Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

OTL Fix

Started by spurta , Aug 04 2010 11:37 PM

  • Please log in to reply

#1
spurta
Posted 04 August 2010 - 11:37 PM

spurta

    Member

  • Member
  • PipPip
  • 18 posts
Hey guys,

I have contracted the Security Tool malware. I have run MalwareBytes and it did not find any problems, I used CCCleaner to remove the application from startup. Now on startup the desktop background appears without the icons/taskbar. I run task manager then rkill.com and then explorer and the desktop appears. But malware still does not pickup anything and the computer will not connect to the wireless network to update it. I have posted the OTL.txt file hoping for some kind of fix. Thanks in advance, Leon.

Attached Files

  • Attached File  OTL.Txt   107.19KB   133 downloads

Edited by spurta, 05 August 2010 - 12:49 AM.

  • 0

Advertisements

#2
spurta
Posted 05 August 2010 - 01:03 AM

spurta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Can anyone help?
  • 0

#3
spurta
Posted 05 August 2010 - 05:25 PM

spurta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Ok,

So after trying several things to get the computer to connect to the internet so that I can update MalwareBytes the virus reappeared. After running Rkill, MalwareBytes still does not detect any problems and I cannot connect to the internet. Any ideas??
  • 0

#4
spurta
Posted 09 August 2010 - 03:49 AM

spurta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Guys,

The problem has progressed over the last few days. I am still unabe to connect to the internet with the wireless connection citing WZC not started when it has. I can only assume that there is a program pretending to manage the adapter. I have attached a new OTL log file, I have not been able to finish a gmer scan as it BSOD the two times I have run it. I have installed a Norton 360 antivirus that has removed 8 trojans, but the computer still does not start up correctly with the desktop missing until I run rkill and explorer. Any help much appreciated.

Attached Files

  • Attached File  OTL.Txt   127.23KB   98 downloads

  • 0

#5
MariaCristina
Posted 11 August 2010 - 12:10 PM

MariaCristina

    Visiting Staff

  • Visiting Consultant
  • 277 posts
Hello, spurta

Welcome to Geeks to Go! :)

My name is Maria Cristina and I will be helping you. I will be back as soon as possible, as each reply must be approved by a resident expert before I can be allowed to post it to you.
  • Please, be patient. Do not try to fix your malware issues by yourself. You should only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyze and fix your PC in the long run.
  • Do not ask for help in other forums. Trying to follow more than one procedure at the same time can cause a lot of issues.
  • POST your logs, do not attach them, as it makes it harder to read.
  • English is not my first language, so please do not use slang or idioms, as this makes it difficult to understand for me.
  • I suggest you to subscribe this thread, by clicking in My Settings, on the top of this page.

    You should click in the Notification Options and check the option Watch every topic I reply to - If enabled, choose default notification type: and set your desired notification type.

I would like to see a fresh OTL report.

Are you able to download OTL from another machine and transfer it to the infected one?

If yes, please follow these instructions bellow. If not, then run OTLPE again and paste the new log here.

Run rkill as you will be able to run OTL.exe.

  • Double click on the OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them here in a new reply. Please, do not attach them.


:)

Edited by MariaCristina, 11 August 2010 - 12:11 PM.

  • 0

#6
spurta
Posted 11 August 2010 - 05:52 PM

spurta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hello Maria thanks for responding.

I have pretty much fixed it myself, but I will post another OTL log and get you to examine it. There are no visible remnants of the Malware and my internet connection is now working again. I used a copy of Norton 360 and superAntiSpyware to remove most of it. I have a feeling there are still some remenants remaining because I am getting Google redirects and persistent Norton warnings about blocked access to my computer from random *.com locations.

[OTL LOG]

OTL logfile created on: 8/12/2010 9:46:02 AM - Run
OTLPE by OldTimer - Version 3.1.39.0 Folder = C:\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 351.00 Mb Available Physical Memory | 35.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 2058 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.44 Gb Total Space | 7.91 Gb Free Space | 11.56% Space Free | Partition Type: NTFS
Drive D: | 119.43 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPURTALAPTOP
Current User Name: Spurta
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (WinServ)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\OpcEnum.exe -- (OpcEnum)
SRV - File not found [Auto] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/01/26 11:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/01/21 12:35:49 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2008/05/19 18:59:30 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/03/02 18:39:35 | 000,307,968 | ---- | M] (TuneUp Software GmbH) [On_Demand] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008/02/27 12:15:14 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006/10/31 13:21:58 | 000,200,704 | ---- | M] (National Instruments, Inc.) [Auto] -- C:\Program Files\Common Files\National Instruments\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2006/10/31 13:21:52 | 000,057,344 | ---- | M] (National Instruments, Inc.) [Auto] -- C:\WINDOWS\system32\lktsrv.exe -- (lkTimeSync)
SRV - [2006/10/31 13:21:44 | 000,049,152 | ---- | M] (National Instruments, Inc.) [Auto] -- C:\WINDOWS\system32\lkads.exe -- (lkClassAds)
SRV - [2006/09/28 19:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/08/02 12:53:40 | 000,688,190 | ---- | M] (National Instruments, Inc.) [Auto] -- C:\WINDOWS\system32\lkcitdl.exe -- (LkCitadelServer)
SRV - [2006/05/23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv)
SRV - [2006/04/06 16:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/03/03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/02/06 15:46:42 | 000,049,152 | ---- | M] (National Instruments Corp.) [Auto] -- C:\WINDOWS\System32\nisvcloc.exe -- (niSvcLoc)
SRV - [2005/04/02 03:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) [Auto] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- (StarWindService)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
SRV - [2002/05/10 14:50:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\NETw3x32.sys -- (NETw3x32) Intel®
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\lmimirr.sys -- (lmimirr)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\ATHFMWDL.sys -- (ATHFMWDL)
DRV - File not found [Kernel | On_Demand] -- -- (aiw8kr1x)
DRV - [2010/08/11 00:30:48 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/08/09 19:57:34 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100811.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/08/09 19:57:34 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100811.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/08/08 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/08/08 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/07/14 15:25:58 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2010/07/06 03:15:40 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100809.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/11 04:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/23 02:53:20 | 000,104,768 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/02/18 04:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/21 13:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/01/21 12:35:49 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)
DRV - [2010/01/21 12:35:49 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SymEFA.sys -- (SymEFA)
DRV - [2010/01/21 12:35:49 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/01/21 12:35:49 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/21 12:35:49 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/21 12:35:49 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/01/21 12:35:49 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/01/21 12:35:49 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2010/01/21 12:35:49 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS -- (SYMIDS)
DRV - [2010/01/21 12:35:30 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/01/21 12:35:30 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010/01/02 03:20:34 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009/12/30 10:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/12/30 10:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/12/30 10:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/12/30 10:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/12/30 10:25:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/07/10 17:51:34 | 000,721,904 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/01/23 08:49:08 | 000,037,664 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2008/08/26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/10/03 15:35:52 | 000,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)
DRV - [2007/01/30 12:12:06 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/28 10:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\System32\drivers\cvintdrv.sys -- (cvintdrv)
DRV - [2006/11/15 17:32:44 | 000,242,139 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006/06/27 18:27:18 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan)
DRV - [2006/05/24 20:07:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 20:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 20:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 20:01:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 20:01:22 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 20:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 19:58:18 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 19:57:00 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/03/24 18:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 13:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/12/04 11:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/10/14 10:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 10:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 10:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 19:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/21 22:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/21 22:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/21 22:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/06 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 03:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 03:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 03:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 03:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 05:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 04:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/12 19:45:54 | 000,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/10 07:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/08/10 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/04 01:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/04 01:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 22:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/07/14 13:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 13:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/02/13 11:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/12/16 18:13:02 | 000,034,297 | ---- | M] (Generic) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2003/10/15 17:52:50 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)
DRV - [2002/02/05 18:30:42 | 000,028,396 | ---- | M] (America Online, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.ap.dell....c=au&l=en&s=gen
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\Software\Microsoft\Internet Explorer\Main,Default = 89 AB 11 92 17 1A 5A 43 9A 46 30 38 72 B4 0C F9 [binary data]
IE - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
IE - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\Software\Microsoft\Internet Explorer\Main,Start Page = https://osa.adfa.edu...change&reason=0
IE - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/03/10 21:01:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D}: C:\Documents and Settings\Spurta\Local Settings\Application Data\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D} [2010/07/14 15:27:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}: C:\Documents and Settings\Spurta\Local Settings\Application Data\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}\ [2010/08/01 18:35:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/08/11 19:19:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/22 13:27:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/22 13:27:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/03/10 21:01:08 | 000,000,000 | ---D | M]

[2010/08/12 08:39:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/01/06 10:23:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2006/06/07 14:40:18 | 000,027,376 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll
[2005/10/02 12:28:00 | 000,110,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll

O1 HOSTS File: ([2010/08/10 23:49:16 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {0C2A3A9F-68C8-4EAC-9434-EEF5524214B5} - Reg Error: Value error. File not found
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll (BitComet)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {9211AB89-1A17-435A-9A46-303872B40CF9} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {de20342d-e92d-4ce1-88ad-a1d28ccfd77e} - No CLSID value found.
O2 - BHO: (no name) - {F185509A-B864-4290-8702-7D0D5D7D2E66} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2188553861-2381450910-3847007968-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Spurta\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Spurta\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/23 10:57:35 | 000,000,109 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/07/19 19:19:56 | 000,000,050 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{16991694-140f-11dc-8088-0015c5238833}\Shell\AutoRun\command - "" = F:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a7440eb6-20a6-11dc-8099-0015c5238833}\Shell - "" = AutoRun
O33 - MountPoints2\{a7440eb6-20a6-11dc-8099-0015c5238833}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8d92c77-d6c2-11dd-82d8-0015c5238833}\Shell - "" = AutoRun
O33 - MountPoints2\{d8d92c77-d6c2-11dd-82d8-0015c5238833}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8d92c77-d6c2-11dd-82d8-0015c5238833}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/12 06:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2010/08/11 09:00:09 | 000,036,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2010/08/11 00:31:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Downloaded Installations
[2010/08/11 00:30:42 | 000,217,136 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symtdi.sys
[2010/08/11 00:30:41 | 000,048,688 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symndisv.sys
[2010/08/11 00:30:41 | 000,036,400 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symndis.sys
[2010/08/11 00:30:40 | 000,089,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symfw.sys
[2010/08/11 00:30:40 | 000,033,072 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symids.sys
[2010/08/11 00:30:38 | 000,310,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.sys
[2010/08/11 00:30:37 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.sys
[2010/08/11 00:30:36 | 000,308,272 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.sys
[2010/08/11 00:30:34 | 000,482,432 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\cchpx86.sys
[2010/08/11 00:30:33 | 000,259,632 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.sys
[2010/08/11 00:27:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0308000.029
[2010/08/10 21:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/08/10 21:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\My Documents\Updater5
[2010/08/10 21:33:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\My Documents
[2010/08/10 21:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/08/10 21:30:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/08/10 19:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\SUPERAntiSpyware.com
[2010/08/10 19:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/08/10 19:02:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\UserData
[2010/08/10 19:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\Symantec
[2010/08/10 19:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/08/10 18:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Telstra
[2010/08/10 17:01:33 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Spurta\Desktop\WinsockxpFix.exe
[2010/08/10 16:22:43 | 000,000,000 | ---D | C] -- C:\UBCD4Win
[2010/08/08 10:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\Symantec
[2010/08/08 10:56:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\Downloaded Installations
[2010/08/08 10:55:31 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/08/08 10:55:30 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/08/08 10:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/08/08 10:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/08/08 10:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/08/08 10:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/08/08 10:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360 Premier Edition
[2010/08/07 23:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/08/05 19:39:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/08/05 14:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Desktop\Malwarebytes.Anti-Malware.v1.31.Multilingual.WinAll.Incl.Keygen-CRD
[2010/08/05 12:59:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Spurta\Recent
[2010/08/05 11:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\mvrtgwcfn
[2010/08/02 21:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\Vso
[2010/08/01 18:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}
[2010/07/29 12:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\SysEng
[2010/07/21 19:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\eComm
[2010/07/20 14:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Desktop\Images
[2010/07/17 22:58:56 | 000,552,960 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/07/17 22:57:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/14 15:27:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D}
[2010/07/14 15:25:58 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2010/07/14 15:25:55 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2010/07/14 15:25:55 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2010/07/14 09:02:43 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2008/02/29 21:26:24 | 000,262,144 | ---- | C] (Peter Pazmany Catholic University - Robotics Lab) -- C:\Program Files\ITK-Scope.exe
[2007/04/05 08:39:12 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Spurta\Application Data\pcouffin.sys
[2 C:\Documents and Settings\Spurta\My Documents\*.tmp files -> C:\Documents and Settings\Spurta\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/12 09:01:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/12 09:01:28 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/08/12 08:39:10 | 001,156,474 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\Cat.DB
[2010/08/12 08:38:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/12 08:38:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/12 08:38:38 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/12 08:37:14 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/08/12 08:37:14 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/08/12 08:36:47 | 015,204,352 | ---- | M] () -- C:\Documents and Settings\Spurta\ntuser.dat
[2010/08/12 08:36:47 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Spurta\ntuser.ini
[2010/08/11 11:31:00 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\Microsoft Office Word 2003.lnk
[2010/08/11 00:30:48 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/08/11 00:30:48 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/08/11 00:30:48 | 000,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/08/11 00:30:48 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/08/11 00:27:38 | 000,001,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNetV.inf
[2010/08/11 00:27:38 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\isolate.ini
[2010/08/11 00:27:36 | 000,009,412 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\symnetv.cat
[2010/08/10 23:49:16 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/10 17:25:00 | 000,000,856 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/10 17:25:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/10 17:25:00 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2010/08/10 16:48:08 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Spurta\Desktop\WinsockxpFix.exe
[2010/08/10 10:13:26 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/08/10 10:13:25 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/09 12:35:06 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\Shortcut to 20100808-003-v5i32.lnk
[2010/08/09 12:11:41 | 000,003,666 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100809_121134.reg
[2010/08/08 17:36:55 | 078,643,200 | -HS- | M] () -- C:\NRTPage.sys
[2010/08/05 15:02:16 | 000,059,664 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\mbam-clean.exe
[2010/08/05 14:53:17 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2010/08/05 14:21:28 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\iExplorer.exe.com
[2010/08/05 11:26:47 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\swxtu.dll
[2010/08/05 08:10:40 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Vlico.dat
[2010/08/05 08:10:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Ffuxafiyaci.bin
[2010/08/02 21:04:48 | 000,138,281 | ---- | M] () -- C:\Documents and Settings\Spurta\Application Data\vso_ts_preview.xml
[2010/08/01 14:49:46 | 000,010,752 | ---- | M] () -- C:\WINDOWS\DCEBoot.exe
[2010/07/29 13:54:10 | 000,088,576 | ---- | M] () -- C:\Documents and Settings\Spurta\Copy of Entire Degree Assessment Results WAM Calculator.xls
[2010/07/21 11:03:56 | 000,257,536 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\ADS_temp.doc
[2010/07/21 09:22:49 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Spurta\My Documents\~$S_temp.doc
[2010/07/20 15:43:25 | 000,020,469 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\wristReferral.pdf
[2010/07/20 12:51:42 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\timetable Session2-2010.xls
[2010/07/17 21:09:33 | 000,074,916 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\Tiger Airways _ Itinerary.pdf
[2010/07/14 15:25:58 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2010/07/14 15:25:55 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2010/07/14 15:25:55 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2010/07/14 15:24:35 | 000,000,024 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\hwzypv.dat
[2010/07/14 15:22:56 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Spurta\Application Data\avdrn.dat
[2 C:\Documents and Settings\Spurta\My Documents\*.tmp files -> C:\Documents and Settings\Spurta\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/11 09:01:04 | 001,156,474 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\Cat.DB
[2010/08/11 00:30:42 | 000,001,561 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNet.inf
[2010/08/11 00:30:41 | 000,009,402 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNet.cat
[2010/08/11 00:30:38 | 000,007,431 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.cat
[2010/08/11 00:30:38 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.inf
[2010/08/11 00:30:37 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.inf
[2010/08/11 00:30:36 | 000,007,429 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.cat
[2010/08/11 00:30:36 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.inf
[2010/08/11 00:30:35 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.cat
[2010/08/11 00:30:34 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\ccHPx86.cat
[2010/08/11 00:30:34 | 000,001,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\ccHPx86.inf
[2010/08/11 00:30:33 | 000,007,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.CAT
[2010/08/11 00:30:33 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.inf
[2010/08/11 00:27:38 | 000,001,562 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNetV.inf
[2010/08/11 00:27:38 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\isolate.ini
[2010/08/11 00:27:36 | 000,009,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\symnetv.cat
[2010/08/10 16:46:34 | 1063,714,816 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/09 12:35:06 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\Shortcut to 20100808-003-v5i32.lnk
[2010/08/09 12:11:37 | 000,003,666 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100809_121134.reg
[2010/08/08 17:36:55 | 078,643,200 | -HS- | C] () -- C:\NRTPage.sys
[2010/08/08 10:55:30 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/08/08 10:55:30 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/08/05 18:44:17 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\gmer.exe
[2010/08/05 15:02:36 | 000,059,664 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\mbam-clean.exe
[2010/08/05 14:25:42 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\iExplorer.exe.com
[2010/08/05 11:26:47 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\swxtu.dll
[2010/07/21 09:22:49 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Spurta\My Documents\~$S_temp.doc
[2010/07/21 09:22:48 | 000,257,536 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\ADS_temp.doc
[2010/07/20 15:43:25 | 000,020,469 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\wristReferral.pdf
[2010/07/20 12:46:05 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\timetable Session2-2010.xls
[2010/07/17 21:09:33 | 000,074,916 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\Tiger Airways _ Itinerary.pdf
[2010/07/17 11:41:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ffuxafiyaci.bin
[2010/07/17 11:41:07 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Vlico.dat
[2010/07/14 15:24:31 | 000,000,024 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Application Data\hwzypv.dat
[2010/07/14 15:22:56 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\avdrn.dat
[2010/02/27 15:34:14 | 000,138,281 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\vso_ts_preview.xml
[2010/02/26 09:37:25 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\AutoGK.ini
[2009/11/27 09:37:56 | 000,001,085 | ---- | C] () -- C:\Documents and Settings\Spurta\.log
[2009/11/27 09:36:44 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\Spurta\texput.log
[2009/01/26 07:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/09 09:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/12/22 13:44:13 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/11/24 17:20:31 | 000,009,279 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini
[2008/11/24 17:20:31 | 000,008,913 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini
[2008/11/24 17:20:31 | 000,008,157 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini
[2008/11/24 17:20:31 | 000,007,454 | ---- | C] () -- C:\WINDOWS\Disktool.INI
[2008/11/24 17:20:31 | 000,003,677 | ---- | C] () -- C:\WINDOWS\SoundCon.INI
[2008/11/24 17:20:31 | 000,000,170 | ---- | C] () -- C:\WINDOWS\settings.ini
[2008/10/13 09:33:53 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\Spurta\default.pls
[2008/07/22 14:43:45 | 000,088,576 | ---- | C] () -- C:\Documents and Settings\Spurta\Copy of Entire Degree Assessment Results WAM Calculator.xls
[2008/07/07 17:04:58 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2008/07/07 14:12:35 | 000,158,720 | ---- | C] () -- C:\Documents and Settings\Spurta\Smarter_than_a_5th_grader(1)(2) (4).xls
[2008/06/18 13:59:56 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/06/04 12:57:01 | 000,131,072 | ---- | C] () -- C:\Documents and Settings\Spurta\Presentation1.ppt
[2008/03/09 14:45:59 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat_TU_99245.LOG
[2008/03/09 14:45:58 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Spurta\ntuser.dat_TU_15077.LOG
[2008/03/09 14:45:57 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT_TU_31918.LOG
[2008/02/29 21:26:24 | 000,002,095 | ---- | C] () -- C:\Program Files\ITK-Scope.ini
[2008/02/29 21:26:24 | 000,000,038 | ---- | C] () -- C:\Program Files\ITK-Scope.aliases
[2008/02/11 22:27:15 | 000,000,226 | ---- | C] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\ip2.php
[2008/02/11 00:05:53 | 000,002,691 | ---- | C] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\CCProxy.ini
[2008/02/11 00:05:53 | 000,000,486 | ---- | C] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\int.bat
[2008/02/11 00:05:53 | 000,000,087 | ---- | C] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\AccInfo.ini
[2008/02/10 05:43:16 | 000,000,226 | ---- | C] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\ip.php
[2008/01/26 23:25:10 | 000,002,691 | ---- | C] () -- C:\WINDOWS\System32\CCProxy.ini
[2008/01/26 23:25:10 | 000,000,087 | ---- | C] () -- C:\WINDOWS\System32\AccInfo.ini
[2007/11/16 09:47:12 | 000,006,656 | -HS- | C] () -- C:\Documents and Settings\Spurta\Thumbs.db
[2007/11/14 08:15:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2007/11/05 18:58:24 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Spurta\Copy of Name and Address List.xls
[2007/10/13 17:47:29 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys
[2007/09/02 09:30:56 | 000,000,146 | ---- | C] () -- C:\WINDOWS\Capture.INI
[2007/08/20 06:33:20 | 000,064,000 | ---- | C] () -- C:\Documents and Settings\Spurta\Uni Progress Semester 2.xls
[2007/08/03 11:07:16 | 000,008,725 | ---- | C] () -- C:\Documents and Settings\Spurta\gsview32.ini
[2007/07/31 19:00:37 | 000,006,583 | ---- | C] () -- C:\WINDOWS\PSPICEEV.INI
[2007/07/31 19:00:28 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\ltfil60n.dll
[2007/07/31 19:00:28 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwpg60n.dll
[2007/07/31 19:00:27 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwmf60n.dll
[2007/07/31 19:00:26 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\lftif60n.dll
[2007/07/31 19:00:26 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\lftga60n.dll
[2007/07/31 19:00:25 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lfpsd60n.dll
[2007/07/31 19:00:24 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\lfpng60n.dll
[2007/07/31 19:00:24 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\lfpcx60n.dll
[2007/07/31 19:00:23 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfpct60n.dll
[2007/07/31 19:00:23 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\lfmsp60n.dll
[2007/07/31 19:00:22 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\lffax60n.dll
[2007/07/31 19:00:22 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\lfmac60n.dll
[2007/07/31 19:00:21 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\lfcmp60n.dll
[2007/07/31 19:00:21 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfeps60n.dll
[2007/07/31 19:00:21 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\lfbmp60n.dll
[2007/07/31 19:00:19 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2007/06/21 15:22:53 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Spurta\PLTOFF PURTON PARTICULARS.xls
[2007/06/21 13:38:39 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/06/18 20:05:04 | 015,204,352 | ---- | C] () -- C:\Documents and Settings\Spurta\ntuser.dat
[2007/06/18 20:05:04 | 007,340,032 | ---- | C] () -- C:\Documents and Settings\Spurta\ntuser.dat_BAK_15077
[2007/06/18 20:05:03 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat_BAK_99245
[2007/06/18 20:05:03 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2007/06/10 18:12:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/04/05 08:39:27 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\pcouffin.log
[2007/04/05 08:39:12 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\pcouffin.cat
[2007/04/05 08:39:12 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\pcouffin.inf
[2007/03/27 20:19:36 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007/03/27 19:58:56 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/03/19 14:34:46 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Spurta\winscp.RND
[2007/03/06 19:34:17 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\Spurta\.appletviewer
[2007/02/18 10:50:38 | 000,000,099 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2007/02/13 09:11:56 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\dm.ini
[2007/02/08 08:15:50 | 000,000,187 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
[2007/02/02 19:07:23 | 000,000,283 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2006/11/28 10:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\cvintdrv.sys
[2006/11/06 20:25:10 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/24 15:28:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/07 19:27:57 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/08/20 21:14:09 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/14 22:28:12 | 000,000,443 | R--- | C] () -- C:\WINDOWS\hpw0460k.ini
[2006/08/14 22:27:26 | 000,000,426 | ---- | C] () -- C:\WINDOWS\hpdj460.ini
[2006/08/14 22:26:36 | 000,001,564 | ---- | C] () -- C:\WINDOWS\mariner.ini
[2006/08/14 22:26:29 | 000,000,606 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2006/08/09 16:50:38 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\fusioncache.dat
[2006/08/09 16:50:37 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Spurta\ntuser.dat.LOG
[2006/08/09 16:50:37 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\Spurta\ntuser.ini
[2006/08/03 21:50:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/03 21:40:30 | 000,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/08/03 21:13:48 | 000,262,144 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\ntuser.dat
[2006/08/03 21:13:48 | 000,001,024 | -H-- | C] () -- C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG
[2006/08/03 21:01:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/08/03 20:58:02 | 000,000,435 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/07/12 13:46:20 | 000,000,244 | ---- | C] () -- C:\WINDOWS\System32\nirpc.ini
[2006/05/24 20:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/08/17 02:49:39 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2005/08/17 02:49:39 | 000,237,568 | ---- | C] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT_BAK_31918
[2005/08/16 06:49:40 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\LocalService\ntuser.ini
[2005/08/16 06:49:39 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[2005/08/16 06:49:39 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat.LOG
[2005/08/16 06:49:39 | 000,000,020 | -HS- | C] () -- C:\Documents and Settings\NetworkService\ntuser.ini
[2005/08/16 06:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 12:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/02/17 14:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 14:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/16 08:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/07/07 02:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2010/02/24 21:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\AnvSoft
[2009/11/26 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\benibela
[2007/02/22 14:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\BitTorrent
[2009/07/10 18:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\DAEMON Tools Lite
[2007/03/20 10:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Dele
[2010/06/17 17:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Facebook
[2007/12/09 09:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Image Zone Express
[2006/08/09 17:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Leadertech
[2010/06/21 18:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Lezek
[2007/08/11 21:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\MSNInstaller
[2010/07/02 14:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\NCH Swift Sound
[2006/08/12 14:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\NetMedia Providers
[2010/04/16 07:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Nokia
[2010/04/16 07:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Nokia Ovi Suite
[2010/04/16 07:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\PC Suite
[2006/08/12 14:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Publish Providers
[2008/05/28 19:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Qomae
[2010/06/23 13:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Recordpad
[2006/08/12 14:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Sony
[2006/08/10 19:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Template
[2008/03/02 18:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\TuneUp Software
[2008/07/03 13:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Ubisoft
[2008/08/15 20:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Ulead Systems
[2010/08/02 21:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Vso
[2009/09/02 21:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\xm1
[2007/05/10 04:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Ytuw
[2010/08/12 09:01:28 | 000,000,488 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

========== Purity Check ==========


< End of report >


Thanks in advance for your assistance....
  • 0

#7
MariaCristina
Posted 12 August 2010 - 03:45 PM

MariaCristina

    Visiting Staff

  • Visiting Consultant
  • 277 posts
Hi, spurta.

my internet connection is now working again


Why did not you download a new OTL.exe, as I asked you before?

You are running an old OTLPE version. The tool is frequently up to date to reflect some changes that are needed to keep the tool working fine.

There's no need to download a new OTLPE, as it is a large file.

Just follow these instructions bellow:

Download OTL.exe to your Desktop
  • .

    ** Please, note: It is not OTLPE. It is OTL.exe
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them here in a new reply.

:)
  • 0

#8
spurta
Posted 12 August 2010 - 04:26 PM

spurta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Sorry Maria I did not see the part about downloading a new OTL.

Log Files attached..

Thanks in advance, Leon.

Attached Files

  • Attached File  OTL.Txt   161.49KB   118 downloads
  • Attached File  Extras.Txt   47.31KB   164 downloads

Edited by spurta, 12 August 2010 - 04:28 PM.

  • 0

#9
MariaCristina
Posted 13 August 2010 - 11:56 PM

MariaCristina

    Visiting Staff

  • Visiting Consultant
  • 277 posts
Hello, spurta

I had pasted your logs in here because it is hard for us to analyze them when they are attached.
Please, give me some time, I am working on your logs and soon I will back here. :)

OTL logfile created on: 8/13/2010 8:12:51 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Spurta\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 307.00 Mb Available Physical Memory | 30.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): C:\pagefile.sys 2058 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.44 Gb Total Space | 1.32 Gb Free Space | 1.93% Space Free | Partition Type: NTFS
Drive D: | 119.43 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPURTALAPTOP
Current User Name: Spurta
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/13 08:11:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\OTL.exe
PRC - [2010/07/20 03:50:45 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/07/04 22:44:04 | 000,552,960 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/08 14:56:47 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/02/05 12:45:16 | 000,385,856 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010/02/03 08:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010/01/26 11:41:08 | 000,652,800 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/01/21 12:35:49 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2009/12/17 10:23:54 | 000,272,896 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2009/10/29 12:03:34 | 000,159,744 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
PRC - [2009/10/27 08:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 08:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008/05/19 18:59:30 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2007/06/13 20:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/11 02:59:23 | 000,349,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
PRC - [2007/05/10 22:46:20 | 000,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2006/10/31 13:21:58 | 000,200,704 | ---- | M] (National Instruments, Inc.) -- C:\Program Files\Common Files\National Instruments\Security\nidmsrv.exe
PRC - [2006/10/31 13:21:52 | 000,057,344 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\system32\lktsrv.exe
PRC - [2006/10/31 13:21:44 | 000,049,152 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\system32\lkads.exe
PRC - [2006/09/28 19:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/24 20:28:28 | 000,622,653 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/05/24 20:27:10 | 001,372,244 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/05/23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\system32\StkASv2K.exe
PRC - [2006/04/06 16:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/24 18:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/02/06 15:46:42 | 000,049,152 | ---- | M] (National Instruments Corp.) -- C:\WINDOWS\system32\nisvcloc.exe
PRC - [2005/04/02 03:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
PRC - [2003/10/29 04:06:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2002/05/10 14:50:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/08/13 08:11:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\OTL.exe
MOD - [2010/01/21 12:35:45 | 000,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\asOEHook.dll
MOD - [2006/08/26 01:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/10 07:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (WinServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\OpcEnum.exe -- (OpcEnum)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/01/26 11:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/01/21 12:35:49 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2008/05/19 18:59:30 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/03/02 18:39:35 | 000,307,968 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008/02/27 12:15:14 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006/10/31 13:21:58 | 000,200,704 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Program Files\Common Files\National Instruments\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2006/10/31 13:21:52 | 000,057,344 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\WINDOWS\system32\lktsrv.exe -- (lkTimeSync)
SRV - [2006/10/31 13:21:44 | 000,049,152 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\WINDOWS\system32\lkads.exe -- (lkClassAds)
SRV - [2006/09/28 19:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/08/02 12:53:40 | 000,688,190 | ---- | M] (National Instruments, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\lkcitdl.exe -- (LkCitadelServer)
SRV - [2006/05/23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv)
SRV - [2006/04/06 16:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/03/03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/02/06 15:46:42 | 000,049,152 | ---- | M] (National Instruments Corp.) [Auto | Running] -- C:\WINDOWS\System32\nisvcloc.exe -- (niSvcLoc)
SRV - [2005/04/02 03:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- (StarWindService)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
SRV - [2002/05/10 14:50:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\NETw3x32.sys -- (NETw3x32) Intel®
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lmimirr.sys -- (lmimirr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ATHFMWDL.sys -- (ATHFMWDL)
DRV - [2010/08/11 00:30:48 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/08/09 19:57:34 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100812.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/08/09 19:57:34 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100812.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/08/08 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/08/08 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/07/14 15:25:58 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2010/07/06 03:15:40 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100809.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/11 04:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/23 02:53:20 | 000,104,768 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/02/18 04:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/21 13:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/01/21 12:35:49 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)
DRV - [2010/01/21 12:35:49 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2010/01/21 12:35:49 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/01/21 12:35:49 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/21 12:35:49 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/21 12:35:49 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/01/21 12:35:49 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/01/21 12:35:49 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2010/01/21 12:35:49 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS -- (SYMIDS)
DRV - [2010/01/21 12:35:30 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/01/21 12:35:30 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010/01/02 03:20:34 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009/12/30 10:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/12/30 10:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/12/30 10:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/12/30 10:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/12/30 10:25:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/07/10 17:51:34 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/01/23 08:49:08 | 000,037,664 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2008/08/26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/10/03 15:35:52 | 000,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)
DRV - [2007/01/30 12:12:06 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/28 10:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\cvintdrv.sys -- (cvintdrv)
DRV - [2006/11/15 17:32:44 | 000,242,139 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006/06/27 18:27:18 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan)
DRV - [2006/05/24 20:07:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 20:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 20:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 20:01:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 20:01:22 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 20:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 19:58:18 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 19:57:00 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/03/24 18:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 13:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/12/04 11:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/10/14 10:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 10:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 10:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 19:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/21 22:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/21 22:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/21 22:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/06 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 03:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 03:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 03:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 03:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 05:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 04:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/12 19:45:54 | 000,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/10 07:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/08/10 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/04 01:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/04 01:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 22:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/07/14 13:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 13:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/02/13 11:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/12/16 18:13:02 | 000,034,297 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2003/10/15 17:52:50 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)
DRV - [2002/02/05 18:30:42 | 000,028,396 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.ap.dell....c=au&l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default = 89 AB 11 92 17 1A 5A 43 9A 46 30 38 72 B4 0C F9 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://osa.adfa.edu...change&reason=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.22
FF - prefs.js..extensions.enabledItems: {CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D}:1.9.1
FF - prefs.js..network.proxy.autoconfig_url: "http://www.unsw.adfa...u.au/proxy.pac"
FF - prefs.js..network.proxy.http: "harvest.adfa.edu.au"
FF - prefs.js..network.proxy.http_port: 3128


FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/03/10 21:01:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D}: C:\Documents and Settings\Spurta\Local Settings\Application Data\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D} [2010/07/14 15:27:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}: C:\Documents and Settings\Spurta\Local Settings\Application Data\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}\ [2010/08/01 18:35:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/08/11 19:19:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/22 13:27:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/22 13:27:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/03/10 21:01:08 | 000,000,000 | ---D | M]

[2008/09/01 14:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Mozilla\Extensions
[2007/09/04 11:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Mozilla\Firefox\Profiles\gz3eafa1.default\extensions
[2010/08/12 22:24:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/01/06 10:23:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2006/06/07 14:40:18 | 000,027,376 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll
[2005/10/02 12:28:00 | 000,110,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll

O1 HOSTS File: ([2010/08/10 23:49:16 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {0C2A3A9F-68C8-4EAC-9434-EEF5524214B5} - Reg Error: Value error. File not found
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll (BitComet)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {9211AB89-1A17-435A-9A46-303872B40CF9} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {de20342d-e92d-4ce1-88ad-a1d28ccfd77e} - No CLSID value found.
O2 - BHO: (no name) - {F185509A-B864-4290-8702-7D0D5D7D2E66} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Spurta\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Spurta\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/23 10:57:35 | 000,000,109 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/07/19 19:19:56 | 000,000,050 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{16991694-140f-11dc-8088-0015c5238833}\Shell\AutoRun\command - "" = F:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a0fb10c9-2772-11db-bf72-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{a0fb10c9-2772-11db-bf72-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a0fb10c9-2772-11db-bf72-806d6172696f}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2009/12/16 20:19:28 | 000,761,504 | R--- | M] (Telstra Corporation Limited)
O33 - MountPoints2\{a7440eb6-20a6-11dc-8099-0015c5238833}\Shell - "" = AutoRun
O33 - MountPoints2\{a7440eb6-20a6-11dc-8099-0015c5238833}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8d92c77-d6c2-11dd-82d8-0015c5238833}\Shell - "" = AutoRun
O33 - MountPoints2\{d8d92c77-d6c2-11dd-82d8-0015c5238833}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8d92c77-d6c2-11dd-82d8-0015c5238833}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found
NetSvcs: TCPIP Pass-through Filter - File not found

Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\Iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\Ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - C:\WINDOWS\System32\mcmjpg32.dll (MainConcept)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\Mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MP43 - C:\WINDOWS\System32\Mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\Mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17465059307421696)

========== Files/Folders - Created Within 90 Days ==========

[2010/08/13 08:10:58 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\OTL.exe
[2010/08/12 15:26:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\relocation
[2010/08/12 06:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2010/08/11 09:00:09 | 000,036,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2010/08/11 00:31:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Downloaded Installations
[2010/08/11 00:30:42 | 000,217,136 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symtdi.sys
[2010/08/11 00:30:41 | 000,048,688 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symndisv.sys
[2010/08/11 00:30:41 | 000,036,400 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symndis.sys
[2010/08/11 00:30:40 | 000,089,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symfw.sys
[2010/08/11 00:30:40 | 000,033,072 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symids.sys
[2010/08/11 00:30:38 | 000,310,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.sys
[2010/08/11 00:30:37 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.sys
[2010/08/11 00:30:36 | 000,308,272 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.sys
[2010/08/11 00:30:34 | 000,482,432 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\cchpx86.sys
[2010/08/11 00:30:33 | 000,259,632 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.sys
[2010/08/11 00:27:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0308000.029
[2010/08/10 21:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/08/10 21:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/08/10 21:30:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/08/10 19:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\SUPERAntiSpyware.com
[2010/08/10 19:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/08/10 19:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/08/10 19:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\Symantec
[2010/08/10 19:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/08/10 18:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Telstra
[2010/08/10 17:01:33 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Spurta\Desktop\WinsockxpFix.exe
[2010/08/10 16:22:43 | 000,000,000 | ---D | C] -- C:\UBCD4Win
[2010/08/08 10:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\Symantec
[2010/08/08 10:56:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2010/08/08 10:56:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\Downloaded Installations
[2010/08/08 10:55:31 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/08/08 10:55:30 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/08/08 10:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/08/08 10:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/08/08 10:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/08/08 10:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/08/08 10:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360 Premier Edition
[2010/08/08 10:54:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/08/07 23:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/08/07 23:21:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/08/05 19:39:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/08/05 14:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Desktop\Malwarebytes.Anti-Malware.v1.31.Multilingual.WinAll.Incl.Keygen-CRD
[2010/08/05 12:59:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Spurta\Recent
[2010/08/05 11:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\mvrtgwcfn
[2010/08/02 21:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\Vso
[2010/08/01 18:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}
[2010/07/29 12:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\SysEng
[2010/07/21 19:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\eComm
[2010/07/20 14:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Desktop\Images
[2010/07/17 22:58:56 | 000,552,960 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/07/17 22:57:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/14 15:27:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D}
[2010/07/14 15:25:58 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2010/07/14 15:25:55 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2010/07/14 15:25:55 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2010/07/01 12:22:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Application Data
[2010/07/01 12:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\V1 Home 2.0
[2010/06/23 13:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\Recordpad
[2010/06/23 13:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\Recordpad
[2010/06/22 14:35:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/06/22 14:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010/06/22 14:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2010/06/22 14:34:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\NCH Swift Sound
[2010/06/22 13:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/22 13:29:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/22 13:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/06/21 18:07:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\Lezek
[2010/06/17 17:26:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\Facebook
[2010/05/24 20:44:32 | 000,000,000 | ---D | C] -- C:\Program Files\National Instruments
[2010/05/24 20:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2010/05/24 20:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\data
[2010/05/24 20:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\National Instruments
[2010/05/24 20:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Desktop\Deano
[2010/05/18 21:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\Ovi
[2 C:\Documents and Settings\Spurta\My Documents\*.tmp files -> C:\Documents and Settings\Spurta\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/13 08:11:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\OTL.exe
[2010/08/13 08:00:00 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/08/12 09:01:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/12 08:39:10 | 001,156,474 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\Cat.DB
[2010/08/12 08:38:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/12 08:38:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/12 08:38:38 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/12 08:36:47 | 015,204,352 | ---- | M] () -- C:\Documents and Settings\Spurta\ntuser.dat
[2010/08/12 08:36:47 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Spurta\ntuser.ini
[2010/08/11 11:31:00 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\Microsoft Office Word 2003.lnk
[2010/08/11 08:57:41 | 000,002,076 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360 Premier Edition.LNK
[2010/08/11 00:30:48 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/08/11 00:30:48 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/08/11 00:30:48 | 000,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/08/11 00:30:48 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/08/11 00:27:38 | 000,001,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNetV.inf
[2010/08/11 00:27:38 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\isolate.ini
[2010/08/11 00:27:36 | 000,009,412 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\symnetv.cat
[2010/08/10 23:49:16 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/10 19:56:55 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/10 17:25:00 | 000,000,856 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/10 17:25:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/10 17:25:00 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2010/08/10 16:48:08 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Spurta\Desktop\WinsockxpFix.exe
[2010/08/10 16:25:10 | 000,001,241 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\UBCD4Win.lnk
[2010/08/10 10:13:26 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/08/10 10:13:25 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/09 12:35:06 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\Shortcut to 20100808-003-v5i32.lnk
[2010/08/09 12:11:41 | 000,003,666 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100809_121134.reg
[2010/08/08 17:36:55 | 078,643,200 | -HS- | M] () -- C:\NRTPage.sys
[2010/08/05 15:02:16 | 000,059,664 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\mbam-clean.exe
[2010/08/05 14:53:17 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2010/08/05 14:21:28 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\iExplorer.exe.com
[2010/08/05 11:26:47 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\swxtu.dll
[2010/08/05 08:10:40 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Vlico.dat
[2010/08/05 08:10:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Ffuxafiyaci.bin
[2010/08/02 21:04:48 | 000,138,281 | ---- | M] () -- C:\Documents and Settings\Spurta\Application Data\vso_ts_preview.xml
[2010/08/01 14:49:46 | 000,010,752 | ---- | M] () -- C:\WINDOWS\DCEBoot.exe
[2010/07/29 13:54:10 | 000,088,576 | ---- | M] () -- C:\Documents and Settings\Spurta\Copy of Entire Degree Assessment Results WAM Calculator.xls
[2010/07/26 18:39:37 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/07/23 12:12:24 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TexMakerX.lnk
[2010/07/21 11:03:56 | 000,257,536 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\ADS_temp.doc
[2010/07/21 09:22:49 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Spurta\My Documents\~$S_temp.doc
[2010/07/20 15:43:25 | 000,020,469 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\wristReferral.pdf
[2010/07/20 12:51:42 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\timetable Session2-2010.xls
[2010/07/17 21:09:33 | 000,074,916 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\Tiger Airways _ Itinerary.pdf
[2010/07/14 15:25:58 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2010/07/14 15:25:55 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2010/07/14 15:25:55 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2010/07/14 15:22:56 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Spurta\Application Data\avdrn.dat
[2010/07/04 22:44:04 | 000,552,960 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[2010/07/03 19:54:16 | 001,820,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/02 14:09:37 | 000,193,064 | ---- | M] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/01 12:24:28 | 000,011,684 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100701_121341.reg
[2010/07/01 12:20:25 | 000,001,655 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\V1 Home 2.0.lnk
[2010/06/27 10:51:11 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2010/06/27 10:51:11 | 000,000,004 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2010/06/22 13:32:30 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/22 13:26:48 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/06/15 12:45:51 | 000,027,210 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\BigpondModemChat15Jun10.pdf
[2010/06/04 19:20:47 | 000,281,600 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\Mday.pub
[2010/06/04 17:38:07 | 000,141,012 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\rubyDeans.pdf
[2010/05/30 18:07:36 | 000,063,546 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\aaronRubyDeans_3.pdf
[2010/05/28 11:42:51 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\Spurta\Application Data\AutoGK.ini
[2 C:\Documents and Settings\Spurta\My Documents\*.tmp files -> C:\Documents and Settings\Spurta\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/11 09:01:04 | 001,156,474 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\Cat.DB
[2010/08/11 00:30:42 | 000,001,561 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNet.inf
[2010/08/11 00:30:41 | 000,009,402 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNet.cat
[2010/08/11 00:30:38 | 000,007,431 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.cat
[2010/08/11 00:30:38 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.inf
[2010/08/11 00:30:37 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.inf
[2010/08/11 00:30:36 | 000,007,429 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.cat
[2010/08/11 00:30:36 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.inf
[2010/08/11 00:30:35 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.cat
[2010/08/11 00:30:34 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\ccHPx86.cat
[2010/08/11 00:30:34 | 000,001,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\ccHPx86.inf
[2010/08/11 00:30:33 | 000,007,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.CAT
[2010/08/11 00:30:33 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.inf
[2010/08/11 00:27:38 | 000,001,562 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNetV.inf
[2010/08/11 00:27:38 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\isolate.ini
[2010/08/11 00:27:36 | 000,009,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\symnetv.cat
[2010/08/10 19:56:55 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/10 16:46:34 | 1063,714,816 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/10 16:25:10 | 000,001,241 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\UBCD4Win.lnk
[2010/08/09 12:35:06 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\Shortcut to 20100808-003-v5i32.lnk
[2010/08/09 12:11:37 | 000,003,666 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100809_121134.reg
[2010/08/08 17:36:55 | 078,643,200 | -HS- | C] () -- C:\NRTPage.sys
[2010/08/08 10:55:30 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/08/08 10:55:30 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/08/08 10:55:12 | 000,002,076 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360 Premier Edition.LNK
[2010/08/05 18:44:17 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\gmer.exe
[2010/08/05 15:02:36 | 000,059,664 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\mbam-clean.exe
[2010/08/05 14:25:42 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\iExplorer.exe.com
[2010/08/05 11:26:47 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\swxtu.dll
[2010/07/21 09:22:49 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Spurta\My Documents\~$S_temp.doc
[2010/07/21 09:22:48 | 000,257,536 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\ADS_temp.doc
[2010/07/20 15:43:25 | 000,020,469 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\wristReferral.pdf
[2010/07/20 12:46:05 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\timetable Session2-2010.xls
[2010/07/17 21:09:33 | 000,074,916 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\Tiger Airways _ Itinerary.pdf
[2010/07/17 11:41:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ffuxafiyaci.bin
[2010/07/17 11:41:07 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Vlico.dat
[2010/07/14 15:22:56 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\avdrn.dat
[2010/07/01 12:24:17 | 000,011,684 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100701_121341.reg
[2010/07/01 12:20:25 | 000,001,655 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\V1 Home 2.0.lnk
[2010/06/22 13:30:40 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/22 13:26:48 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/06/15 12:45:51 | 000,027,210 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\BigpondModemChat15Jun10.pdf
[2010/06/04 17:38:06 | 000,141,012 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\rubyDeans.pdf
[2010/05/30 18:07:36 | 000,063,546 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\aaronRubyDeans_3.pdf
[2009/01/26 07:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/09 09:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/12/22 13:44:13 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/11/24 17:20:31 | 000,009,279 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini
[2008/11/24 17:20:31 | 000,008,913 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini
[2008/11/24 17:20:31 | 000,008,157 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini
[2008/11/24 17:20:31 | 000,007,454 | ---- | C] () -- C:\WINDOWS\Disktool.INI
[2008/11/24 17:20:31 | 000,003,677 | ---- | C] () -- C:\WINDOWS\SoundCon.INI
[2008/11/24 17:20:31 | 000,000,170 | ---- | C] () -- C:\WINDOWS\settings.ini
[2008/07/07 17:04:58 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2008/06/18 13:59:56 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/01/26 23:25:10 | 000,002,691 | ---- | C] () -- C:\WINDOWS\System32\CCProxy.ini
[2008/01/26 23:25:10 | 000,000,087 | ---- | C] () -- C:\WINDOWS\System32\AccInfo.ini
[2007/11/14 08:15:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2007/10/13 17:47:29 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys
[2007/09/02 09:30:56 | 000,000,146 | ---- | C] () -- C:\WINDOWS\Capture.INI
[2007/07/31 19:00:37 | 000,006,583 | ---- | C] () -- C:\WINDOWS\PSPICEEV.INI
[2007/07/31 19:00:28 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\ltfil60n.dll
[2007/07/31 19:00:28 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwpg60n.dll
[2007/07/31 19:00:27 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwmf60n.dll
[2007/07/31 19:00:26 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\lftif60n.dll
[2007/07/31 19:00:26 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\lftga60n.dll
[2007/07/31 19:00:25 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lfpsd60n.dll
[2007/07/31 19:00:24 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\lfpng60n.dll
[2007/07/31 19:00:24 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\lfpcx60n.dll
[2007/07/31 19:00:23 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfpct60n.dll
[2007/07/31 19:00:23 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\lfmsp60n.dll
[2007/07/31 19:00:22 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\lffax60n.dll
[2007/07/31 19:00:22 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\lfmac60n.dll
[2007/07/31 19:00:21 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\lfcmp60n.dll
[2007/07/31 19:00:21 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfeps60n.dll
[2007/07/31 19:00:21 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\lfbmp60n.dll
[2007/07/31 19:00:19 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2007/06/21 13:38:39 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/06/10 18:12:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/03/27 20:19:36 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007/03/27 19:58:56 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/02/18 10:50:38 | 000,000,099 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2007/02/02 19:07:23 | 000,000,283 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2006/11/28 10:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\cvintdrv.sys
[2006/09/24 15:28:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/07 19:27:57 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/08/20 21:14:09 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/14 22:28:12 | 000,000,443 | R--- | C] () -- C:\WINDOWS\hpw0460k.ini
[2006/08/14 22:27:26 | 000,000,426 | ---- | C] () -- C:\WINDOWS\hpdj460.ini
[2006/08/14 22:26:36 | 000,001,564 | ---- | C] () -- C:\WINDOWS\mariner.ini
[2006/08/14 22:26:29 | 000,000,606 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2006/08/03 21:50:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/03 21:40:30 | 000,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/08/03 21:01:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/08/03 20:58:02 | 000,000,435 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/07/12 13:46:20 | 000,000,244 | ---- | C] () -- C:\WINDOWS\System32\nirpc.ini
[2006/05/24 20:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/08/16 06:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 12:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/02/17 14:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 14:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/16 08:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/07/07 02:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2007/06/07 21:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/02/08 08:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Altium2004
[2008/09/08 11:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AltiumDesigner6
[2009/03/25 22:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AltiumDesigner6_Security
[2010/02/08 09:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AltiumDesignerSummer08
[2009/04/02 13:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AltiumDesignerSummer08_Security
[2007/10/30 16:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2007/06/19 18:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7(2)
[2009/08/18 13:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2009/07/10 18:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2008/02/03 13:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2008/07/16 11:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments
[2010/07/02 14:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/04/16 07:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/08/18 14:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OfficeRecovery
[2010/03/10 20:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2009/08/18 13:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/04/16 07:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/11/20 16:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2010/03/07 17:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2006/08/12 14:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2008/07/03 19:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/03/02 18:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/07/03 13:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2008/08/14 22:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2007/10/04 20:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/06/22 13:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/15 12:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/08/11 00:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2010/02/24 21:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\AnvSoft
[2009/11/26 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\benibela
[2007/02/22 14:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\BitTorrent
[2009/07/10 18:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\DAEMON Tools Lite
[2007/03/20 10:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Dele
[2010/06/17 17:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Facebook
[2007/12/09 09:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Image Zone Express
[2006/08/09 17:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Leadertech
[2010/06/21 18:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Lezek
[2007/08/11 21:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\MSNInstaller
[2010/07/02 14:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\NCH Swift Sound
[2006/08/12 14:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\NetMedia Providers
[2010/04/16 07:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Nokia
[2010/04/16 07:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Nokia Ovi Suite
[2010/04/16 07:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\PC Suite
[2006/08/12 14:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Publish Providers
[2008/05/28 19:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Qomae
[2010/06/23 13:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Recordpad
[2006/08/12 14:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Sony
[2006/08/10 19:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Template
[2008/03/02 18:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\TuneUp Software
[2008/07/03 13:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Ubisoft
[2008/08/15 20:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Ulead Systems
[2010/08/02 21:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Vso
[2009/09/02 21:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\xm1
[2007/05/10 04:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Ytuw
[2010/08/13 08:00:00 | 000,000,488 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/05/06 13:57:52 | 000,001,024 | ---- | M] () -- C:\.rnd
[2007/07/02 23:30:07 | 000,115,638 | ---- | M] () -- C:\1.bmp
[2007/08/23 10:57:35 | 000,000,109 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/10 17:25:00 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2005/08/16 06:43:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006/08/03 21:12:44 | 000,005,600 | RH-- | M] () -- C:\dell.sdr
[2009/10/21 16:47:08 | 000,021,620 | ---- | M] () -- C:\empsiklasttrace.xml
[2009/08/18 14:13:10 | 000,000,000 | ---- | M] () -- C:\FileRecovery.log
[2010/08/12 08:38:38 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2006/08/12 09:34:15 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2005/08/16 06:43:04 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2006/08/03 21:37:04 | 000,000,304 | -H-- | M] () -- C:\IPH.PH
[2010/03/01 10:29:01 | 156,041,735 | ---- | M] () -- C:\log_fs.log
[2005/08/16 06:43:04 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2010/08/08 17:36:55 | 078,643,200 | -HS- | M] () -- C:\NRTPage.sys
[2004/08/10 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006/08/03 21:27:28 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/12 09:50:28 | 000,129,556 | ---- | M] () -- C:\OTL.Txt
[2010/07/04 22:44:04 | 000,552,960 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[2010/08/12 08:38:37 | 2157,969,408 | -HS- | M] () -- C:\pagefile.sys
[2010/08/10 14:47:53 | 000,000,379 | ---- | M] () -- C:\rkill.log
[2008/04/18 17:57:41 | 000,000,000 | ---- | M] () -- C:\Settings.ini
[2007/02/21 11:45:57 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2007/02/21 12:48:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2007/02/22 11:05:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2007/02/22 12:55:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2007/02/24 17:04:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2007/02/26 05:17:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2007/02/28 21:04:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2007/03/02 19:03:52 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2007/03/08 18:12:20 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2007/03/11 21:51:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2007/03/12 13:10:00 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2007/03/12 13:32:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2007/03/15 08:19:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2007/03/15 20:38:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2007/03/16 06:00:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2007/03/16 13:50:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2007/02/21 11:45:57 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2007/02/21 12:48:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2007/02/22 11:05:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2007/02/22 12:55:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2007/02/24 17:04:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2007/02/26 05:17:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2007/02/28 21:04:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2007/03/02 19:03:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2007/03/08 18:12:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2007/03/11 21:51:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2007/03/12 13:10:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2007/03/12 13:32:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2007/03/15 08:19:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2007/03/15 20:38:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2007/03/16 06:00:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2007/03/16 13:50:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2005/11/01 01:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[2007/08/17 19:42:21 | 000,005,632 | -HS- | M] () -- C:\Thumbs.db

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2005/08/16 06:42:12 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/04/10 13:02:32 | 000,074,240 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp054.dll
[2005/05/10 16:14:32 | 000,067,072 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp3xt.dll
[2005/05/10 16:14:32 | 000,067,072 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp3xt.dll.1
[2005/05/05 08:48:54 | 000,067,072 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp3xu.dll
[2003/06/18 17:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2007/02/02 18:38:56 | 000,001,746 | -H-- | M] () -- C:\Documents and Settings\Spurta\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2008/02/29 21:26:24 | 000,000,038 | ---- | M] () -- C:\Program Files\ITK-Scope.aliases
[2008/02/29 21:26:24 | 000,262,144 | ---- | M] (Peter Pazmany Catholic University - Robotics Lab) -- C:\Program Files\ITK-Scope.exe
[2008/02/29 21:26:24 | 000,002,095 | ---- | M] () -- C:\Program Files\ITK-Scope.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005/08/16 06:27:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/08/16 06:27:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/08/16 06:27:08 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-15 01:31:26

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C980DA7D
< End of report >


OTL Extras logfile created on: 8/13/2010 8:12:51 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Spurta\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 307.00 Mb Available Physical Memory | 30.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): C:\pagefile.sys 2058 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.44 Gb Total Space | 1.32 Gb Free Space | 1.93% Space Free | Partition Type: NTFS
Drive D: | 119.43 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPURTALAPTOP
Current User Name: Spurta
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"10421:UDP" = 10421:UDP:*:Enabled:SingleClick Discovery Protocol
"10426:UDP" = 10426:UDP:*:Enabled:SingleClick ICC
"23913:TCP" = 23913:TCP:*:Enabled:BitComet 23913 TCP
"23913:UDP" = 23913:UDP:*:Enabled:BitComet 23913 UDP
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"8809:TCP" = 8809:TCP:*:Enabled:BitComet 8809 TCP
"8809:UDP" = 8809:UDP:*:Enabled:BitComet 8809 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe" = C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant -- File not found
"C:\Program Files\Limewire\LimeWire.exe" = C:\Program Files\Limewire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\TVUPlayer\TVUPlayer.exe" = C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVU Player Component -- (TVU Networks)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Documents and Settings\Spurta\Application Data\SopCast\adv\SopAdver.exe" = C:\Documents and Settings\Spurta\Application Data\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- File not found
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- File not found
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- File not found
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\DOCUME~1\Spurta\LOCALS~1\Temp\win1B5.tmp.exe" = C:\DOCUME~1\Spurta\LOCALS~1\Temp\win1B5.tmp.exe:*:Enabled:win1B5.tmp -- File not found
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files\Altium Designer 6\DXP.exe" = C:\Program Files\Altium Designer 6\DXP.exe:*:Enabled:DXP -- File not found
"C:\MATLAB7\bin\win32\MATLAB.exe" = C:\MATLAB7\bin\win32\MATLAB.exe:*:Enabled:MATLAB -- File not found
"C:\Program Files\itunes\iTunes.exe" = C:\Program Files\itunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24B0A07B-FD7E-4AFE-8899-558ADAA83DA1}" = ITK-Scope
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{24FCAB62-B69D-4AD0-AB79-A354EBF945F4}" = NI Logos 4.7
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2E278B2F-BD60-416B-8C75-DB5DD9E69B9D}" = NI MDF Support
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{32A3A4F4-B792-11D6-A78A-00B0D0150060}" = J2SE Development Kit 5.0 Update 6
"{34EBE2B1-2CF5-4313-968D-8D1053ED5D46}" = NI EULA Depot
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine
"{3A316611-45D1-429C-AA26-B71259C44689}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{433A39B0-380C-4634-93FE-12A812954F5B}" = BigPond Broadband ADSL
"{47D2D455-2C1C-4922-A520-3E3466D783E1}" = Sony Media Manager 2.0
"{481C9A00-91AC-4065-870C-BD4E28186E5A}" = PC Connectivity Solution
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4EC8B911-98AB-4819-B5EE-D32E8A0A8AAA}_is1" = DVDx 2
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AEAAD06-A655-457C-957B-69EE5E3E759A}" = NI Uninstaller
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 3.68
"{79C4FD8D-2C18-48AC-8376-C25B1D0EA970}" = NI TDMS
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9FB8CAC0-CCF6-47C9-8EDE-3AC69FD61033}" = Nero 7 Premium
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A35883BD-9C83-4625-82F3-90F86728C662}" = FreeUndelete
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}" = PixiePack Codec Pack
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E2D7C174-7D57-4B86-AD25-DFB23780F825}" = NI Service Locator
"{E337B156-DF81-48D8-8977-B1574EE87BCF}" = USB2.0 Capture Device
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E75594A0-B088-4635-B4F6-99654B5DDF96}" = V1 Home 2.0
"{F286B56D-21D8-4E36-9F30-D138435C437F}" = NI LabVIEW Run-Time Engine 8.2.1
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"0D5BC5DD5940677F9B5623C12951388F5EF72436" = Windows Driver Package - NETGEAR Inc. (RTLWUSB) Net (02/07/2007 5.1283.0207.2007)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"54C387968987D0308E3C2F0A5D723BC3CB8926B9" = Windows Driver Package - 2Wire (2WIREPCP) Net (09/18/2002 1.4.0.5)
"84261EAEDFA5240ACFFEDFB145134E295B649795" = Windows Driver Package - Thomson (USB_RNDIS) Net (02/16/2004 1.0.0.3)
"8ABEA6D4578549FADD34471076DFC5C22976C6D9" = Windows Driver Package - Atheros (arusb(Atheros)) Net (09/23/2008 3.0.0.131)
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.0 Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AFPL Ghostscript 8.13" = AFPL Ghostscript 8.13
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"America Online au" = AOL Australia
"Any Video Converter_is1" = Any Video Converter 3.0.3
"AnyDVD" = AnyDVD
"Aspell" = Aspell Data
"Aspell English Dictionary_is1" = Aspell English Dictionary-0.50-2
"Aspell6-Dictionary-en" = Aspell 0.6 Dictionary (Language: en)
"AutoGK" = Auto Gordian Knot 2.55
"AviSynth" = AviSynth 2.5
"BitComet" = BitComet 0.84
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"DRM7Tool" = Personal License Update Wizard for Windows Media Player
"DVD Shrink_is1" = DVD Shrink 3.2
"EDE780BB5DCF2C3476C105BAE4CC1175516E9173" = Windows Driver Package - NETGEAR (W8335XP) Net (02/22/2005 3.1.1.7)
"ExpressRip" = Express Rip
"GNU Aspell_is1" = GNU Aspell 0.50-3
"GSview 4.6" = GSview 4.6
"Indeo® software" = Indeo® software
"InstallShield_{E75594A0-B088-4635-B4F6-99654B5DDF96}" = V1 Home 2.0
"Logitech Eyetoy Webcam" = Logitech Eyetoy Webcam
"MatlabR2008b" = MATLAB R2008b
"MicroSimDeinstKey" = MicroSim EVAL 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MiKTeX 2.8" = MiKTeX 2.8
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"N360" = Norton 360 Premier Edition
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NI Uninstaller" = National Instruments Software
"Nokia Ovi Suite" = Nokia Ovi Suite
"PSpice Student" = PSpice Student 9.1
"RealPlayer 6.0" = RealPlayer
"SDvdCopy" = Super DVD Copy (remove only)
"SopCast" = SopCast 1.1.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Texmaker" = Texmaker
"TexMakerX_is1" = TexMakerX 1.9.9a
"TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1
"TVUPlayer" = TVUPlayer 2.3.2.19
"UBCD4Win_is1" = UBCD4Win 3.60
"Veetle TV" = Veetle TV 0.9.17
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"VLC media player" = VLC media player 1.0.1
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WinCupl" = WinCupl
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 3.8.2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio (2.4.0) Trial Version
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.1.2 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"WinPop" = WinPop

========== Last 10 Event Log Errors ==========

[ System Events ]
Error - 8/11/2010 6:47:14 PM | Computer Name = SPURTALAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service winmgmt with
arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error - 8/11/2010 6:47:25 PM | Computer Name = SPURTALAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%231" attempting to start the service winmgmt with
arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error - 8/11/2010 6:47:30 PM | Computer Name = SPURTALAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%231" attempting to start the service winmgmt with
arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error - 8/11/2010 6:49:31 PM | Computer Name = SPURTALAPTOP | Source = DCOM | ID = 10010
Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register
with DCOM within the required timeout.

Error - 8/11/2010 6:51:31 PM | Computer Name = SPURTALAPTOP | Source = DCOM | ID = 10010
Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register
with DCOM within the required timeout.

Error - 8/11/2010 6:53:32 PM | Computer Name = SPURTALAPTOP | Source = DCOM | ID = 10010
Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register
with DCOM within the required timeout.

Error - 8/11/2010 6:55:33 PM | Computer Name = SPURTALAPTOP | Source = DCOM | ID = 10010
Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register
with DCOM within the required timeout.

Error - 8/11/2010 6:57:33 PM | Computer Name = SPURTALAPTOP | Source = DCOM | ID = 10010
Description = The server {C49E32C6-BC8B-11D2-85D4-00105A1F8304} did not register
with DCOM within the required timeout.

Error - 8/11/2010 6:59:33 PM | Computer Name = SPURTALAPTOP | Source = DCOM | ID = 10010
Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register
with DCOM within the required timeout.

Error - 8/11/2010 7:01:18 PM | Computer Name = SPURTALAPTOP | Source = Service Control Manager | ID = 7000
Description = The Acronis Scheduler2 Service service failed to start due to the
following error: %%3


< End of report >
  • 0

#10
MariaCristina
Posted 14 August 2010 - 01:16 PM

MariaCristina

    Visiting Staff

  • Visiting Consultant
  • 277 posts
Hello, spurta.

Your computer is infected and I can try to help you to remove the malwares, but I see that the free disk space is well below the recommended, and the Master File Table may become corrupted at any time, which will prevent your system from functioning.

To remove the malware we will need to run some tools that will occupy a temporary disk space, and in doing so, the chance of corrupting your system will be enormous.

Backup your files and folders, such as photos, videos and music, and delete them. Be sure to leave at least 10 gb of free space, so we can continue.

TFC - Temp File Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more

Download TFC, by Oldtimer and save it into your desktop.

Close ALL programs and run TFC.
Click the Start button and wait. Your desktop will disappear, do not worry, this is part of the process.

Be patient, as the amount of data to be deleted, the process may take more than 2 minutes.

When finished, you will be prompted to restart your computer. RESTART.


After doing this, please repeat the instructions in my last post to generate a new log from OTL.exe and paste it into your next reply. This time the Extras.txt will not be generated.

Edit: typo
:)

Edited by MariaCristina, 14 August 2010 - 01:40 PM.

  • 0

Advertisements

#11
spurta
Posted 14 August 2010 - 08:44 PM

spurta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Maria,


OTL logfile created on: 8/15/2010 12:33:56 PM - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Spurta\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 425.00 Mb Available Physical Memory | 42.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 2058 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.44 Gb Total Space | 13.96 Gb Free Space | 20.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SPURTALAPTOP
Current User Name: Spurta
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/13 08:11:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\OTL.exe
PRC - [2010/07/20 03:50:45 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/01/21 12:35:49 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2008/05/19 18:59:30 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2007/06/13 20:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 22:46:20 | 000,624,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2006/10/31 13:21:58 | 000,200,704 | ---- | M] (National Instruments, Inc.) -- C:\Program Files\Common Files\National Instruments\Security\nidmsrv.exe
PRC - [2006/10/31 13:21:52 | 000,057,344 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\system32\lktsrv.exe
PRC - [2006/10/31 13:21:44 | 000,049,152 | ---- | M] (National Instruments, Inc.) -- C:\WINDOWS\system32\lkads.exe
PRC - [2006/09/28 19:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/24 20:28:28 | 000,622,653 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/05/24 20:27:10 | 001,372,244 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/05/23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\system32\StkASv2K.exe
PRC - [2006/04/06 16:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/24 18:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/03/03 20:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006/02/06 15:46:42 | 000,049,152 | ---- | M] (National Instruments Corp.) -- C:\WINDOWS\system32\nisvcloc.exe
PRC - [2005/04/02 03:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
PRC - [2003/10/29 04:06:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2002/05/10 14:50:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/08/13 08:11:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\OTL.exe
MOD - [2010/01/21 12:35:45 | 000,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\asOEHook.dll
MOD - [2006/08/26 01:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/10 07:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (WinServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\OpcEnum.exe -- (OpcEnum)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/01/26 11:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/01/21 12:35:49 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2008/05/19 18:59:30 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/03/02 18:39:35 | 000,307,968 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008/02/27 12:15:14 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006/10/31 13:21:58 | 000,200,704 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Program Files\Common Files\National Instruments\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2006/10/31 13:21:52 | 000,057,344 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\WINDOWS\system32\lktsrv.exe -- (lkTimeSync)
SRV - [2006/10/31 13:21:44 | 000,049,152 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\WINDOWS\system32\lkads.exe -- (lkClassAds)
SRV - [2006/09/28 19:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/08/02 12:53:40 | 000,688,190 | ---- | M] (National Instruments, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\lkcitdl.exe -- (LkCitadelServer)
SRV - [2006/05/23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv)
SRV - [2006/04/06 16:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/03/03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/02/06 15:46:42 | 000,049,152 | ---- | M] (National Instruments Corp.) [Auto | Running] -- C:\WINDOWS\System32\nisvcloc.exe -- (niSvcLoc)
SRV - [2005/04/02 03:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- (StarWindService)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
SRV - [2002/05/10 14:50:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\NETw3x32.sys -- (NETw3x32) Intel®
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lmimirr.sys -- (lmimirr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ATHFMWDL.sys -- (ATHFMWDL)
DRV - [2010/08/11 00:30:48 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/08/09 19:57:34 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100814.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/08/09 19:57:34 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100814.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/08/08 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/08/08 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/07/14 15:25:58 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV - [2010/07/06 03:15:40 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100813.004\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/11 04:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/23 02:53:20 | 000,104,768 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/02/18 04:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/21 13:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/01/21 12:35:49 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)
DRV - [2010/01/21 12:35:49 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2010/01/21 12:35:49 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/01/21 12:35:49 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/21 12:35:49 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/21 12:35:49 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/01/21 12:35:49 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/01/21 12:35:49 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2010/01/21 12:35:49 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS -- (SYMIDS)
DRV - [2010/01/21 12:35:30 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/01/21 12:35:30 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010/01/02 03:20:34 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009/12/30 10:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/12/30 10:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/12/30 10:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/12/30 10:25:12 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/12/30 10:25:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/07/10 17:51:34 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/01/23 08:49:08 | 000,037,664 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2008/08/26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/10/03 15:35:52 | 000,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)
DRV - [2007/01/30 12:12:06 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/28 10:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\cvintdrv.sys -- (cvintdrv)
DRV - [2006/11/15 17:32:44 | 000,242,139 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006/06/27 18:27:18 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan)
DRV - [2006/05/24 20:07:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 20:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 20:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 20:01:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 20:01:22 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 20:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 19:58:18 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 19:57:00 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/03/24 18:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 13:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/12/04 11:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/10/14 10:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 10:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 10:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 19:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/21 22:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/21 22:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/21 22:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/06 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 03:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 03:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 03:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 03:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 05:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 04:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/12 19:45:54 | 000,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/10 07:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/08/10 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/04 01:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/04 01:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 22:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/07/14 13:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 13:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/02/13 11:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2003/12/16 18:13:02 | 000,034,297 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2003/10/15 17:52:50 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ov519vid.sys -- (ovt519)
DRV - [2002/02/05 18:30:42 | 000,028,396 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.ap.dell....c=au&l=en&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default = 89 AB 11 92 17 1A 5A 43 9A 46 30 38 72 B4 0C F9 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://osa.adfa.edu...change&reason=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.22
FF - prefs.js..extensions.enabledItems: {CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D}:1.9.1
FF - prefs.js..network.proxy.autoconfig_url: "http://www.unsw.adfa...u.au/proxy.pac"
FF - prefs.js..network.proxy.http: "harvest.adfa.edu.au"
FF - prefs.js..network.proxy.http_port: 3128


FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/03/10 21:01:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D}: C:\Documents and Settings\Spurta\Local Settings\Application Data\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D} [2010/07/14 15:27:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}: C:\Documents and Settings\Spurta\Local Settings\Application Data\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}\ [2010/08/01 18:35:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/08/11 19:19:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/22 13:27:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/22 13:27:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/03/10 21:01:08 | 000,000,000 | ---D | M]

[2008/09/01 14:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Mozilla\Extensions
[2007/09/04 11:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Mozilla\Firefox\Profiles\gz3eafa1.default\extensions
[2010/08/15 11:12:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/01/06 10:23:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2006/06/07 14:40:18 | 000,027,376 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll
[2005/10/02 12:28:00 | 000,110,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll

O1 HOSTS File: ([2010/08/10 23:49:16 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {0C2A3A9F-68C8-4EAC-9434-EEF5524214B5} - Reg Error: Value error. File not found
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll (BitComet)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {9211AB89-1A17-435A-9A46-303872B40CF9} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {de20342d-e92d-4ce1-88ad-a1d28ccfd77e} - No CLSID value found.
O2 - BHO: (no name) - {F185509A-B864-4290-8702-7D0D5D7D2E66} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Spurta\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Spurta\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/23 10:57:35 | 000,000,109 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{16991694-140f-11dc-8088-0015c5238833}\Shell\AutoRun\command - "" = F:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a7440eb6-20a6-11dc-8099-0015c5238833}\Shell - "" = AutoRun
O33 - MountPoints2\{a7440eb6-20a6-11dc-8099-0015c5238833}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8d92c77-d6c2-11dd-82d8-0015c5238833}\Shell - "" = AutoRun
O33 - MountPoints2\{d8d92c77-d6c2-11dd-82d8-0015c5238833}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d8d92c77-d6c2-11dd-82d8-0015c5238833}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/15 10:18:52 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\TFC.exe
[2010/08/13 08:10:58 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\OTL.exe
[2010/08/12 15:26:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\relocation
[2010/08/12 06:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2010/08/11 09:00:09 | 000,036,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2010/08/11 00:31:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Downloaded Installations
[2010/08/11 00:30:42 | 000,217,136 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symtdi.sys
[2010/08/11 00:30:41 | 000,048,688 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symndisv.sys
[2010/08/11 00:30:41 | 000,036,400 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symndis.sys
[2010/08/11 00:30:40 | 000,089,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symfw.sys
[2010/08/11 00:30:40 | 000,033,072 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symids.sys
[2010/08/11 00:30:38 | 000,310,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.sys
[2010/08/11 00:30:37 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.sys
[2010/08/11 00:30:36 | 000,308,272 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.sys
[2010/08/11 00:30:34 | 000,482,432 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\cchpx86.sys
[2010/08/11 00:30:33 | 000,259,632 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.sys
[2010/08/11 00:27:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0308000.029
[2010/08/10 21:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/08/10 21:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/08/10 21:30:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/08/10 19:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\SUPERAntiSpyware.com
[2010/08/10 19:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/08/10 19:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/08/10 19:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\Symantec
[2010/08/10 19:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/08/10 18:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Telstra
[2010/08/10 17:01:33 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Spurta\Desktop\WinsockxpFix.exe
[2010/08/08 10:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\Symantec
[2010/08/08 10:56:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2010/08/08 10:56:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\Downloaded Installations
[2010/08/08 10:55:31 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/08/08 10:55:30 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/08/08 10:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/08/08 10:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/08/08 10:54:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/08/08 10:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/08/08 10:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360 Premier Edition
[2010/08/08 10:54:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/08/07 23:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/08/07 23:21:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/08/05 19:39:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/08/05 12:59:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Spurta\Recent
[2010/08/05 11:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\mvrtgwcfn
[2010/08/02 21:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\Vso
[2010/08/01 18:35:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}
[2010/07/29 12:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\SysEng
[2010/07/21 19:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\eComm
[2010/07/20 14:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Desktop\Images
[2010/07/17 22:58:56 | 000,552,960 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/07/17 22:57:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/14 15:27:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D}
[2010/07/14 15:25:58 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2010/07/14 15:25:55 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2010/07/14 15:25:55 | 000,100,880 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2010/07/01 12:22:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Application Data
[2010/07/01 12:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\V1 Home 2.0
[2010/06/23 13:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\Recordpad
[2010/06/23 13:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\Recordpad
[2010/06/22 14:35:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/06/22 14:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010/06/22 14:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2010/06/22 14:34:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\NCH Swift Sound
[2010/06/22 13:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/22 13:29:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/22 13:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/06/21 18:07:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\Lezek
[2010/06/17 17:26:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Application Data\Facebook
[2010/05/24 20:44:32 | 000,000,000 | ---D | C] -- C:\Program Files\National Instruments
[2010/05/24 20:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2010/05/24 20:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\data
[2010/05/24 20:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\National Instruments
[2010/05/18 21:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\My Documents\Ovi
[2 C:\Documents and Settings\Spurta\My Documents\*.tmp files -> C:\Documents and Settings\Spurta\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/15 12:00:00 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/08/15 11:48:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/15 11:12:13 | 001,156,474 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\Cat.DB
[2010/08/15 11:11:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/15 11:11:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/15 11:11:37 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/15 11:09:59 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Spurta\ntuser.ini
[2010/08/15 11:09:58 | 015,204,352 | ---- | M] () -- C:\Documents and Settings\Spurta\ntuser.dat
[2010/08/15 10:18:58 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\TFC.exe
[2010/08/13 08:11:06 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Spurta\Desktop\OTL.exe
[2010/08/11 11:31:00 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\Microsoft Office Word 2003.lnk
[2010/08/11 08:57:41 | 000,002,076 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360 Premier Edition.LNK
[2010/08/11 00:30:48 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/08/11 00:30:48 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/08/11 00:30:48 | 000,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/08/11 00:30:48 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/08/11 00:27:38 | 000,001,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNetV.inf
[2010/08/11 00:27:38 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\isolate.ini
[2010/08/11 00:27:36 | 000,009,412 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\symnetv.cat
[2010/08/10 23:49:16 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/10 19:56:55 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/10 17:25:00 | 000,000,856 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/10 17:25:00 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/10 17:25:00 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2010/08/10 16:48:08 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Spurta\Desktop\WinsockxpFix.exe
[2010/08/10 10:13:26 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/08/10 10:13:25 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/09 12:35:06 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\Shortcut to 20100808-003-v5i32.lnk
[2010/08/09 12:11:41 | 000,003,666 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100809_121134.reg
[2010/08/08 17:36:55 | 078,643,200 | -HS- | M] () -- C:\NRTPage.sys
[2010/08/05 15:02:16 | 000,059,664 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\mbam-clean.exe
[2010/08/05 14:53:17 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2010/08/05 14:21:28 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Spurta\Desktop\iExplorer.exe.com
[2010/08/05 11:26:47 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\swxtu.dll
[2010/08/05 08:10:40 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Vlico.dat
[2010/08/05 08:10:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Ffuxafiyaci.bin
[2010/08/02 21:04:48 | 000,138,281 | ---- | M] () -- C:\Documents and Settings\Spurta\Application Data\vso_ts_preview.xml
[2010/08/01 14:49:46 | 000,010,752 | ---- | M] () -- C:\WINDOWS\DCEBoot.exe
[2010/07/29 13:54:10 | 000,088,576 | ---- | M] () -- C:\Documents and Settings\Spurta\Copy of Entire Degree Assessment Results WAM Calculator.xls
[2010/07/26 18:39:37 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/07/23 12:12:24 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TexMakerX.lnk
[2010/07/21 11:03:56 | 000,257,536 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\ADS_temp.doc
[2010/07/21 09:22:49 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Spurta\My Documents\~$S_temp.doc
[2010/07/20 15:43:25 | 000,020,469 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\wristReferral.pdf
[2010/07/20 12:51:42 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\timetable Session2-2010.xls
[2010/07/17 21:09:33 | 000,074,916 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\Tiger Airways _ Itinerary.pdf
[2010/07/14 15:25:58 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2010/07/14 15:25:55 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2010/07/14 15:25:55 | 000,100,880 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\Packet.dll
[2010/07/14 15:22:56 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Spurta\Application Data\avdrn.dat
[2010/07/04 22:44:04 | 000,552,960 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
[2010/07/03 19:54:16 | 001,820,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/02 14:09:37 | 000,193,064 | ---- | M] () -- C:\Documents and Settings\Spurta\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/01 12:24:28 | 000,011,684 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100701_121341.reg
[2010/07/01 12:20:25 | 000,001,655 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\V1 Home 2.0.lnk
[2010/06/27 10:51:11 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2010/06/27 10:51:11 | 000,000,004 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2010/06/22 13:32:30 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/22 13:26:48 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/06/15 12:45:51 | 000,027,210 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\BigpondModemChat15Jun10.pdf
[2010/06/04 19:20:47 | 000,281,600 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\Mday.pub
[2010/06/04 17:38:07 | 000,141,012 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\rubyDeans.pdf
[2010/05/30 18:07:36 | 000,063,546 | ---- | M] () -- C:\Documents and Settings\Spurta\My Documents\aaronRubyDeans_3.pdf
[2010/05/28 11:42:51 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\Spurta\Application Data\AutoGK.ini
[2 C:\Documents and Settings\Spurta\My Documents\*.tmp files -> C:\Documents and Settings\Spurta\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/11 09:01:04 | 001,156,474 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\Cat.DB
[2010/08/11 00:30:42 | 000,001,561 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNet.inf
[2010/08/11 00:30:41 | 000,009,402 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNet.cat
[2010/08/11 00:30:38 | 000,007,431 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.cat
[2010/08/11 00:30:38 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.inf
[2010/08/11 00:30:37 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.inf
[2010/08/11 00:30:36 | 000,007,429 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.cat
[2010/08/11 00:30:36 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.inf
[2010/08/11 00:30:35 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.cat
[2010/08/11 00:30:34 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\ccHPx86.cat
[2010/08/11 00:30:34 | 000,001,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\ccHPx86.inf
[2010/08/11 00:30:33 | 000,007,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.CAT
[2010/08/11 00:30:33 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.inf
[2010/08/11 00:27:38 | 000,001,562 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNetV.inf
[2010/08/11 00:27:38 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\isolate.ini
[2010/08/11 00:27:36 | 000,009,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\symnetv.cat
[2010/08/10 19:56:55 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/10 16:46:34 | 1063,714,816 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/09 12:35:06 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\Shortcut to 20100808-003-v5i32.lnk
[2010/08/09 12:11:37 | 000,003,666 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100809_121134.reg
[2010/08/08 17:36:55 | 078,643,200 | -HS- | C] () -- C:\NRTPage.sys
[2010/08/08 10:55:30 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/08/08 10:55:30 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/08/08 10:55:12 | 000,002,076 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360 Premier Edition.LNK
[2010/08/05 18:44:17 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\gmer.exe
[2010/08/05 15:02:36 | 000,059,664 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\mbam-clean.exe
[2010/08/05 14:25:42 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Spurta\Desktop\iExplorer.exe.com
[2010/08/05 11:26:47 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\swxtu.dll
[2010/07/21 09:22:49 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Spurta\My Documents\~$S_temp.doc
[2010/07/21 09:22:48 | 000,257,536 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\ADS_temp.doc
[2010/07/20 15:43:25 | 000,020,469 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\wristReferral.pdf
[2010/07/20 12:46:05 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\timetable Session2-2010.xls
[2010/07/17 21:09:33 | 000,074,916 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\Tiger Airways _ Itinerary.pdf
[2010/07/17 11:41:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ffuxafiyaci.bin
[2010/07/17 11:41:07 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Vlico.dat
[2010/07/14 15:22:56 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Spurta\Application Data\avdrn.dat
[2010/07/01 12:24:17 | 000,011,684 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\cc_20100701_121341.reg
[2010/07/01 12:20:25 | 000,001,655 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\V1 Home 2.0.lnk
[2010/06/22 13:30:40 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/22 13:26:48 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/06/15 12:45:51 | 000,027,210 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\BigpondModemChat15Jun10.pdf
[2010/06/04 17:38:06 | 000,141,012 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\rubyDeans.pdf
[2010/05/30 18:07:36 | 000,063,546 | ---- | C] () -- C:\Documents and Settings\Spurta\My Documents\aaronRubyDeans_3.pdf
[2009/01/26 07:10:48 | 000,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/09 09:01:22 | 000,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/12/22 13:44:13 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/11/24 17:20:31 | 000,009,279 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini
[2008/11/24 17:20:31 | 000,008,913 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini
[2008/11/24 17:20:31 | 000,008,157 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini
[2008/11/24 17:20:31 | 000,007,454 | ---- | C] () -- C:\WINDOWS\Disktool.INI
[2008/11/24 17:20:31 | 000,003,677 | ---- | C] () -- C:\WINDOWS\SoundCon.INI
[2008/11/24 17:20:31 | 000,000,170 | ---- | C] () -- C:\WINDOWS\settings.ini
[2008/07/07 17:04:58 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2008/06/18 13:59:56 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/01/26 23:25:10 | 000,002,691 | ---- | C] () -- C:\WINDOWS\System32\CCProxy.ini
[2008/01/26 23:25:10 | 000,000,087 | ---- | C] () -- C:\WINDOWS\System32\AccInfo.ini
[2007/11/14 08:15:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2007/10/13 17:47:29 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys
[2007/09/02 09:30:56 | 000,000,146 | ---- | C] () -- C:\WINDOWS\Capture.INI
[2007/07/31 19:00:37 | 000,006,583 | ---- | C] () -- C:\WINDOWS\PSPICEEV.INI
[2007/07/31 19:00:28 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\ltfil60n.dll
[2007/07/31 19:00:28 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwpg60n.dll
[2007/07/31 19:00:27 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwmf60n.dll
[2007/07/31 19:00:26 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\lftif60n.dll
[2007/07/31 19:00:26 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\lftga60n.dll
[2007/07/31 19:00:25 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lfpsd60n.dll
[2007/07/31 19:00:24 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\lfpng60n.dll
[2007/07/31 19:00:24 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\lfpcx60n.dll
[2007/07/31 19:00:23 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfpct60n.dll
[2007/07/31 19:00:23 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\lfmsp60n.dll
[2007/07/31 19:00:22 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\lffax60n.dll
[2007/07/31 19:00:22 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\lfmac60n.dll
[2007/07/31 19:00:21 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\lfcmp60n.dll
[2007/07/31 19:00:21 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfeps60n.dll
[2007/07/31 19:00:21 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\lfbmp60n.dll
[2007/07/31 19:00:19 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2007/06/21 13:38:39 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/06/10 18:12:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/03/27 20:19:36 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007/03/27 19:58:56 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/02/18 10:50:38 | 000,000,099 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2007/02/02 19:07:23 | 000,000,283 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2006/11/28 10:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\cvintdrv.sys
[2006/09/24 15:28:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/07 19:27:57 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/08/20 21:14:09 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/14 22:28:12 | 000,000,443 | R--- | C] () -- C:\WINDOWS\hpw0460k.ini
[2006/08/14 22:27:26 | 000,000,426 | ---- | C] () -- C:\WINDOWS\hpdj460.ini
[2006/08/14 22:26:36 | 000,001,564 | ---- | C] () -- C:\WINDOWS\mariner.ini
[2006/08/14 22:26:29 | 000,000,606 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2006/08/03 21:50:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/03 21:40:30 | 000,000,136 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/08/03 21:01:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/08/03 20:58:02 | 000,000,435 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/07/12 13:46:20 | 000,000,244 | ---- | C] () -- C:\WINDOWS\System32\nirpc.ini
[2006/05/24 20:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/08/16 06:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 12:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/02/17 14:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 14:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/16 08:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001/11/14 15:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/07/07 02:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2007/06/07 21:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/02/08 08:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Altium2004
[2008/09/08 11:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AltiumDesigner6
[2009/03/25 22:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AltiumDesigner6_Security
[2010/02/08 09:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AltiumDesignerSummer08
[2009/04/02 13:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AltiumDesignerSummer08_Security
[2007/10/30 16:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2007/06/19 18:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7(2)
[2009/08/18 13:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2009/07/10 18:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2008/02/03 13:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2008/07/16 11:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments
[2010/07/02 14:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/04/16 07:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/08/18 14:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OfficeRecovery
[2010/03/10 20:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2009/08/18 13:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/04/16 07:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/11/20 16:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2010/03/07 17:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2006/08/12 14:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2008/07/03 19:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/03/02 18:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/07/03 13:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2008/08/14 22:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2007/10/04 20:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/06/22 13:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/15 12:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/08/11 00:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2010/02/24 21:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\AnvSoft
[2009/11/26 14:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\benibela
[2007/02/22 14:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\BitTorrent
[2009/07/10 18:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\DAEMON Tools Lite
[2007/03/20 10:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Dele
[2010/06/17 17:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Facebook
[2007/12/09 09:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Image Zone Express
[2006/08/09 17:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Leadertech
[2010/06/21 18:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Lezek
[2007/08/11 21:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\MSNInstaller
[2010/07/02 14:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\NCH Swift Sound
[2006/08/12 14:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\NetMedia Providers
[2010/04/16 07:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Nokia
[2010/04/16 07:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Nokia Ovi Suite
[2010/04/16 07:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\PC Suite
[2006/08/12 14:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Publish Providers
[2008/05/28 19:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Qomae
[2010/06/23 13:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Recordpad
[2006/08/12 14:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Sony
[2006/08/10 19:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Template
[2008/03/02 18:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\TuneUp Software
[2008/07/03 13:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Ubisoft
[2008/08/15 20:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Ulead Systems
[2010/08/02 21:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Vso
[2009/09/02 21:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\xm1
[2007/05/10 04:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Spurta\Application Data\Ytuw
[2010/08/15 12:00:00 | 000,000,488 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C980DA7D
< End of report >


Thankyou, Leon.
  • 0

#12
MariaCristina
Posted 17 August 2010 - 08:30 AM

MariaCristina

    Visiting Staff

  • Visiting Consultant
  • 277 posts
Hi, spurta.

Do you know these folders listed in red bellow?

C:\Documents and Settings\Spurta\Application Data\Ytuw
C:\Documents and Settings\Spurta\Application Data\Qomae
C:\Documents and Settings\Spurta\Application Data\Lezek


We need to make some changes in the Registry. Before we do that, we need to make a full backup of your Registry.
Posted Image ERUNT allows you to store a complete backup of your registry and restore if needed. Removing modern malware infections often requires making changes to the registry, and a corrupt registry can prevent a system from booting. Compatible with Windows NT, 2000, 2003, XP, Vista, 32 & 64-bit versions.

  • Download ERUNT (Emergency Recovery Utility NT)
  • Double-click erunt_setup.exe to run.
  • Follow the prompts and install using the default configuration (setup language, install location, shortcuts...).
  • Say No to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later.
  • Start ERUNT
  • Choose a location for the backup
    The default location C:\WINDOWS\ERDNT\[today's date] is preferred
  • The first two check boxes are ticked by default (System registry and Current user registry).
  • Press OK
  • When prompted, click YES to create a new folder.
  • Progress bars will show backup status.
  • A confirmation window will popup when complete. Click OK to close.


Select these lines in red bellow, then right-click on the selection and go to copy:

:OTL
O2 - BHO: (no name) - {9211AB89-1A17-435A-9A46-303872B40CF9} - No CLSID value found.
O2 - BHO: (no name) - {de20342d-e92d-4ce1-88ad-a1d28ccfd77e} - No CLSID value found.
O2 - BHO: (no name) - {F185509A-B864-4290-8702-7D0D5D7D2E66} - No CLSID value found.
NetSvcs: SSHNAS - File not found
NetSvcs: TCPIP Pass-through Filter - File not found
[2010/08/05 11:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Spurta\Local Settings\Application Data\mvrtgwcfn
[2010/07/14 15:22:56 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Spurta\Application Data\avdrn.dat
[2010/08/05 11:26:47 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\swxtu.dll
[2010/07/17 11:41:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ffuxafiyaci.bin
[2010/07/17 11:41:07 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Vlico.dat

:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\DOCUME~1\Spurta\LOCALS~1\Temp\win1B5.tmp.exe"=-

:Commands
[clearallrestorepoints]
[purity]
[emptytemp]

Run OTL.exe

** Windows Vista and Windows 7 users:
Right-click on the file then choose Run as admin option.

Right-click on any blank part under Custom Scans/Fixes then click on Paste

Close ALL open windows except OTL.

Click on Fix button.

The tool will run the script and will ask to reboot your system. Allow it.

When back into Windows, OTL will be automatically ran. Allow it, if asked.

A notepad window will be shown, with some data.
Copy ALL (edit > select all > copy) its contents and paste here in a new reply.

This log would be saved in C:\_OTL\MovedFiles folder, named as date_time.log.

Eg: 03142010_145545.log


Next:


Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Posted Image
  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image

    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

Do not forget the OTL's fix log.

:)
  • 0

#13
spurta
Posted 17 August 2010 - 04:28 PM

spurta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Thanks Maria,

I do not knowingly have any data in the above mentioned folders.

I will run the processes described and post the log files.

Thanks again, Leon.
  • 0

#14
spurta
Posted 17 August 2010 - 04:38 PM

spurta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9211AB89-1A17-435A-9A46-303872B40CF9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9211AB89-1A17-435A-9A46-303872B40CF9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{de20342d-e92d-4ce1-88ad-a1d28ccfd77e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de20342d-e92d-4ce1-88ad-a1d28ccfd77e}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F185509A-B864-4290-8702-7D0D5D7D2E66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F185509A-B864-4290-8702-7D0D5D7D2E66}\ not found.
SSHNAS removed from NetSvcs value successfully!
TCPIP Pass-through Filter removed from NetSvcs value successfully!
C:\Documents and Settings\Spurta\Local Settings\Application Data\mvrtgwcfn folder moved successfully.
C:\Documents and Settings\Spurta\Application Data\avdrn.dat moved successfully.
C:\WINDOWS\system32\swxtu.dll moved successfully.
C:\WINDOWS\Ffuxafiyaci.bin moved successfully.
C:\WINDOWS\Vlico.dat moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\DOCUME~1\Spurta\LOCALS~1\Temp\win1B5.tmp.exe not found.
========== COMMANDS ==========
Restore points cleared and new OTL Restore Point set!

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 7676150 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 348 bytes

User: Spurta
->Temp folder emptied: 1443879 bytes
->Temporary Internet Files folder emptied: 12337702 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 30906733 bytes
->Flash cache emptied: 4551 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 134245 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 50.00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 08182010_083009

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OPM3G9IR\clkurl=;ord=1665948953[1] not found!
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OPM3G9IR\clkurl=;ord=62228878[1] not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\G9ARKL6F\CAOPUBSP.htm moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\G9ARKL6F\clkurl=;ord=170929463[1] not found!
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DY3OPMF\CAAJSTU3.htm not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DY3OPMF\roboticseshop[2].htm moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DY3OPMF\showad[1].js moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DQJCHA3\CACXQB8D.com not found!
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DQJCHA3\CAIJWDAF.com not found!
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DQJCHA3\imghp[1] not found!
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DQJCHA3\index[1].php not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0DQJCHA3\syncuppixels[1].htm moved successfully.
File\Folder C:\WINDOWS\temp\JET2EBC.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_438.dat moved successfully.

Registry entries deleted on Reboot...
  • 0

#15
spurta
Posted 18 August 2010 - 02:23 AM

spurta

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
ComboFix 10-08-17.03 - Spurta 08/18/2010 16:27:25.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.464 [GMT 10:00]
Running from: c:\documents and settings\Spurta\Desktop\ComboFix.exe
AV: Norton 360 Premier Edition *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 Premier Edition *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Spurta\Application Data\Lezek
c:\documents and settings\Spurta\Application Data\Lezek\iwak.nik
c:\documents and settings\Spurta\Application Data\Qomae
c:\documents and settings\Spurta\Application Data\Qomae\hobe.igi
C:\Thumbs.db
c:\windows\system32\drivers\npf.sys
c:\windows\system32\logs
c:\windows\system32\logs\{EBA8A035-B612-4737-804D-C6CBE33A9950}.log
c:\windows\system32\Packet.dll
c:\windows\system32\Settings
c:\windows\system32\Settings\Settings.ini
c:\windows\system32\wpcap.dll

Infected copy of c:\windows\system32\drivers\netbt.sys was found and disinfected
Restored copy from - Kitty had a snack :)
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DOMAINSERVICE
-------\Legacy_NPF
-------\Legacy_TCPIP_PASS-THROUGH_FILTER
-------\Service_NPF


((((((((((((((((((((((((( Files Created from 2010-07-18 to 2010-08-18 )))))))))))))))))))))))))))))))
.

2010-08-18 00:40 . 2010-08-18 00:40 -------- d-----r- c:\program files\Norton Support
2010-08-17 22:20 . 2010-08-17 22:20 -------- d-----w- c:\program files\ERUNT
2010-08-10 23:00 . 2010-01-21 02:35 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2010-08-10 14:31 . 2010-08-10 14:31 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Downloaded Installations
2010-08-10 14:30 . 2010-01-21 02:35 217136 ----a-w- c:\windows\system32\drivers\symtdi.sys
2010-08-10 14:30 . 2010-01-21 02:35 310320 ----a-w- c:\windows\system32\drivers\SymEFA.sys
2010-08-10 14:30 . 2010-01-21 02:35 43696 ----a-w- c:\windows\system32\drivers\srtspx.sys
2010-08-10 14:30 . 2010-01-21 02:35 482432 ----a-w- c:\windows\system32\drivers\cchpx86.sys
2010-08-10 14:30 . 2010-01-21 02:35 259632 ----a-w- c:\windows\system32\drivers\BHDrvx86.sys
2010-08-10 11:30 . 2010-08-10 11:33 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-08-10 09:59 . 2010-08-18 00:39 63488 ----a-w- c:\documents and settings\Spurta\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-08-10 09:59 . 2010-08-10 09:59 52224 ----a-w- c:\documents and settings\Spurta\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-08-10 09:59 . 2010-08-18 00:39 117760 ----a-w- c:\documents and settings\Spurta\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-08-10 09:57 . 2010-08-10 09:57 -------- d-----w- c:\documents and settings\Spurta\Application Data\SUPERAntiSpyware.com
2010-08-10 09:57 . 2010-08-10 09:57 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-08-10 09:56 . 2010-08-10 09:58 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-08-10 09:02 . 2010-08-10 09:02 -------- d-s---w- c:\documents and settings\NetworkService\UserData
2010-08-10 08:15 . 2010-08-10 08:15 -------- d-----w- c:\program files\Telstra
2010-08-08 07:36 . 2010-08-08 07:36 78643200 --sha-w- C:\NRTPage.sys
2010-08-08 00:57 . 2010-08-08 00:57 -------- d-----w- c:\documents and settings\Spurta\Local Settings\Application Data\Symantec
2010-08-08 00:56 . 2010-08-10 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
2010-08-08 00:56 . 2010-08-08 00:56 -------- d-----w- c:\documents and settings\Spurta\Local Settings\Application Data\Downloaded Installations
2010-08-08 00:55 . 2010-08-10 14:30 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-08-08 00:55 . 2010-08-10 14:31 -------- d-----w- c:\program files\Symantec
2010-08-08 00:55 . 2010-08-10 14:30 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-08-08 00:55 . 2010-08-08 01:47 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-08-08 00:54 . 2010-08-10 23:19 -------- d-----w- c:\windows\system32\drivers\N360
2010-08-08 00:54 . 2010-08-08 00:54 -------- d-----w- c:\program files\Norton 360 Premier Edition
2010-08-08 00:54 . 2010-08-08 00:54 -------- d-----w- c:\program files\Windows Sidebar
2010-08-08 00:54 . 2010-08-08 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-08-07 13:21 . 2010-08-08 00:53 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-08-07 13:21 . 2010-08-07 13:21 -------- d-----w- c:\program files\NortonInstaller
2010-08-02 11:04 . 2010-08-02 11:04 -------- d-----w- c:\documents and settings\Spurta\Application Data\Vso
2010-08-01 08:35 . 2010-08-01 08:35 -------- d-----w- c:\documents and settings\Spurta\Local Settings\Application Data\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-18 01:28 . 2007-05-09 18:06 -------- d-----w- c:\documents and settings\Spurta\Application Data\Ytuw
2010-08-18 01:28 . 2007-03-20 00:31 -------- d-----w- c:\documents and settings\Spurta\Application Data\Dele
2010-08-14 23:45 . 2007-03-19 04:34 -------- d-----w- c:\program files\WinSCP3
2010-08-10 14:30 . 2010-08-08 00:55 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-08-10 14:30 . 2010-08-08 00:55 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-08-10 13:42 . 2009-12-02 03:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-10 13:42 . 2009-12-02 03:54 -------- d-----w- c:\documents and settings\Spurta\Application Data\Malwarebytes
2010-08-10 09:00 . 2007-02-14 00:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-08-08 09:06 . 2007-03-27 10:04 -------- d-----w- c:\program files\Alcohol Soft
2010-08-07 13:23 . 2008-02-14 06:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2010-08-01 10:31 . 2009-09-17 19:07 -------- d-----w- c:\documents and settings\Spurta\Application Data\vlc
2010-08-01 04:49 . 2008-02-25 11:30 10752 ----a-w- c:\windows\DCEBoot.exe
2010-07-26 09:22 . 2007-07-02 09:35 -------- d-----w- c:\documents and settings\Spurta\Application Data\Skype
2010-07-26 08:39 . 2009-03-25 08:30 -------- d-----w- c:\documents and settings\Spurta\Application Data\skypePM
2010-07-23 02:12 . 2009-11-26 04:23 -------- d-----w- c:\program files\TexMakerX
2010-07-21 09:21 . 2008-05-19 08:59 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-07-11 23:39 . 2009-11-27 09:57 -------- d-----w- c:\program files\Microsoft Silverlight
2010-07-09 08:42 . 2010-03-11 07:17 69222840 ----a-w- c:\documents and settings\Spurta\Application Data\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe
2010-07-04 12:44 . 2010-07-17 12:58 552960 ----a-r- C:\OTLPE.exe
2010-07-03 11:25 . 2010-02-15 02:49 -------- d-----w- c:\documents and settings\Spurta\Application Data\Apple Computer
2010-07-03 11:24 . 2010-02-15 02:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-07-02 04:40 . 2010-06-22 04:34 -------- d-----w- c:\program files\NCH Swift Sound
2010-07-02 04:37 . 2010-06-22 04:34 -------- d-----w- c:\documents and settings\Spurta\Application Data\NCH Swift Sound
2010-07-02 04:36 . 2010-06-22 04:35 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2010-07-02 04:09 . 2006-08-12 04:51 193064 ----a-w- c:\documents and settings\Spurta\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-01 02:23 . 2008-01-16 00:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-01 02:20 . 2010-07-01 02:20 -------- d-----w- c:\program files\V1 Home 2.0
2010-06-23 03:19 . 2010-06-23 03:19 -------- d-----w- c:\documents and settings\Spurta\Application Data\Recordpad
2010-06-22 04:35 . 2010-06-22 04:35 -------- d-----w- c:\program files\NCH Software
2010-06-22 03:30 . 2010-06-22 03:29 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-06-22 03:30 . 2006-09-04 01:37 -------- d-----w- c:\program files\itunes
2010-06-22 03:30 . 2010-06-22 03:30 -------- d-----w- c:\program files\iPod
2010-06-22 03:30 . 2010-02-15 02:38 -------- d-----w- c:\program files\Common Files\Apple
2010-06-22 03:27 . 2010-06-22 03:26 -------- d-----w- c:\program files\QuickTime
2010-06-22 03:23 . 2009-01-30 03:22 -------- d-----w- c:\program files\Bonjour
2010-06-22 03:19 . 2010-06-22 03:19 72504 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-17 07:26 . 2010-06-17 07:26 50354 ----a-w- c:\documents and settings\Spurta\Application Data\Facebook\uninstall.exe
2010-06-14 14:30 . 2005-08-15 20:40 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-09 10:45 . 2010-06-09 10:45 5591040 ----a-w- c:\documents and settings\Spurta\Application Data\Facebook\npfbplugin_1_0_3.dll
2008-02-29 11:26 . 2008-02-29 11:26 38 ----a-w- c:\program files\ITK-Scope.aliases
2008-02-29 11:26 . 2008-02-29 11:26 262144 ----a-w- c:\program files\ITK-Scope.exe
2008-02-29 11:26 . 2008-02-29 11:26 2095 ----a-w- c:\program files\ITK-Scope.ini
2006-06-07 04:40 . 2006-06-07 04:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2008-03-20 06:55 . 2007-10-13 07:47 608 --sha-w- c:\windows\system32\winzvprt5.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-07-19 2403568]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-09 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-09 59392]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 624248]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"UVS10 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe" [2006-08-09 36864]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-8-3 24576]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PHIME2002ASync"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
"PHIME2002A"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"NeroCheck"=c:\windows\system32\\NeroCheck.exe
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"DMXLauncher"=c:\program files\Dell\Media Experience\DMXLauncher.exe
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe"
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"dla"=c:\windows\system32\dla\tfswctrl.exe
"igfxpers"=c:\windows\system32\igfxpers.exe
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"igfxtray"=c:\windows\system32\igfxtray.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Documents and Settings\\Spurta\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\itunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP"= 10426:UDP:SingleClick ICC
"23913:TCP"= 23913:TCP:BitComet 23913 TCP
"23913:UDP"= 23913:UDP:BitComet 23913 UDP
"8809:TCP"= 8809:TCP:BitComet 8809 TCP
"8809:UDP"= 8809:UDP:BitComet 8809 UDP

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/18/2010 4:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/11/2010 4:41 AM 67656]
R2 N360;Norton 360;c:\program files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe [8/11/2010 12:29 AM 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/9/2010 12:35 PM 102448]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0308000.029\SYMEFA.SYS --> c:\windows\system32\drivers\N360\0308000.029\SYMEFA.SYS [?]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\Drivers\N360\0308000.029\BHDrvx86.sys --> c:\windows\system32\Drivers\N360\0308000.029\BHDrvx86.sys [?]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\Drivers\N360\0308000.029\ccHPx86.sys --> c:\windows\system32\Drivers\N360\0308000.029\ccHPx86.sys [?]
S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100816.001\IDSXpx86.sys [8/18/2010 10:35 AM 331640]
S2 WinServ;TCP/IP;c:\documents and settings\Spurta\c:\docume~1\Spurta\LOCALS~1\APPLIC~1\mpx --> c:\documents and settings\Spurta\c:\docume~1\Spurta\LOCALS~1\APPLIC~1\mpx [?]
S3 ATHFMWDL;Wireless predator Bootloader driver;c:\windows\system32\Drivers\ATHFMWDL.sys --> c:\windows\system32\Drivers\ATHFMWDL.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [3/10/2010 9:00 PM 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [3/10/2010 9:00 PM 8320]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [10/3/2007 3:35 PM 223128]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3/27/2007 7:58 PM 721904]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
uxtuneup

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}]
2008-06-18 04:04 8192 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder

2010-08-18 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-27 02:44]
.
.
------- Supplementary Scan -------
.
uStart Page = https://osa.adfa.edu...change&reason=0
mStart Page = hxxp://www1.ap.dell.com/content/default.aspx?c=au&l=en&s=gen
uInternet Connection Wizard,ShellNext = hxxp://www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au
uInternet Settings,ProxyServer = http=127.0.0.1:6522
uInternet Settings,ProxyOverride = <local>
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Spurta\Application Data\Mozilla\Firefox\Profiles\gz3eafa1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - plugin: c:\documents and settings\Spurta\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV82Win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - HiddenExtension: XULRunner: {CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D} - c:\documents and settings\Spurta\Local Settings\Application Data\{CEF63772-71E0-49D8-BDD5-23E0AF9ECE7D}
FF - HiddenExtension: XULRunner: {79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8} - c:\documents and settings\Spurta\Local Settings\Application Data\{79CBA0D9-FAF3-4C8C-8366-7A33BCB3C8D8}\

---- FIREFOX POLICIES ----
FF - user.js: dom.disable_open_during_load - false // Popupblocker control handled by McAfee Privacy Service

FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHANS REMOVED - - - -

BHO-{0C2A3A9F-68C8-4EAC-9434-EEF5524214B5} - (no file)
AddRemove-UBCD4Win_is1 - c:\ubcd4win\unins000.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
AddRemove-{4EC8B911-98AB-4819-B5EE-D32E8A0A8AAA}_is1 - c:\program files\DVDx\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-18 17:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360 Premier Edition\Engine\3.8.0.41\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinServ]
"ImagePath"="c:\documents and settings\Spurta\c:\docume~1\Spurta\LOCALS~1\APPLIC~1\mpx"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1596)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL

- - - - - - - > 'explorer.exe'(3772)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\WinSCP3\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\eHome\ehSched.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
c:\program files\Common Files\National Instruments\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\System32\StkASv2K.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\wanmpsvc.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\stsystra.exe
c:\windows\eHome\ehmsas.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2010-08-18 17:58:20 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-18 07:58

Pre-Run: 15,249,518,592 bytes free
Post-Run: 15,085,801,472 bytes free

- - End Of File - - E00E91333F379F8CA9B927D22C653782
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP