Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows XP theme turning off by itself

Started by jltolentino , Feb 07 2011 07:43 PM

  • Please log in to reply

#1
jltolentino
Posted 07 February 2011 - 07:43 PM

jltolentino

    New Member

  • Member
  • Pip
  • 1 posts
I've been having different kind of problems for a couple of months now. Looks like everything started with the spyware dr telling me every second that I have viruses and I needed to buy their program. I tried to remove it with malwarebytes that wasn't running. I finally got it to run with a different name after running rkill.com (also with different name. I had to run everything in safe mode. little by little I've been making progress I was able to run spybot search and destroy yesterday and removed a lot of things. Now my windows theme and sometimes the audio service are turning off by themselves and without any specific action from me. Please help me. Here's the log:

windowsOTL logfile created on: 2/7/2011 8:22:10 PM - Run 3
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Juan Tolentino\Desktop\Problems
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 166.00 Mb Available Physical Memory | 33.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 36.17 Gb Free Space | 32.36% Space Free | Partition Type: NTFS
Drive G: | 5.49 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 1.91 Gb Total Space | 1.51 Gb Free Space | 79.31% Space Free | Partition Type: FAT

Computer Name: OFFICECOMPUTER | User Name: Juan Tolentino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Juan Tolentino\Desktop\Problems\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc.)
PRC - C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
PRC - C:\Program Files\TVersity\Media Server\MediaServer.exe ()
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\ATT Internet Tools\blsloader.exe (AT&T Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe (American Power Conversion Corporation)
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
PRC - C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpofxm07.exe (Hewlett-Packard Co.)
PRC - C:\WINDOWS\system32\hpoipm07.exe (HP)
PRC - C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hposts07.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpoevm07.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)
PRC - C:\WINDOWS\system32\devldr32.exe (Creative Technology Ltd.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Juan Tolentino\Desktop\Problems\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msvbvm60.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\dinput.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\serwvdrv.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\umdmxfrm.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (TivoBeacon2) -- C:\Program Files\TiVo\Desktop\TiVoBeacon.exe (TiVo Inc.)
SRV - (TVersityMediaServer) -- C:\Program Files\TVersity\Media Server\MediaServer.exe ()
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (APC UPS Service) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)


========== Driver Services (SafeList) ==========

DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (jymuqbn) -- C:\WINDOWS\system32\drivers\jymuqbn.sys ()
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (Changer) -- C:\WINDOWS\System32\drivers\changer.sys (Microsoft Corporation)
DRV - (lbrtfdc) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys (Toshiba Corp.)
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\mresp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\mremp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (SQTECH905C) -- C:\WINDOWS\system32\drivers\capt905c.sys (Service & Quality Technology.)
DRV - (NPPTNT2) -- C:\WINDOWS\system32\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (DVDVRRdr_xp) -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys (Windows ® 2000 DDK provider)
DRV - (UDFReadr) -- C:\WINDOWS\System32\drivers\Udfreadr.sys (Roxio)
DRV - (inibtmgr) -- C:\WINDOWS\system32\drivers\inibtmgr.sys (Western Digital)
DRV - (cdudf_xp) -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys (Roxio)
DRV - (UdfReadr_xp) -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys (Roxio)
DRV - (pwd_2k) -- C:\WINDOWS\System32\drivers\pwd_2K.sys (Roxio)
DRV - (mmc_2K) -- C:\WINDOWS\System32\drivers\Mmc_2k.sys (Roxio)
DRV - (dvd_2K) -- C:\WINDOWS\System32\drivers\dvd_2K.sys (Roxio)
DRV - (ADSEXPB) -- C:\WINDOWS\system32\drivers\adsexpb.sys (Cirrus Logic Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (basic2) -- C:\WINDOWS\system32\drivers\hsf_bsc2.sys (Conexant)
DRV - (V124) -- C:\WINDOWS\system32\drivers\HSF_V124.sys (Conexant)
DRV - (Tones) -- C:\WINDOWS\system32\drivers\HSF_TONE.sys (Conexant)
DRV - (hsf_msft) -- C:\WINDOWS\system32\drivers\hsf_msft.sys (Conexant)
DRV - (SpeakerPhone) -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys (Conexant)
DRV - (Rksample) -- C:\WINDOWS\system32\drivers\hsf_samp.sys (Conexant)
DRV - (K56) -- C:\WINDOWS\system32\drivers\HSF_K56K.sys (Conexant)
DRV - (Fallback) -- C:\WINDOWS\system32\drivers\HSF_FALL.sys (Conexant)
DRV - (SoftFax) -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys (Conexant)
DRV - (Fsks) -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys (Conexant)
DRV - (sfman) Creative SoundFont Manager Driver (WDM) -- C:\WINDOWS\system32\drivers\sfmanm.sys (Creative Technology Ltd.)
DRV - (emu10k1) Creative Interface Manager Driver (WDM) -- C:\WINDOWS\system32\drivers\ctlfacem.sys (Creative Technology Ltd.)
DRV - (emu10k) Creative SB Live! (WDM) -- C:\WINDOWS\system32\drivers\emu10k1m.sys (Creative Technology Ltd.)
DRV - (ctljystk) -- C:\WINDOWS\system32\drivers\ctljystk.sys (Creative Technology Ltd.)
DRV - (OMCI) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\URLSearchHook: _{8952A998-1E7E-4716-B23D-3DBE03910972} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: _{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..keyword.URL: "http://www.google.co...lient&hl=en&q="
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/12/28 11:50:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/08 09:30:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/03 20:04:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2010/11/05 19:03:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011/01/03 20:04:01 | 000,000,000 | ---D | M]

[2010/12/19 23:16:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Juan Tolentino\Application Data\Mozilla\Extensions
[2011/02/07 19:48:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Juan Tolentino\Application Data\Mozilla\Firefox\Profiles\5tta8031.default\extensions
[2010/12/21 20:08:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Juan Tolentino\Application Data\Mozilla\Firefox\Profiles\5tta8031.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/23 23:02:06 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Juan Tolentino\Application Data\Mozilla\Firefox\Profiles\5tta8031.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/11/27 00:29:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Juan Tolentino\Application Data\Mozilla\Firefox\Profiles\lq5eoe0l.default\extensions
[2010/11/27 00:29:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Juan Tolentino\Application Data\Mozilla\Firefox\Profiles\lq5eoe0l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2010/11/27 00:35:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Juan Tolentino\Application Data\Mozilla\Firefox\Profiles\mfrdot4r.default\extensions
[2010/11/27 00:35:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Juan Tolentino\Application Data\Mozilla\Firefox\Profiles\mfrdot4r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2010/12/19 23:15:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/27 00:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions(2)
[2010/11/22 21:56:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions(2)\{972ce4c6-7e08-4474-a285-3208198ce6fd}(2)
[2010/12/28 11:50:44 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX
[2010/10/01 18:51:32 | 000,002,074 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google_search.xml

O1 HOSTS File: ([2011/02/06 12:16:59 | 000,428,992 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14794 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (&RN_Object) - {E6B48BC7-4EA9-4643-A4B3-BB7C4F69287A} - C:\Program Files\RNmail\RN_IE_Add_On.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [blspcloader] C:\Program Files\ATT Internet Tools\blsloader.exe (AT&T Corporation)
O4 - HKLM..\Run: [HelpCenter4.1] File not found
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe (Microsoft® Corporation)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
O4 - HKCU..\Run: [TivoTransfer] C:\Program Files\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc.)
O4 - HKCU..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\Plus\\TranscodingService.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HPAiODevice(hp officejet 7100 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Active Tracker - {217CCFE3-21DE-4559-B11A-BC8840EB15DD} - C:\Program Files\RNmail\RN_IE_Add_On.dll ()
O9 - Extra 'Tools' menuitem : Active Tracker... - {217CCFE3-21DE-4559-B11A-BC8840EB15DD} - C:\Program Files\RNmail\RN_IE_Add_On.dll ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\System32\iavlsp.dll (iolo technologies, LLC)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: Interealty.com ([]* is out of zone range - 5)
O15 - HKCU\..Trusted Domains: MLXchange.com ([]* is out of zone range - 5)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} http://www.digitalwe...er/dbplugin.cab (dnlplayer Class)
O16 - DPF: {1E4FF862-57ED-4E5C-9C57-3ECB8DC17827} http://65.208.181.61/ePlusDVR.cab (ePlusOcx Control)
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///D:/components/hidinputmonitorx.ocx (HidInputMonitorX Control)
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///D:/components/wmvhdrating.ocx (WMVHDRatingCtrl Class)
O16 - DPF: {72582798-0B04-4F7B-BDBB-68FF20BE4840} http://72.156.24.201/webviewer.cab (GTileContainerCtl Class)
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} http://sef.mlxchange...ol/IRCSharc.cab (GeacRevw Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} http://72.156.24.201/GVersionMan.cab (GVersionManager Class)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F375116A-793C-11D2-BFE1-444553540001} http://realist2.firs...r/mapviewer.cab (First American Res MapActiveX Control)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: Web-Based Email Tools http://email.secures...et/Download.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/JUANTO~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Components:1 () - http://www.dolcesalo...are_01-over.gif
O24 - Desktop Components:2 () - file:///C:/DOCUME~1/JUANTO~1/LOCALS~1/Temp/msohtml1/01/clip_image001.gif
O24 - Desktop Components:3 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Juan Tolentino\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Juan Tolentino\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (effdaw.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/05/11 17:13:39 | 000,000,279 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{034f2f6f-03e5-11dc-8e96-00c0a87d35ed}\Shell\AutoRun\command - "" = F:\2.bat
O33 - MountPoints2\{034f2f6f-03e5-11dc-8e96-00c0a87d35ed}\Shell\open\Command - "" = F:\2.bat
O33 - MountPoints2\{0d3eb30c-06cd-11de-9289-00c0a87d35ed}\Shell\AutoRun\command - "" = G:\i.com
O33 - MountPoints2\{0d3eb30c-06cd-11de-9289-00c0a87d35ed}\Shell\open\Command - "" = G:\i.com
O33 - MountPoints2\{bc89a1ee-566b-11db-8d7a-00c0a87d35ed}\Shell - "" = AutoRun
O33 - MountPoints2\{bc89a1ee-566b-11db-8d7a-00c0a87d35ed}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bc89a1ee-566b-11db-8d7a-00c0a87d35ed}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O33 - MountPoints2\{d113d33d-019f-11dc-8e91-00c0a87d35ed}\Shell\AutoRun\command - "" = F:\i.com
O33 - MountPoints2\{d113d33d-019f-11dc-8e91-00c0a87d35ed}\Shell\open\Command - "" = F:\i.com
O33 - MountPoints2\{e6d25913-5692-11dc-8f31-00c0a87d35ed}\Shell - "" = AutoRun
O33 - MountPoints2\{e6d25913-5692-11dc-8f31-00c0a87d35ed}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e6d25913-5692-11dc-8f31-00c0a87d35ed}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{e6d25914-5692-11dc-8f31-00c0a87d35ed}\Shell - "" = AutoRun
O33 - MountPoints2\{e6d25914-5692-11dc-8f31-00c0a87d35ed}\Shell\Auto\command - "" = C:\WINDOWS\System32\setup.exe -- [2008/04/13 19:12:34 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{e6d25914-5692-11dc-8f31-00c0a87d35ed}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e6d25914-5692-11dc-8f31-00c0a87d35ed}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2006/04/18 17:33:36 | 000,950,272 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/02 01:52:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Juan Tolentino\Application Data\45446
[2011/01/13 16:38:30 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\npptNT2.sys
[2011/01/13 16:01:11 | 000,000,000 | ---D | C] -- C:\GamesCampus
[2011/01/13 15:31:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Juan Tolentino\Local Settings\Application Data\PMB Files
[2011/01/13 15:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/01/13 15:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2007/06/29 16:57:33 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[181 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/07 19:45:47 | 105,657,564 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/02/06 20:18:21 | 000,000,324 | -HS- | M] () -- C:\WINDOWS\tasks\zojhdsoa.job
[2011/02/06 20:18:20 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2011/02/06 20:18:20 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2011/02/06 20:18:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/06 20:18:10 | 535,904,256 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/06 15:39:43 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/06 13:37:16 | 000,000,302 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/02/06 12:16:59 | 000,428,992 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/06 12:04:36 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Juan Tolentino\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/02/06 12:04:36 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Juan Tolentino\Desktop\Spybot - Search & Destroy.lnk
[2011/02/06 01:03:19 | 000,005,682 | ---- | M] () -- C:\Documents and Settings\Juan Tolentino\Desktop\My Favorite Theme.theme
[2011/02/06 00:12:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2011/02/06 00:12:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2011/02/05 23:44:10 | 111,756,288 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\backupSent.pst
[2011/02/05 23:44:10 | 081,282,048 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\backupinbox.pst
[2011/02/03 18:24:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2011/01/28 12:42:34 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/01/28 12:10:10 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2011/01/28 12:10:10 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/01/22 11:34:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2011/01/22 11:34:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2011/01/20 04:39:17 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2011/01/20 04:39:17 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2011/01/16 20:02:26 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Juan Tolentino\Desktop\Word.lnk
[2011/01/16 11:31:46 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2011/01/16 11:31:46 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2011/01/13 11:47:22 | 000,271,352 | ---- | M] () -- C:\Documents and Settings\Juan Tolentino\Desktop\InstallsInc1099-2009.pdf
[2011/01/12 18:18:12 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2011/01/12 18:18:12 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2011/01/12 18:17:55 | 000,456,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/09 21:20:15 | 000,129,621 | ---- | M] () -- C:\Documents and Settings\Juan Tolentino\Desktop\2009 report.pdf
[2011/01/09 19:36:18 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\Juan Tolentino\Desktop\Book2.xls
[2011/01/09 18:35:23 | 000,048,769 | ---- | M] () -- C:\Documents and Settings\Juan Tolentino\Desktop\report.pdf
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[181 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[176 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/06 12:04:36 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Desktop\Spybot - Search & Destroy.lnk
[2011/02/06 01:03:19 | 000,005,682 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Desktop\My Favorite Theme.theme
[2011/01/28 12:42:34 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/01/13 16:38:29 | 000,005,174 | ---- | C] () -- C:\WINDOWS\System32\nppt9x.vxd
[2011/01/13 11:47:17 | 000,271,352 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Desktop\InstallsInc1099-2009.pdf
[2011/01/09 21:20:10 | 000,129,621 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Desktop\2009 report.pdf
[2011/01/09 18:40:40 | 000,052,224 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Desktop\Book2.xls
[2011/01/09 18:35:13 | 000,048,769 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Desktop\report.pdf
[2010/09/03 15:46:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcf.INI
[2009/08/30 21:58:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\604XMediaMan.dll
[2009/08/26 09:19:54 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\device_shr_604x.dll
[2009/06/04 09:36:08 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\XNS.dll
[2009/05/31 21:05:26 | 000,000,089 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2009/01/19 10:17:56 | 000,606,208 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/12/17 13:41:08 | 000,225,360 | ---- | C] () -- C:\WINDOWS\System32\DMLEng.dll
[2008/11/10 18:47:49 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\$_hpcst$.hpc
[2008/11/05 13:44:30 | 000,323,572 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008/08/28 06:29:22 | 000,044,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\seqcal.sys
[2008/02/21 19:52:30 | 000,041,047 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008/01/27 23:30:16 | 000,000,233 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2008/01/27 23:30:16 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2008/01/27 23:30:16 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2007/10/10 10:20:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2007/08/16 08:55:24 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Batch Pro Launcher.INI
[2007/08/16 08:54:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WizardBatchProc.INI
[2007/08/16 08:52:51 | 000,000,624 | ---- | C] () -- C:\WINDOWS\ReportGenerator.ini
[2007/08/16 08:43:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ShellFTB.INI
[2007/08/16 08:43:28 | 000,000,276 | ---- | C] () -- C:\WINDOWS\OTDR.INI
[2007/06/19 16:08:44 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\TrustZoneRegister.dll
[2007/06/08 13:06:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/04/04 14:42:00 | 000,361,472 | ---- | C] () -- C:\WINDOWS\System32\MouseHook.dll
[2006/10/02 00:52:14 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Application Data\$_hpcst$.hpc
[2006/08/21 19:03:35 | 000,000,012 | ---- | C] () -- C:\WINDOWS\CatDogInstall.ini
[2006/08/18 12:02:54 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Local Settings\Application Data\fusioncache.dat
[2006/06/25 20:09:44 | 000,006,632 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Application Data\ViewerApp.dat
[2006/06/25 19:53:01 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006/05/12 20:37:28 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/10 16:31:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/12/03 16:17:37 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2005/04/23 00:41:34 | 000,205,312 | R--- | C] () -- C:\WINDOWS\patchw32.A483.dll
[2005/04/23 00:41:12 | 000,205,312 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2005/01/13 09:56:26 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Application Data\Sskdmns.dll
[2005/01/05 21:13:34 | 000,001,000 | ---- | C] () -- C:\WINDOWS\usta32.ini
[2005/01/05 21:04:02 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\cdcore.dll
[2004/12/05 16:33:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2004/11/10 12:08:36 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2004/11/10 12:08:35 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2004/10/22 10:30:31 | 000,000,302 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/10/22 10:30:11 | 000,000,360 | ---- | C] () -- C:\WINDOWS\conscorr.ini
[2004/10/22 10:23:52 | 000,000,045 | ---- | C] () -- C:\WINDOWS\CFLGGOGJ.ini
[2004/09/27 19:56:42 | 000,000,253 | R-S- | C] () -- C:\WINDOWS\System32\TBPS.ini
[2004/09/25 17:43:23 | 000,002,587 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2004/08/11 16:37:04 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\missouri.dll
[2004/07/30 14:42:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\cdrules.dll
[2004/05/13 21:11:37 | 000,000,014 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameF.txt
[2004/05/13 20:53:45 | 000,000,014 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
[2004/05/10 20:47:32 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/05/09 21:45:17 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\micr0st.dll
[2004/05/08 21:36:44 | 000,000,072 | ---- | C] () -- C:\WINDOWS\eFaxView.ini
[2004/04/30 16:04:58 | 000,004,030 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/04/26 22:00:50 | 000,219,136 | ---- | C] () -- C:\Documents and Settings\Juan Tolentino\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/04/14 09:40:32 | 000,001,417 | ---- | C] () -- C:\WINDOWS\System32\WD.ini
[2004/03/17 21:27:45 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PMK_setup.ini
[2004/03/16 18:03:01 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2004/03/16 17:08:13 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/03/13 00:21:00 | 000,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2004/03/13 00:21:00 | 000,000,823 | ---- | C] () -- C:\WINDOWS\TSC.ini
[2004/03/13 00:20:22 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/03/08 22:57:43 | 000,004,406 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2004/03/08 22:54:32 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2004/03/08 17:22:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/12/15 14:42:52 | 000,000,232 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP3.ini
[2003/12/15 14:42:36 | 000,000,233 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP2.ini
[2003/10/06 14:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/23 18:48:16 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll
[2002/08/09 07:18:44 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\pandoras.dll
[2001/08/18 07:00:00 | 000,303,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\jymuqbn.sys
[2000/09/18 16:50:28 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1998/10/10 23:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll

========== LOP Check ==========

[2008/11/05 13:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2010/12/19 14:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/12/27 22:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/18 16:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2009/11/17 22:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Guifx
[2010/12/22 22:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/12/19 14:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2004/03/09 15:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JASC
[2010/12/19 14:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/01/13 15:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/09/03 16:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2009/05/31 21:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 10
[2010/08/13 16:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/22 15:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TiVo
[2004/05/11 20:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/12/27 21:39:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Update
[2010/06/07 16:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/05/01 20:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/12/19 15:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\070289E5B88549496F11602AC6D411C4
[2011/02/02 01:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\45446
[2008/11/05 13:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\AT&T
[2008/01/30 16:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\Autodesk
[2010/12/19 14:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\AVG10
[2006/08/19 22:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\Backup MyPC Deluxe
[2010/11/29 22:39:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\CBS Interactive
[2006/08/17 15:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\Costco Photo Viewer
[2008/10/22 09:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\FoxPlayerAIR.01F2E49DE175CC541F416F2DF78BDD5E63AD0096.1
[2007/08/07 21:33:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\Hulabee
[2004/03/16 18:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\InterTrust
[2010/09/03 08:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\iolo
[2006/08/19 22:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\Leadertech
[2009/11/19 12:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\ObserVer
[2006/08/19 11:17:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\Raptisoft
[2006/07/23 20:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\Research In Motion
[2006/11/17 21:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\SkillJam
[2009/12/09 17:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\Tific
[2004/05/11 21:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Juan Tolentino\Application Data\Ulead Systems
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/01/22 11:34:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2010/12/28 21:23:29 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2010/12/18 10:29:47 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2010/12/28 21:23:29 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010/12/18 10:29:47 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010/12/18 10:29:47 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010/12/18 10:29:47 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010/12/18 10:29:47 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010/12/18 10:29:47 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2011/01/12 18:18:12 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2011/01/16 11:31:46 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2011/01/12 18:18:12 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2011/01/16 11:31:46 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/02/06 20:18:20 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2011/02/06 20:18:20 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2011/02/06 00:12:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2011/02/03 16:48:53 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2011/02/06 00:12:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2011/01/26 21:38:05 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2011/01/28 12:10:10 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2011/01/28 12:10:10 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2010/10/12 11:31:41 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At49.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2011/01/20 04:39:17 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2011/01/24 18:14:23 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2011/01/20 04:39:17 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2011/01/22 11:34:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2011/02/06 20:18:21 | 000,000,324 | -HS- | M] () -- C:\WINDOWS\Tasks\zojhdsoa.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BD41D00
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP