoiceOver Kit
{76EFFC7C-17A6-479D-9E47-8E658C1695AE} -> Windows Backup Utility
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{7B63B2922B174135AFC0E1377DD81EC2} -> DivX Codec
{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90} -> WebEx Support Manager for Internet Explorer
{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1} -> Digital Media Reader
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{8ADFC4160D694100B5B8A22DE9DCABD9} -> DivX Player
{90110409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edition 2003
{91120409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Standard Edition 2003
{94FB906A-CF42-4128-A509-D353026A607E} -> REALTEK Gigabit and Fast Ethernet NIC Driver
{A06275F4-324B-4E85-95E6-87B2CD729401} -> Windows Defender
{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2
{A3514A5F-40C5-4189-9C49-D7DAEB09FDCF} -> Chabner Short
{A654A805-41D9-40C7-AA46-4AF04F044D61} -> Adobe® Photoshop® Album Starter Edition 3.2
{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5} -> iTunes
{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116} -> SimCity 4 Deluxe
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} -> Apple Mobile Device Support
{AC76BA86-7AD7-1033-7B44-A81300000003} -> Adobe Reader 8.1.4
{B13A7C41581B411290FBC0395694E2A9} -> DivX Converter
{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 -> Spybot - Search & Destroy
{B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player
{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{E9688BE6-D55F-4B62-9422-99AC56572C0F} -> Pearl Harbor : Zero Hour
{FB08F381-6533-4108-B7DD-039E11FBC27E} -> Realtek AC'97 Audio
8461-7759-5462-8226 -> Vuze
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Adobe Shockwave Player -> Adobe Shockwave Player
Adobe® Photoshop® Album Starter Edition 3.2 -> Adobe® Photoshop® Album Starter Edition 3.2
AIM_6 -> AIM 6
AOL Uninstaller -> AOL Uninstaller (Choose which Products to Remove)
Ask Toolbar_is1 -> Vuze Toolbar
AVG9Uninstall -> AVG Free 9.0
BigFix -> BigFix
Canon iP1800 series User Registration -> Canon iP1800 series User Registration
CanonMyPrinter -> Canon My Printer
CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1 -> Soft Data Fax Modem with SmartCP
CompanionWizard -> Companion wizard
Coupon Printer for Windows5.0.0.0 -> Coupon Printer for Windows
Disney's Active Play LKII, Simba's Pride Demo -> Disney's Active Play LKII, Simba's Pride Demo
Disney's Active Play, A Bug's Life -> Disney's Active Play, A Bug's Life
Easy-LayoutPrint -> Canon Utilities Easy-LayoutPrint
Easy-PhotoPrint -> Canon Utilities Easy-PhotoPrint
EAX(tm) Unified (SHELL) -> EAX(tm) Unified (SHELL)
ElmosArtWorkshop -> Sesame Street Elmo's Art Workshop
ERUNT_is1 -> ERUNT 1.1j
Hunting Unlimited 2008 -> Hunting Unlimited 2008 1.0
IBM Scanner -> IBM Scanner
ie8 -> Windows Internet Explorer 8
Imation Disk Manager V a Service -> Imation Disk Manager V a Service
InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1} -> Digital Media Reader
InterActual Player -> InterActual Player
IrfanView -> IrfanView (remove only)
Lexmark Supplies Monitor -> Lexmark Supplies Monitor
Lexmark Z55 -> Lexmark Z55
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
Money2005b -> Microsoft Money 2005
Monopoly Star Wars -> Monopoly Star Wars
MRW!UninstallKey -> InCD EasyWrite Reader
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
MySpaceIM -> MySpaceIM
Network Play System (Patching) -> Network Play System (Patching)
PackMaster Millennium -> PackMaster Millennium
PhotoStudio Suite & IBM Scanner -> PhotoStudio Suite & IBM Scanner
Prison Tycoon 2 -> Prison Tycoon 2
Pro Media Director_is1 -> Pro Media Director Version 2.0.0.1
RealPlayer 6.0 -> RealPlayer Basic
RollerCoaster Tycoon Setup -> Roll
SimCity 3000 -> SimCity 3000
SimSafariUninstall -> SimSafari
Soulbringer -> Soulbringer
Spybot - Search & Destroy_is1 -> Spybot - Search & Destroy 1.5.2.20
Star Trek -- Starfleet Academy -> Star Trek -- Starfleet Academy
Sudden Strike -> Sudden Strike
TextBridge Classic 2.0 -> TextBridge Classic 2.0
Trend Micro HouseCall 6.6 -> HouseCall 6.6
UnityWebPlayer -> Unity Web Player
VIA/S3G UniChrome Family Win2K/XP Display -> VIA/S3G Display Driver
ViewpointMediaPlayer -> Viewpoint Media Player
Virtual Deep Sea Fishing -> Virtual Deep Sea Fishing
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Windows Media Player 11
Windows XP Service Pack -> Windows XP Service Pack 3
WinRAR archiver -> WinRAR archiver
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0
Yahoo! Messenger -> Yahoo! Messenger
Yahoo! Search Defender -> Yahoo! Search Protection
Yahoo! Software Update -> Yahoo! Software Update
YInstHelper -> Yahoo! Install Manager
< Uninstall List [HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\] > -> HKEY_USERS\S-1-5-21-2437707645-3878641263-1327713641-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
Move Media Player -> Move Media Player
uTorrent -> µTorrent
Warcraft III -> Warcraft III: All Products
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 2/6/2010 10:05:12 PM Computer Name = R-W2A4L6L8 | Source = Application Hang | ID = 1002 -> Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 2/6/2010 10:05:12 PM Computer Name = R-W2A4L6L8 | Source = Application Hang | ID = 1002 -> Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 2/6/2010 10:05:26 PM Computer Name = R-W2A4L6L8 | Source = Application Hang | ID = 1002 -> Description = Hanging application WINWORD.EXE, version 11.0.8313.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 2/7/2010 2:47:08 AM Computer Name = R-W2A4L6L8 | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 2/7/2010 9:47:10 AM Computer Name = R-W2A4L6L8 | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 2/7/2010 10:47:16 AM Computer Name = R-W2A4L6L8 | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 2/7/2010 4:47:14 PM Computer Name = R-W2A4L6L8 | Source = Google Update | ID = 20 -> Description =
Application [ Error ] 2/7/2010 5:09:36 PM Computer Name = R-W2A4L6L8 | Source = Application Hang | ID = 1002 -> Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 2/7/2010 5:16:33 PM Computer Name = R-W2A4L6L8 | Source = Application Hang | ID = 1002 -> Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 2/8/2010 1:47:09 PM Computer Name = R-W2A4L6L8 | Source = Google Update | ID = 20 -> Description =
System [ Error ] 2/8/2010 12:48:31 PM Computer Name = R-W2A4L6L8 | Source = Service Control Manager | ID = 7001 -> Description = The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31
System [ Error ] 2/8/2010 12:48:31 PM Computer Name = R-W2A4L6L8 | Source = Service Control Manager | ID = 7001 -> Description = The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: %%31
System [ Error ] 2/8/2010 12:48:31 PM Computer Name = R-W2A4L6L8 | Source = Service Control Manager | ID = 7001 -> Description = The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31
System [ Error ] 2/8/2010 12:48:31 PM Computer Name = R-W2A4L6L8 | Source = Service Control Manager | ID = 7001 -> Description = The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31
System [ Error ] 2/8/2010 12:48:31 PM Computer Name = R-W2A4L6L8 | Source = Service Control Manager | ID = 7001 -> Description = The Fax service depends on the Print Spooler service which failed to start because of the following error: %%1068
System [ Error ] 2/8/2010 12:48:31 PM Computer Name = R-W2A4L6L8 | Source = Service Control Manager | ID = 7001 -> Description = The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: %%31
System [ Error ] 2/8/2010 12:48:31 PM Computer Name = R-W2A4L6L8 | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips IPSec MRxSmb NetBIOS NetBT Processor RasAcd Rdbss Tcpip
System [ Error ] 2/8/2010 1:11:45 PM Computer Name = R-W2A4L6L8 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
System [ Error ] 2/8/2010 1:13:07 PM Computer Name = R-W2A4L6L8 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
System [ Error ] 2/8/2010 1:29:35 PM Computer Name = R-W2A4L6L8 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
[Files/Folders - Created Within 90 Days]
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/02/08 12:45:25 | 000,632,320 | ---- | C] (OldTimer Tools)
ERDNT -> C:\WINDOWS\ERDNT -> [2010/02/08 12:14:20 | 000,000,000 | ---D | C]
ERUNT -> C:\Program Files\ERUNT -> [2010/02/08 12:13:55 | 000,000,000 | ---D | C]
Updater5 -> C:\Documents and Settings\Owner\My Documents\Updater5 -> [2010/02/06 21:11:32 | 000,000,000 | ---D | C]
hhtpeo -> C:\Documents and Settings\Owner\Local Settings\Application Data\hhtpeo -> [2010/02/06 21:02:01 | 000,000,000 | ---D | C]
Google -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google -> [2010/02/03 17:50:00 | 000,000,000 | ---D | M]
Google -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Google -> [2010/02/03 17:43:03 | 000,000,000 | ---D | M]
Monopoly Star Wars -> C:\Program Files\Monopoly Star Wars -> [2010/01/29 22:21:04 | 000,000,000 | ---D | C]
AVG8 -> C:\Documents and Settings\Owner\Application Data\AVG8 -> [2010/01/19 19:44:28 | 000,000,000 | ---D | C]
Coupons -> C:\Program Files\Coupons -> [2010/01/18 10:22:16 | 000,000,000 | ---D | C]
iTunes -> C:\Program Files\iTunes -> [2010/01/13 18:41:14 | 000,000,000 | ---D | C]
{755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2010/01/13 18:41:14 | 000,000,000 | ---D | C]
QuickTime -> C:\Program Files\QuickTime -> [2010/01/13 18:36:30 | 000,000,000 | ---D | C]
aclayers.dll -> C:\WINDOWS\System32\dllcache\aclayers.dll -> [2010/01/13 16:26:24 | 000,471,552 | ---- | C] (Microsoft Corporation)
Hunting Unlimited 2008 -> C:\Program Files\Hunting Unlimited 2008 -> [2010/01/09 12:33:55 | 000,000,000 | ---D | C]
Azureus Downloads -> C:\Documents and Settings\Owner\My Documents\Azureus Downloads -> [2009/12/28 13:24:46 | 000,000,000 | ---D | C]
Azureus -> C:\Documents and Settings\All Users\Application Data\Azureus -> [2009/12/28 13:11:42 | 000,000,000 | ---D | C]
Azureus -> C:\Documents and Settings\Owner\Application Data\Azureus -> [2009/12/28 13:11:26 | 000,000,000 | ---D | C]
Mozilla -> C:\Documents and Settings\Owner\Application Data\Mozilla -> [2009/12/28 13:10:02 | 000,000,000 | ---D | C]
AskBarDis -> C:\Program Files\AskBarDis -> [2009/12/28 13:10:01 | 000,000,000 | ---D | C]
Vuze -> C:\Program Files\Vuze -> [2009/12/28 13:10:00 | 000,000,000 | ---D | C]
Vuze_Installer.exe -> C:\Vuze_Installer.exe -> [2009/12/28 13:04:39 | 008,755,648 | ---- | C] (Vuze Inc.)
New Folder (2) -> C:\Documents and Settings\Owner\Desktop\New Folder (2) -> [2009/12/05 11:23:31 | 000,000,000 | ---D | C]
Malwarebytes -> C:\Documents and Settings\Owner\Application Data\Malwarebytes -> [2009/12/04 14:50:10 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2009/12/04 14:49:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2009/12/04 14:49:56 | 000,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2009/12/04 14:49:55 | 000,019,160 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2009/12/04 14:49:55 | 000,000,000 | ---D | C]
mbam-setup.exe -> C:\mbam-setup.exe -> [2009/12/04 14:47:25 | 004,844,296 | ---- | C] (Malwarebytes Corporation )
$AVG -> C:\$AVG -> [2009/11/30 22:36:16 | 000,000,000 | -H-D | C]
avg9 -> C:\Documents and Settings\All Users\Application Data\avg9 -> [2009/11/30 22:34:19 | 000,000,000 | ---D | C]
SxsCaPendDel -> C:\WINDOWS\SxsCaPendDel -> [2009/11/30 22:33:27 | 000,000,000 | ---D | C]
Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2009/11/30 22:00:07 | 000,000,000 | --SD | M]
Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2009/11/30 22:00:07 | 000,000,000 | --SD | M]
Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2009/11/30 22:00:07 | 000,000,000 | ---D | M]
Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2009/11/30 22:00:07 | 000,000,000 | ---D | M]
avg_free_stb_en_9_40_free.exe -> C:\Documents and Settings\Owner\Desktop\avg_free_stb_en_9_40_free.exe -> [2009/11/30 18:26:40 | 000,891,208 | ---- | C] (AVG Technologies)
Thraex Software -> C:\Program Files\Common Files\Thraex Software -> [2009/11/26 20:25:33 | 000,000,000 | ---D | C]
Prison Tycoon 2 -> C:\Program Files\Prison Tycoon 2 -> [2009/11/26 20:25:24 | 000,000,000 | ---D | C]
New Folder -> C:\Documents and Settings\Owner\Desktop\New Folder -> [2009/11/14 11:01:25 | 000,000,000 | ---D | C]
PCHealth -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth -> [2008/08/11 05:49:17 | 000,000,000 | ---D | M]
Apple -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Apple -> [2008/02/20 20:20:11 | 000,000,000 | ---D | M]
Apple -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple -> [2007/09/19 19:20:01 | 000,000,000 | ---D | M]
Google -> C:\Documents and Settings\LocalService\Application Data\Google -> [2007/06/25 17:26:43 | 000,000,000 | ---D | M]
Macromedia -> C:\Documents and Settings\LocalService\Application Data\Macromedia -> [2007/02/20 22:04:31 | 000,000,000 | ---D | M]
Symantec -> C:\Documents and Settings\LocalService\Application Data\Symantec -> [2006/04/04 14:31:54 | 000,000,000 | ---D | M]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
[Files/Folders - Modified Within 90 Days]
Symantec NetDetect.job -> C:\WINDOWS\tasks\Symantec NetDetect.job -> [2010/02/08 12:50:00 | 000,000,366 | ---- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2010/02/08 12:47:09 | 000,000,886 | ---- | M] ()
ERUNT AutoBackup.lnk -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2010/02/08 12:43:35 | 000,000,767 | ---- | M] ()
NTREGOPT.lnk -> C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk -> [2010/02/08 12:43:31 | 000,000,611 | ---- | M] ()
ERUNT.lnk -> C:\Documents and Settings\Owner\Desktop\ERUNT.lnk -> [2010/02/08 12:43:30 | 000,000,592 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/02/08 12:33:23 | 000,001,170 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2010/02/08 12:30:46 | 000,000,882 | ---- | M] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/02/08 12:30:42 | 000,000,006 | -H-- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/02/08 12:30:34 | 000,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/02/08 12:30:33 | 468,242,432 | -HS- | M] ()
OTS.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2010/02/08 12:08:38 | 000,632,320 | ---- | M] (OldTimer Tools)
The_Comedian.exe -> C:\Documents and Settings\Owner\Desktop\The_Comedian.exe -> [2010/02/08 12:05:00 | 000,794,112 | ---- | M] ()
ntuser.dat -> C:\Documents and Settings\Owner\ntuser.dat -> [2010/02/08 11:45:37 | 011,534,336 | ---- | M] ()
ntuser.ini -> C:\Documents and Settings\Owner\ntuser.ini -> [2010/02/08 11:45:37 | 000,000,278 | -HS- | M] ()
incavi.avm -> C:\WINDOWS\System32\drivers\Avg\incavi.avm -> [2010/02/08 11:32:14 | 055,262,078 | ---- | M] ()
IconCache.db -> C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db -> [2010/02/07 16:36:18 | 002,108,418 | -H-- | M] ()
prvlcl.dat -> C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat -> [2010/02/06 22:23:40 | 000,000,000 | ---- | M] ()
~$rians comic book store -> C:\Documents and Settings\Owner\Desktop\~$rians comic book store -> [2010/02/06 21:04:40 | 000,000,162 | -H-- | M] ()
AdvancementReport 2-3-2010.pdf -> C:\Documents and Settings\Owner\My Documents\AdvancementReport 2-3-2010.pdf -> [2010/02/03 22:09:25 | 000,021,234 | ---- | M] ()
SIERRA.INI -> C:\WINDOWS\SIERRA.INI -> [2010/02/01 21:45:21 | 000,000,240 | ---- | M] ()
DeIsL1.isu -> C:\WINDOWS\DeIsL1.isu -> [2010/01/29 22:38:01 | 000,008,786 | ---- | M] ()
smsafari.ini -> C:\WINDOWS\smsafari.ini -> [2010/01/29 22:37:52 | 000,000,309 | ---- | M] ()
Copy of 2009UMR 1.xls -> C:\Documents and Settings\Owner\My Documents\Copy of 2009UMR 1.xls -> [2010/01/22 17:01:06 | 002,123,264 | ---- | M] ()
Copy of 2009UMR 1.rar -> C:\Documents and Settings\Owner\My Documents\Copy of 2009UMR 1.rar -> [2010/01/22 16:51:57 | 000,129,436 | ---- | M] ()
microavi.avg -> C:\WINDOWS\System32\drivers\Avg\microavi.avg -> [2010/01/19 19:45:19 | 000,142,495 | ---- | M] ()
drmHeader.bin -> C:\drmHeader.bin -> [2010/01/17 15:19:00 | 000,003,532 | ---- | M] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/01/17 15:11:47 | 000,002,137 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/01/14 11:37:37 | 000,001,374 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/01/12 22:58:04 | 000,203,776 | ---- | M] ()
Hunting Unlimited 2008.lnk -> C:\Documents and Settings\Owner\Desktop\Hunting Unlimited 2008.lnk -> [2010/01/09 12:36:16 | 000,000,822 | ---- | M] ()
AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2010/01/08 11:46:15 | 000,000,284 | ---- | M] ()
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/01/07 16:07:04 | 000,019,160 | ---- | M] (Malwarebytes Corporation)
trek safely.TIF -> C:\Documents and Settings\Owner\My Documents\trek safely.TIF -> [2010/01/03 15:02:59 | 000,029,678 | ---- | M] ()
WebEx Document Loader Port -> C:\WINDOWS\System32\WebEx Document Loader Port -> [2010/01/03 14:51:07 | 000,000,000 | ---- | M] ()
my documents -> C:\Documents and Settings\Owner\Desktop\my documents -> [2010/01/03 14:13:25 | 000,000,000 | ---- | M] ()
Roster+2009.xls -> C:\Documents and Settings\Owner\Desktop\Roster+2009.xls -> [2009/12/29 21:29:07 | 000,036,352 | ---- | M] ()
Vuze.lnk -> C:\Documents and Settings\All Users\Desktop\Vuze.lnk -> [2009/12/28 13:11:05 | 000,001,505 | ---- | M] ()
Vuze_Installer.exe -> C:\Vuze_Installer.exe -> [2009/12/28 13:04:41 | 008,755,648 | ---- | M] (Vuze Inc.)
urlmon.dll -> C:\WINDOWS\System32\dllcache\urlmon.dll -> [2009/12/21 14:14:05 | 001,208,832 | ---- | M] (Microsoft Corporation)
wininet.dll -> C:\WINDOWS\System32\dllcache\wininet.dll -> [2009/12/21 14:14:05 | 000,916,480 | ---- | M] (Microsoft Corporation)
mshtml.dll -> C:\WINDOWS\System32\dllcache\mshtml.dll -> [2009/12/21 14:14:04 | 005,942,784 | ---- | M] (Microsoft Corporation)
occache.dll -> C:\WINDOWS\System32\dllcache\occache.dll -> [2009/12/21 14:14:04 | 000,206,848 | ---- | M] (Microsoft Corporation)
iertutil.dll -> C:\WINDOWS\System32\dllcache\iertutil.dll -> [2009/12/21 14:14:03 | 001,985,536 | ---- | M] (Microsoft Corporation)
inetcpl.cpl -> C:\WINDOWS\System32\inetcpl.cpl -> [2009/12/21 14:14:03 | 001,469,440 | ---- | M] (Microsoft Corporation)
inetcpl.cpl -> C:\WINDOWS\System32\dllcache\inetcpl.cpl -> [2009/12/21 14:14:03 | 001,469,440 | ---- | M] (Microsoft Corporation)
msfeeds.dll -> C:\WINDOWS\System32\msfeeds.dll -> [2009/12/21 14:14:03 | 000,594,432 | ---- | M] (Microsoft Corporation)
msfeeds.dll -> C:\WINDOWS\System32\dllcache\msfeeds.dll -> [2009/12/21 14:14:03 | 000,594,432 | ---- | M] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\iepeers.dll -> [2009/12/21 14:14:03 | 000,184,320 | ---- | M] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\dllcache\iepeers.dll -> [2009/12/21 14:14:03 | 000,184,320 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\WINDOWS\System32\msfeedsbs.dll -> [2009/12/21 14:14:03 | 000,055,296 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\WINDOWS\System32\dllcache\msfeedsbs.dll -> [2009/12/21 14:14:03 | 000,055,296 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\WINDOWS\System32\jsproxy.dll -> [2009/12/21 14:14:03 | 000,025,600 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\WINDOWS\System32\dllcache\jsproxy.dll -> [2009/12/21 14:14:03 | 000,025,600 | ---- | M] (Microsoft Corporation)
ieframe.dll -> C:\WINDOWS\System32\dllcache\ieframe.dll -> [2009/12/21 14:14:02 | 011,070,464 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\WINDOWS\System32\iedkcs32.dll -> [2009/12/21 14:14:01 | 000,387,584 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\WINDOWS\System32\dllcache\iedkcs32.dll -> [2009/12/21 14:14:01 | 000,387,584 | ---- | M] (Microsoft Corporation)
ie4uinit.exe -> C:\WINDOWS\System32\ie4uinit.exe -> [2009/12/21 08:19:18 | 000,173,056 | ---- | M] (Microsoft Corporation)
ie4uinit.exe -> C:\WINDOWS\System32\dllcache\ie4uinit.exe -> [2009/12/21 08:19:18 | 000,173,056 | ---- | M] (Microsoft Corporation)
PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2009/12/11 17:41:49 | 000,562,200 | ---- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2009/12/11 17:41:49 | 000,468,268 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2009/12/11 17:41:49 | 000,083,054 | ---- | M] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/12/04 14:50:02 | 000,000,696 | ---- | M] ()
mbam-setup.exe -> C:\mbam-setup.exe -> [2009/12/04 14:47:28 | 004,844,296 | ---- | M] (Malwarebytes Corporation )
Troop+68+Handbook.pdf -> C:\Documents and Settings\Owner\My Documents\Troop+68+Handbook.pdf -> [2009/12/02 18:26:17 | 000,096,515 | ---- | M] ()
Popcorn.xls -> C:\Documents and Settings\Owner\Desktop\Popcorn.xls -> [2009/12/01 17:53:44 | 000,048,640 | ---- | M] ()
avgtdix.sys -> C:\WINDOWS\System32\drivers\avgtdix.sys -> [2009/11/30 22:35:58 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgldx86.sys -> C:\WINDOWS\System32\drivers\avgldx86.sys -> [2009/11/30 22:35:55 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgmfx86.sys -> C:\WINDOWS\System32\drivers\avgmfx86.sys -> [2009/11/30 22:35:55 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.)
AVG Free 9.0.lnk -> C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk -> [2009/11/30 22:35:30 | 000,001,507 | ---- | M] ()
iavichjw.avm -> C:\WINDOWS\System32\drivers\Avg\iavichjw.avm -> [2009/11/30 22:35:26 | 000,113,461 | ---- | M] ()
avgrsstx.dll -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/11/30 22:35:26 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.)
avg_free_stb_en_9_40_free.exe -> C:\Documents and Settings\Owner\Desktop\avg_free_stb_en_9_40_free.exe -> [2009/11/30 18:27:04 | 000,891,208 | ---- | M] (AVG Technologies)
disney.ini -> C:\WINDOWS\disney.ini -> [2009/11/28 23:14:37 | 000,001,905 | ---- | M] ()
Slingdot.com.url -> C:\Documents and Settings\Owner\Desktop\Slingdot.com.url -> [2009/11/26 20:29:31 | 000,000,118 | ---- | M] ()
Prison Tycoon 2 Uninstaller.exe -> C:\WINDOWS\Prison Tycoon 2 Uninstaller.exe -> [2009/11/26 20:28:00 | 000,911,250 | ---- | M] ()
Sdicon32.ico -> C:\Sdicon32.ico -> [2009/11/26 20:24:39 | 000,005,694 | ---- | M] ()
sysmain.sdb -> C:\WINDOWS\System32\dllcache\sysmain.sdb -> [2009/11/21 10:51:42 | 001,206,508 | ---- | M] ()
aclayers.dll -> C:\WINDOWS\System32\dllcache\aclayers.dll -> [2009/11/21 10:51:04 | 000,471,552 | ---- | M] (Microsoft Corporation)
CouponPrinter.ocx -> C:\WINDOWS\CouponPrinter.ocx -> [2009/11/19 17:16:27 | 000,068,824 | ---- | M] ()
Copy of 2009UMR.xls -> C:\Documents and Settings\Owner\My Documents\Copy of 2009UMR.xls -> [2009/11/14 21:58:10 | 002,121,216 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2009/11/11 18:06:31 | 000,270,984 | ---- | M] ()
win.ini -> C:\WINDOWS\win.ini -> [2009/11/11 18:02:58 | 000,000,189 | ---- | M] ()
Roster+2009.xls -> C:\Documents and Settings\Owner\My Documents\Roster+2009.xls -> [2009/11/11 17:58:54 | 000,036,352 | ---- | M] ()
hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2009/11/10 18:53:38 | 000,351,267 | R--- | M] ()
wininit.ini -> C:\WINDOWS\wininit.ini -> [2009/11/10 18:52:03 | 000,000,444 | ---- | M] ()
97 C:\Documents and Settings\Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Owner\Local Settings\Temp\*.tmp ->
97 C:\Documents and Settings\Owner\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Owner\Local Settings\Temp\*.tmp ->
823 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
823 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
823 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
1 C:\Documents and Settings\Owner\Local Settings\Temp\HouseCall\*.tmp files -> C:\Documents and Settings\Owner\Local Settings\Temp\HouseCall\*.tmp ->
1 C:\Documents and Settings\Owner\Local Settings\Temp\HouseCall\*.tmp files -> C:\Documents and Settings\Owner\Local Settings\Temp\HouseCall\*.tmp ->
1 C:\Documents and Settings\Owner\Local Settings\Temp\HCBackup\*.tmp files -> C:\Documents and Settings\Owner\Local Settings\Temp\HCBackup\*.tmp ->
[Files - No Company Name]
ERUNT AutoBackup.lnk -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2010/02/08 12:43:35 | 000,000,767 | ---- | C] ()
NTREGOPT.lnk -> C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk -> [2010/02/08 12:43:31 | 000,000,611 | ---- | C] ()
ERUNT.lnk -> C:\Documents and Settings\Owner\Desktop\ERUNT.lnk -> [2010/02/08 12:43:30 | 000,000,592 | ---- | C] ()
The_Comedian.exe -> C:\Documents and Settings\Owner\Desktop\The_Comedian.exe -> [2010/02/08 12:41:53 | 000,794,112 | ---- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/02/08 12:30:33 | 468,242,432 | -HS- | C] ()
~$rians comic book store -> C:\Documents and Settings\Owner\Desktop\~$rians comic book store -> [2010/02/06 21:04:40 | 000,000,162 | -H-- | C] ()
AdvancementReport 2-3-2010.pdf -> C:\Documents and Settings\Owner\My Documents\AdvancementReport 2-3-2010.pdf -> [2010/02/03 22:09:24 | 000,021,234 | ---- | C] ()
GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2010/02/03 17:42:59 | 000,000,886 | ---- | C] ()
GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2010/02/03 17:42:58 | 000,000,882 | ---- | C] ()
smsafari.ini -> C:\WINDOWS\smsafari.ini -> [2010/01/29 22:28:12 | 000,000,309 | ---- | C] ()
DeIsL1.isu -> C:\WINDOWS\DeIsL1.isu -> [2010/01/29 22:28:02 | 000,008,786 | ---- | C] ()
Copy of 2009UMR 1.rar -> C:\Documents and Settings\Owner\My Documents\Copy of 2009UMR 1.rar -> [2010/01/22 16:51:57 | 000,129,436 | ---- | C] ()
iTunes.lnk -> C:\Documents and Settings\All Users\Desktop\iTunes.lnk -> [2010/01/13 18:43:11 | 000,002,137 | ---- | C] ()
Hunting Unlimited 2008.lnk -> C:\Documents and Settings\Owner\Desktop\Hunting Unlimited 2008.lnk -> [2010/01/09 12:36:16 | 000,000,822 | ---- | C] ()
drmHeader.bin -> C:\drmHeader.bin -> [2010/01/05 13:02:03 | 000,003,532 | ---- | C] ()
trek safely.TIF -> C:\Documents and Settings\Owner\My Documents\trek safely.TIF -> [2010/01/03 15:02:59 | 000,029,678 | ---- | C] ()
WebEx Document Loader Port -> C:\WINDOWS\System32\WebEx Document Loader Port -> [2010/01/03 14:51:07 | 000,000,000 | ---- | C] ()
my documents -> C:\Documents and Settings\Owner\Desktop\my documents -> [2009/12/31 00:04:44 | 000,000,000 | ---- | C] ()
Vuze.lnk -> C:\Documents and Settings\All Users\Desktop\Vuze.lnk -> [2009/12/28 13:11:05 | 000,001,505 | ---- | C] ()
prvlcl.dat -> C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat -> [2009/12/15 17:23:51 | 000,000,000 | ---- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/12/04 14:50:02 | 000,000,696 | ---- | C] ()
Troop+68+Handbook.pdf -> C:\Documents and Settings\Owner\My Documents\Troop+68+Handbook.pdf -> [2009/12/02 18:26:17 | 000,096,515 | ---- | C] ()
AVG Free 9.0.lnk -> C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk -> [2009/11/30 22:35:30 | 000,001,507 | ---- | C] ()
Slingdot.com.url -> C:\Documents and Settings\Owner\Desktop\Slingdot.com.url -> [2009/11/26 20:29:31 | 000,000,118 | ---- | C] ()
Prison Tycoon 2 Uninstaller.exe -> C:\WINDOWS\Prison Tycoon 2 Uninstaller.exe -> [2009/11/26 20:27:33 | 000,911,250 | ---- | C] ()
Copy of 2009UMR 1.xls -> C:\Documents and Settings\Owner\My Documents\Copy of 2009UMR 1.xls -> [2009/11/14 21:59:11 | 002,123,264 | ---- | C] ()
Copy of 2009UMR.xls -> C:\Documents and Settings\Owner\My Documents\Copy of 2009UMR.xls -> [2009/11/14 12:32:34 | 002,121,216 | ---- | C] ()
Popcorn.xls -> C:\Documents and Settings\Owner\Desktop\Popcorn.xls -> [2009/11/13 17:56:48 | 000,048,640 | ---- | C] ()
qt-dx331.dll -> C:\WINDOWS\System32\qt-dx331.dll -> [2008/11/21 16:47:52 | 003,596,288 | ---- | C] ()
dtu100.dll.manifest -> C:\WINDOWS\System32\dtu100.dll.manifest -> [2008/11/21 16:45:16 | 000,000,416 | ---- | C] ()
dpl100.dll.manifest -> C:\WINDOWS\System32\dpl100.dll.manifest -> [2008/11/21 16:45:16 | 000,000,416 | ---- | C] ()
DivXWMPExtType.dll -> C:\WINDOWS\System32\DivXWMPExtType.dll -> [2008/11/21 16:44:16 | 000,012,288 | ---- | C] ()
VERMONT1.DLL -> C:\WINDOWS\System32\VERMONT1.DLL -> [2007/12/16 15:22:58 | 000,027,136 | ---- | C] ()
VRX1.DLL -> C:\WINDOWS\System32\VRX1.DLL -> [2007/12/16 15:22:58 | 000,019,040 | ---- | C] ()
SIMEARTH.DLL -> C:\WINDOWS\System32\SIMEARTH.DLL -> [2007/12/16 15:22:57 | 000,107,520 | ---- | C] ()
wininit.ini -> C:\WINDOWS\wininit.ini -> [2007/12/08 00:46:59 | 000,000,444 | ---- | C] ()
WAVEMIX.INI -> C:\WINDOWS\WAVEMIX.INI -> [2007/11/21 21:24:06 | 000,002,554 | ---- | C] ()
SimTower.ini -> C:\WINDOWS\SimTower.ini -> [2007/11/21 21:24:02 | 000,000,165 | ---- | C] ()
ka.ini -> C:\WINDOWS\ka.ini -> [2007/09/29 14:46:55 | 000,000,000 | ---- | C] ()
OPDSL.DLL -> C:\WINDOWS\System32\OPDSL.DLL -> [2007/04/10 07:53:39 | 000,139,264 | ---- | C] ()
iPlayer.INI -> C:\WINDOWS\iPlayer.INI -> [2007/01/26 09:21:08 | 000,000,092 | ---- | C] ()
lxaklcnp.dll -> C:\WINDOWS\System32\lxaklcnp.dll -> [2006/11/14 21:16:40 | 000,077,824 | ---- | C] ()
TLCAPPS.INI -> C:\WINDOWS\TLCAPPS.INI -> [2006/08/08 19:04:15 | 000,000,066 | ---- | C] ()
vidx16.dll -> C:\WINDOWS\System32\vidx16.dll -> [2006/07/18 15:42:02 | 000,010,240 | ---- | C] ()
regobj.dll -> C:\WINDOWS\System32\regobj.dll -> [2006/07/11 09:23:17 | 000,040,448 | ---- | C] ()
WAR2R.INI -> C:\WINDOWS\WAR2R.INI -> [2006/07/02 17:59:47 | 000,000,026 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 13:58:52 | 000,030,808 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 13:53:56 | 000,026,489 | ---- | C] ()
SIntfNT.dll -> C:\WINDOWS\System32\SIntfNT.dll -> [2006/06/18 13:55:04 | 000,021,840 | ---- | C] ()
SIntf32.dll -> C:\WINDOWS\System32\SIntf32.dll -> [2006/06/18 13:55:04 | 000,017,212 | ---- | C] ()
SIntf16.dll -> C:\WINDOWS\System32\SIntf16.dll -> [2006/06/18 13:55:04 | 000,012,067 | ---- | C] ()
SSAW.INI -> C:\WINDOWS\SSAW.INI -> [2006/06/12 20:19:12 | 000,000,075 | ---- | C] ()
QTW.INI -> C:\WINDOWS\QTW.INI -> [2006/05/29 18:43:20 | 000,000,206 | ---- | C] ()
hegames.ini -> C:\WINDOWS\hegames.ini -> [2006/04/22 13:50:36 | 000,000,761 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 14:39:28 | 000,029,779 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 14:39:28 | 000,026,040 | ---- | C] ()
tb96.ini -> C:\WINDOWS\tb96.ini -> [2006/03/27 17:32:40 | 000,000,095 | ---- | C] ()
fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2006/03/27 17:27:27 | 000,001,793 | ---- | C] ()
SETUP32.INI -> C:\WINDOWS\SETUP32.INI -> [2006/03/27 16:51:29 | 000,000,000 | ---- | C] ()
disney.ini -> C:\WINDOWS\disney.ini -> [2006/03/27 16:45:42 | 000,001,905 | ---- | C] ()
atid.ini -> C:\WINDOWS\atid.ini -> [2006/01/11 12:09:33 | 000,000,028 | ---- | C] ()
SIERRA.INI -> C:\WINDOWS\SIERRA.INI -> [2006/01/04 14:59:00 | 000,000,240 | ---- | C] ()
msoffice.ini -> C:\WINDOWS\msoffice.ini -> [2006/01/01 23:14:58 | 000,000,002 | ---- | C] ()
Tb98.ini -> C:\WINDOWS\Tb98.ini -> [2006/01/01 22:13:09 | 000,000,100 | ---- | C] ()
EPSN.DLL -> C:\WINDOWS\System32\EPSN.DLL -> [2006/01/01 22:13:02 | 000,046,512 | ---- | C] ()
INETWH16.DLL -> C:\WINDOWS\System32\INETWH16.DLL -> [2006/01/01 22:13:02 | 000,009,136 | ---- | C] ()
PIXPCZ.DLL -> C:\WINDOWS\System32\PIXPCZ.DLL -> [2006/01/01 22:13:01 | 000,012,126 | ---- | C] ()
PIXPNR.DLL -> C:\WINDOWS\System32\PIXPNR.DLL -> [2006/01/01 22:13:01 | 000,011,934 | ---- | C] ()
pstudio.ini -> C:\WINDOWS\pstudio.ini -> [2006/01/01 22:12:20 | 000,000,465 | ---- | C] ()
pfantasy.ini -> C:\WINDOWS\pfantasy.ini -> [2006/01/01 22:12:16 | 000,025,441 | ---- | C] ()
PS_Suite.ini -> C:\WINDOWS\PS_Suite.ini -> [2006/01/01 22:12:16 | 000,000,018 | ---- | C] ()
avrack.ini -> C:\WINDOWS\avrack.ini -> [2005/07/29 07:28:58 | 000,000,164 | ---- | C] ()
RTLCPAPI.dll -> C:\WINDOWS\System32\RTLCPAPI.dll -> [2005/07/29 07:28:55 | 000,155,648 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2005/07/29 07:22:06 | 000,000,376 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2004/08/27 05:50:59 | 000,000,061 | ---- | C] ()
oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2004/08/26 11:12:43 | 000,001,420 | ---- | C] ()
emver.ini -> C:\WINDOWS\System32\emver.ini -> [2004/08/26 11:12:43 | 000,000,485 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 17:05:08 | 000,002,695 | ---- | C] ()
[File - Lop Check]
SampleView -> C:\Documents and Settings\Administrator\Application Data\SampleView -> [2005/07/29 07:25:58 | 000,000,000 | ---D | M]
AntiVir PersonalEdition Classic -> C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic -> [2008/01/05 15:48:53 | 000,000,000 | ---D | M]
AVG Security Toolbar -> C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar -> [2009/08/03 16:07:34 | 000,000,000 | ---D | M]
avg9 -> C:\Documents and Settings\All Users\Application Data\avg9 -> [2009/11/30 22:34:21 | 000,000,000 | ---D | M]
Azureus -> C:\Documents and Settings\All Users\Application Data\Azureus -> [2009/12/28 13:11:42 | 000,000,000 | ---D | M]
CanonBJ -> C:\Documents and Settings\All Users\Application Data\CanonBJ -> [2007/05/01 15:35:56 | 000,000,000 | -H-D | M]
Disney Interactive -> C:\Documents and Settings\All Users\Application Data\Disney Interactive -> [2006/07/06 16:48:00 | 000,000,000 | ---D | M]
Grisoft -> C:\Documents and Settings\All Users\Application Data\Grisoft -> [2009/01/02 14:51:34 | 000,000,000 | ---D | M]
Napster -> C:\Documents and Settings\All Users\Application Data\Napster -> [2006/11/17 22:22:44 | 000,000,000 | ---D | M]
Sandlot Games -> C:\Documents and Settings\All Users\Application Data\Sandlot Games -> [2009/02/21 16:19:51 | 000,000,000 | ---D | M]
TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2008/10/08 20:16:34 | 000,000,000 | ---D | M]
Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2008/01/25 15:41:53 | 000,000,000 | ---D | M]
{755AC846-7372-4AC8-8550-C52491DAA8BD} -> C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} -> [2010/01/13 18:42:35 | 000,000,000 | ---D | M]
{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} -> C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} -> [2009/05/29 10:24:51 | 000,000,000 | ---D | M]
SampleView -> C:\Documents and Settings\Default User\Application Data\SampleView -> [2005/07/29 07:25:58 | 000,000,000 | ---D | M]
acccore -> C:\Documents and Settings\Owner\Application Data\acccore -> [2006/03/13 11:38:13 | 000,000,000 | ---D | M]
Azureus -> C:\Documents and Settings\Owner\Application Data\Azureus -> [2010/02/06 20:58:13 | 000,000,000 | ---D | M]
Disney Interactive -> C:\Documents and Settings\Owner\Application Data\Disney Interactive -> [2006/07/06 16:48:41 | 000,000,000 | ---D | M]
HouseCall 6.6 -> C:\Documents and Settings\Owner\Application Data\HouseCall 6.6 -> [2009/03/25 20:17:47 | 000,000,000 | ---D | M]
Leadertech -> C:\Documents and Settings\Owner\Application Data\Leadertech -> [2006/09/01 14:11:48 | 000,000,000 | ---D | M]
LimeWire -> C:\Documents and Settings\Owner\Application Data\LimeWire -> [2009/12/19 18:35:15 | 000,000,000 | ---D | M]
SampleView -> C:\Documents and Settings\Owner\Application Data\SampleView -> [2005/07/29 07:25:58 | 000,000,000 | ---D | M]
Template -> C:\Documents and Settings\Owner\Application Data\Template -> [2006/01/19 19:07:37 | 000,000,000 | ---D | M]
The Hobbit -> C:\Documents and Settings\Owner\Application Data\The Hobbit -> [2006/06/02 20:25:48 | 000,000,000 | ---D | M]
Unity -> C:\Documents and Settings\Owner\Application Data\Unity -> [2009/03/15 20:08:35 | 000,000,000 | ---D | M]
uTorrent -> C:\Documents and Settings\Owner\Application Data\uTorrent -> [2008/11/30 14:32:31 | 000,000,000 | ---D | M]
Viewpoint -> C:\Documents and Settings\Owner\Application Data\Viewpoint -> [2007/05/29 17:04:44 | 000,000,000 | ---D | M]
[File - Purity Scan]
[Alternate Data Streams]
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80ED6380
< End of report >gamer:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-08 14:25:31
Windows 5.1.2600 Service Pack 3
Running: GAMER.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\ugtoipob.sys
---- Kernel code sections - GMER 1.0.15 ----
init C:\WINDOWS\System32\Drivers\sunkfilt.sys entry point in "init" section [0xF7984300]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\USER32.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6113A3BF] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [61138FE2] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [61138F66] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [61138FA4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6113A3BF] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [611390DD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [61138FA4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [61138FE2] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [611390A5] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3412] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [61138F66] C:\Program Files\Yahoo!\Messenger\yui.dll
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
---- EOF - GMER 1.0.15 ----
mbam:
Malwarebytes' Anti-Malware 1.44
Database version: 3667
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2/8/2010 4:27:20 PM
mbam-log-2010-02-08 (16-27-20).txt
Scan type: Full Scan (C:\|)
Objects scanned: 261748
Time elapsed: 1 hour(s), 46 minute(s), 35 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Sign In
Create Account
