[code] OTS logfile created on: 11/5/2009 12:19:11 AM - Run 3 OTS by OldTimer - Version 3.1.3.0 Folder = C:\Documents and Settings\John\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 511.30 Mb Total Physical Memory | 62.77 Mb Available Physical Memory | 12.28% Memory free 1.22 Gb Paging File | 0.74 Gb Available in Paging File | 60.36% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 54.83 Gb Total Space | 7.55 Gb Free Space | 13.78% Space Free | Partition Type: FAT32 Drive D: | 36.45 Gb Total Space | 22.03 Gb Free Space | 60.44% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CHUNG_COM Current User Name: John Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\John\Desktop\OTS.exe -> [2009/11/02 22:48:24 | 00,524,800 | ---- | M] (OldTimer Tools) avgchsvx.exe -> C:\Program Files\AVG\AVG9\avgchsvx.exe -> [2009/10/29 18:42:36 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) avgnsx.exe -> C:\Program Files\AVG\AVG9\avgnsx.exe -> [2009/10/29 18:42:36 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) avgrsx.exe -> C:\Program Files\AVG\AVG9\avgrsx.exe -> [2009/10/29 18:42:36 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) avgcsrvx.exe -> C:\Program Files\AVG\AVG9\avgcsrvx.exe -> [2009/10/29 18:42:34 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) avgtray.exe -> C:\Program Files\AVG\AVG9\avgtray.exe -> [2009/10/29 18:42:32 | 02,010,904 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2009/10/29 18:42:28 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/08/27 01:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) googletoolbarnotifier.exe -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2009/05/22 23:14:48 | 00,039,408 | ---- | M] (Google Inc.) aim6.exe -> C:\Program Files\AIM6\aim6.exe -> [2009/05/19 01:23:18 | 00,049,968 | ---- | M] (AOL LLC) zunelauncher.exe -> C:\Program Files\Zune\ZuneLauncher.exe -> [2008/11/10 12:23:40 | 00,157,312 | ---- | M] (Microsoft Corporation) zunebusenum.exe -> C:\WINDOWS\system32\ZuneBusEnum.exe -> [2008/11/10 12:23:38 | 00,060,032 | ---- | M] (Microsoft Corporation) aolsoftware.exe -> C:\Program Files\AIM6\aolsoftware.exe -> [2008/11/06 13:33:00 | 00,041,264 | ---- | M] (AOL LLC) explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 20:12:20 | 01,033,728 | ---- | M] (Microsoft Corporation) winampa.exe -> C:\Program Files\Winamp\winampa.exe -> [2008/04/01 14:49:42 | 00,036,352 | ---- | M] () applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2007/10/31 14:09:16 | 00,110,592 | ---- | M] (Apple, Inc.) msnmsgr.exe -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) devsvc.exe -> C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -> [2007/03/06 10:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) ulcdrsvr.exe -> C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -> [2007/03/03 13:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2007/01/14 17:52:34 | 00,185,896 | ---- | M] (RealNetworks, Inc.) residentagent.exe -> C:\Program Files\LANDesk\Shared Files\residentAgent.exe -> [2007/01/09 11:03:10 | 00,122,880 | ---- | M] (LANDesk Software, Ltd.) viewpointservice.exe -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 17:38:10 | 00,024,652 | ---- | M] (Viewpoint Corporation) pds.exe -> C:\WINDOWS\system32\cba\pds.exe -> [2006/06/05 12:49:26 | 00,032,819 | ---- | M] (LANDesk Software Ltd.) stkasv2k.exe -> C:\WINDOWS\system32\StkASv2K.exe -> [2006/05/23 23:49:14 | 00,024,576 | ---- | M] (Syntek America Inc.) issch.exe -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> [2005/08/11 16:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) lssrvc.exe -> C:\Program Files\Common Files\LightScribe\LSSrvc.exe -> [2005/06/20 23:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) tablet.exe -> C:\WINDOWS\system32\Tablet.exe -> [2005/06/17 16:00:46 | 00,749,568 | ---- | M] (Wacom Technology, Corp.) rthdcpl.exe -> C:\WINDOWS\RTHDCPL.EXE -> [2005/05/25 03:37:06 | 14,477,312 | ---- | M] (Realtek Semiconductor Corp.) hcontrol.exe -> C:\WINDOWS\ATK0100\HControl.exe -> [2005/05/12 03:15:14 | 00,102,400 | ---- | M] () atkosd.exe -> C:\WINDOWS\ATK0100\ATKOSD.exe -> [2005/05/09 22:12:22 | 01,953,792 | ---- | M] () wcourier.exe -> C:\Program Files\ASUS\Wireless Console\wcourier.exe -> [2005/03/02 21:52:08 | 00,057,344 | ---- | M] () syntpenh.exe -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> [2004/12/22 01:23:38 | 00,688,218 | ---- | M] (Synaptics, Inc.) syntplpr.exe -> C:\Program Files\Synaptics\SynTP\SynTPLpr.exe -> [2004/12/22 01:23:38 | 00,098,394 | ---- | M] (Synaptics, Inc.) pdvdserv.exe -> C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe -> [2004/11/02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) motivesb.exe -> C:\Program Files\NetAssistant\SmartBridge\MotiveSB.exe -> [2004/10/22 15:13:54 | 00,393,216 | ---- | M] (Motive Communications, Inc.) eouwiz.exe -> C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe -> [2004/10/15 11:31:32 | 00,356,352 | ---- | M] (Intel Corporation) oprotsvc.exe -> C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe -> [2004/10/15 11:30:52 | 00,098,304 | ---- | M] (Intel Corporation) ifrmewrk.exe -> C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe -> [2004/10/15 11:27:56 | 00,385,024 | ---- | M] (Intel Corporation) zcfgsvc.exe -> C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe -> [2004/10/15 11:27:38 | 00,389,120 | ---- | M] (Intel Corporation) s24evmon.exe -> C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -> [2004/10/15 11:24:48 | 00,360,521 | ---- | M] (Intel Corporation ) 1xconfig.exe -> C:\Program Files\Intel\Wireless\Bin\1XConfig.exe -> [2004/10/15 11:23:12 | 00,245,760 | ---- | M] (Intel) evteng.exe -> C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -> [2004/10/15 11:22:14 | 00,086,016 | ---- | M] (Intel Corporation) regsrvc.exe -> C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -> [2004/10/15 11:21:38 | 00,139,264 | ---- | M] (Intel Corporation) batterylife.exe -> C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe -> [2004/09/21 16:55:40 | 00,081,920 | ---- | M] (ASUSTeK Computer Inc.) alu.exe -> C:\Program Files\ASUS\ASUS Live Update\ALU.exe -> [2003/09/19 12:54:44 | 00,172,032 | ---- | M] () [Modules - Safe List] ots.exe -> C:\Documents and Settings\John\Desktop\OTS.exe -> [2009/11/02 22:48:24 | 00,524,800 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll -> [2008/04/13 20:12:52 | 01,054,208 | ---- | M] (Microsoft Corporation) framedyn.dll -> C:\WINDOWS\system32\wbem\framedyn.dll -> [2008/04/13 20:11:54 | 00,185,344 | ---- | M] (Microsoft Corporation) syntpfcs.dll -> C:\WINDOWS\system32\SynTPFcs.dll -> [2004/12/22 01:23:38 | 00,069,722 | ---- | M] (Synaptics, Inc.) sbhook.dll -> C:\Program Files\NetAssistant\SmartBridge\SBHook.dll -> [2004/03/16 17:45:50 | 00,122,880 | ---- | M] (Motive Communications, Inc.) [Win32 Services - Safe List] (avg9wd) AVG Free WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2009/10/29 18:42:28 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) (FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2009/07/05 08:58:30 | 00,655,624 | ---- | M] (Acresso Software Inc.) (gusvc) Google Software Updater [On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/05/22 23:14:40 | 00,182,768 | ---- | M] (Google) (gupdate1c9d5d671d247b6) Google Update Service (gupdate1c9d5d671d247b6) [Auto | Stopped] -> C:\Program Files\Google\Update\GoogleUpdate.exe -> [2009/05/15 23:27:30 | 00,133,104 | ---- | M] (Google Inc.) (ZuneNetworkSvc) Zune Network Sharing Service [On_Demand | Stopped] -> C:\Program Files\Zune\ZuneNss.exe -> [2008/11/10 12:23:50 | 05,117,568 | ---- | M] (Microsoft Corporation) (ZuneWlanCfgSvc) Zune Wireless Configuration Service [On_Demand | Stopped] -> C:\WINDOWS\system32\ZuneWlanCfgSvc.exe -> [2008/11/10 12:23:42 | 00,243,840 | ---- | M] (Microsoft Corporation) (ZuneBusEnum) Zune Bus Enumerator [Auto | Running] -> C:\WINDOWS\system32\ZuneBusEnum.exe -> [2008/11/10 12:23:38 | 00,060,032 | ---- | M] (Microsoft Corporation) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) (idsvc) Windows CardSpace [Unknown | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) (NetTcpPortSharing) Net.Tcp Port Sharing Service [Disabled | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) (aspnet_state) ASP.NET State Service [On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) (helpsvc) Help and Support [Auto | Running] -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -> [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) (Irmon) Infrared Monitor [Auto | Running] -> C:\WINDOWS\system32\irmon.dll -> [2008/04/13 20:11:56 | 00,028,160 | ---- | M] (Microsoft Corporation) (6to4) IPv6 Helper Service [Auto | Running] -> C:\WINDOWS\system32\6to4svc.dll -> [2008/04/13 20:11:48 | 00,100,352 | ---- | M] (Microsoft Corporation) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2007/10/31 14:09:16 | 00,110,592 | ---- | M] (Apple, Inc.) (WLSetupSvc) Windows Live Setup Service [On_Demand | Stopped] -> C:\Program Files\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) (usnjsvc) Messenger Sharing Folders USN Journal Reader service [On_Demand | Stopped] -> C:\Program Files\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) (Capture Device Service) Capture Device Service [Auto | Running] -> C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -> [2007/03/06 10:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) (UleadBurningHelper) Ulead Burning Helper [Auto | Running] -> C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -> [2007/03/03 13:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) (CBA8) LANDesk(R) Management Agent [Auto | Running] -> C:\Program Files\LANDesk\Shared Files\residentagent.exe -> [2007/01/09 11:03:10 | 00,122,880 | ---- | M] (LANDesk Software, Ltd.) (Viewpoint Manager Service) Viewpoint Manager Service [Auto | Running] -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 17:38:10 | 00,024,652 | ---- | M] (Viewpoint Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [On_Demand | Stopped] -> C:\Program Files\Windows Media Player\WMPNetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) (Intel PDS) Intel PDS [Auto | Running] -> C:\WINDOWS\system32\cba\pds.exe -> [2006/06/05 12:49:26 | 00,032,819 | ---- | M] (LANDesk Software Ltd.) (StkASSrv) Syntek STK1160 Service [Auto | Running] -> C:\WINDOWS\system32\StkASv2K.exe -> [2006/05/23 23:49:14 | 00,024,576 | ---- | M] (Syntek America Inc.) (LightScribeService) LightScribeService Direct Disc Labeling Service [Auto | Running] -> C:\Program Files\Common Files\LightScribe\LSSrvc.exe -> [2005/06/20 23:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) (TabletService) TabletService [Auto | Running] -> C:\WINDOWS\system32\Tablet.exe -> [2005/06/17 16:00:46 | 00,749,568 | ---- | M] (Wacom Technology, Corp.) (NVSvc) NVIDIA Display Driver Service [Auto | Stopped] -> C:\WINDOWS\system32\nvsvc32.exe -> [2005/05/25 10:02:00 | 00,127,042 | ---- | M] (NVIDIA Corporation) (IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) (OwnershipProtocol) OwnershipProtocol [Auto | Running] -> C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe -> [2004/10/15 11:30:52 | 00,098,304 | ---- | M] (Intel Corporation) (S24EventMonitor) Spectrum24 Event Monitor [Auto | Running] -> C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -> [2004/10/15 11:24:48 | 00,360,521 | ---- | M] (Intel Corporation ) (EvtEng) EvtEng [Auto | Running] -> C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -> [2004/10/15 11:22:14 | 00,086,016 | ---- | M] (Intel Corporation) (RegSrvc) RegSrvc [Auto | Running] -> C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -> [2004/10/15 11:21:38 | 00,139,264 | ---- | M] (Intel Corporation) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (AvgTdiX) AVG Free Network Redirector [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgtdix.sys -> [2009/10/29 18:42:50 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgldx86.sys -> [2009/10/29 18:42:48 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) (AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> C:\WINDOWS\System32\Drivers\avgmfx86.sys -> [2009/10/29 18:42:48 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) (PCTCore) PCTools KDS [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\PCTCore.sys -> [2009/08/24 14:05:06 | 00,206,256 | ---- | M] (PC Tools) (zumbus) Zune Bus Enumerator Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\zumbus.sys -> [2008/11/10 12:09:32 | 00,040,832 | ---- | M] (Microsoft Corporation) (adfs) adfs [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\adfs.sys -> [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) (Tcpip6) Microsoft IPv6 Protocol Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\tcpip6.sys -> [2008/06/20 07:08:28 | 00,225,856 | ---- | M] (Microsoft Corporation) (usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbaudio.sys -> [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Hdaudbus.sys -> [2008/04/13 12:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2008/02/06 03:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) (hamachi) Hamachi Network Interface [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\hamachi.sys -> [2007/12/13 21:16:14 | 00,025,280 | ---- | M] (LogMeIn, Inc.) (sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2007/11/28 14:33:12 | 00,685,816 | ---- | M] () (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 05:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbaapl.sys -> [2007/10/31 14:09:14 | 00,030,464 | ---- | M] (Apple, Inc.) (StkAMini) Syntek STK1160 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\StkAMini.sys -> [2006/11/15 17:32:44 | 00,242,139 | ---- | M] (Syntek America Inc.) (WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\winusb.sys -> [2006/11/02 07:00:08 | 00,039,368 | ---- | M] (Microsoft Corporation) (StkScan) Syntek STK1160 Still Image [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\StkScan.sys -> [2006/06/27 18:27:18 | 00,004,772 | ---- | M] (Syntek America Inc.) (AegisP) AEGIS Protocol (IEEE 802.1x) v3.1.6.0 [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\AegisP.sys -> [2005/10/27 17:24:14 | 00,017,119 | ---- | M] (Meetinghouse Data Communications) (RT25USBAP) Nintendo Wi-Fi USB Connector Service [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\rt25usbap.sys -> [2005/10/24 19:17:40 | 00,162,816 | R--- | M] (Ralink Technology Inc.) (SynScan) USB2.0 1.3M Web Cam Still Image [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\SynScan.sys -> [2005/09/09 10:10:18 | 00,008,246 | ---- | M] (Syntek America Inc.) (SynMini) USB2.0 1.3M Web Cam [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\SynMini.sys -> [2005/08/26 13:45:16 | 00,720,438 | ---- | M] (Syntek America Inc.) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RtkHDAud.sys -> [2005/05/25 04:55:58 | 03,134,976 | ---- | M] (Realtek Semiconductor Corp.) (MTsensor) ATK0100 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ATKACPI.sys -> [2005/02/17 10:07:48 | 00,005,632 | ---- | M] () (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DP.sys -> [2005/01/16 17:48:00 | 01,036,928 | ---- | M] (Conexant Systems, Inc.) (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2005/01/16 17:48:00 | 00,702,592 | ---- | M] (Conexant Systems, Inc.) (HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2005/01/16 17:48:00 | 00,163,328 | ---- | M] (Conexant Systems, Inc.) (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\mdmxsdk.sys -> [2005/01/16 17:48:00 | 00,013,059 | ---- | M] (Conexant) (HdAudAddService) Microsoft UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\Hdaudio.sys -> [2005/01/07 17:07:16 | 00,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\SynTP.sys -> [2004/12/22 01:23:34 | 00,186,240 | ---- | M] (Synaptics, Inc.) (w29n51) Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\w29n51.sys -> [2004/10/29 18:48:10 | 03,222,784 | ---- | M] (Intel® Corporation) (R592) R592 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\R592.sys -> [2004/10/15 19:26:00 | 00,057,088 | ---- | M] (REDC) (risdpntk) risdpntk [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\risdpntk.sys -> [2004/10/15 19:26:00 | 00,027,264 | ---- | M] (REDC) (s24trans) WLAN Transport [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\s24trans.sys -> [2004/10/15 11:20:04 | 00,011,354 | ---- | M] (Intel Corporation) (IWCA) Intel Wireless Connection Agent Miniport for Win XP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\iwca.sys -> [2004/08/12 08:44:04 | 00,234,496 | ---- | M] (Intel Corporation) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/04 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (FsVga) FsVga [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\fsvga.sys -> [2004/08/04 20:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) (Video3D) ASUS Video3D Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Video3D.sys -> [2004/07/06 19:56:26 | 00,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) (yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\yukonwxp.sys -> [2004/06/01 21:04:00 | 00,142,464 | ---- | M] (Marvell Semiconductor Inc.) (ASAPIW2K) ASAPIW2K [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\asapiW2k.sys -> [2004/03/10 15:27:18 | 00,011,264 | ---- | M] (Pinnacle Systems GmbH) (pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\pfc.sys -> [2003/07/01 18:47:08 | 00,009,856 | ---- | M] (Padus, Inc.) (StillCam) Still Serial Digital Camera Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\serscan.sys -> [2001/08/17 13:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) (irsir) Microsoft Serial Infrared Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\irsir.sys -> [2001/08/17 13:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) (USBIO) USBIO Driver (usbio.sys) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbio.sys -> [2001/05/07 05:56:02 | 00,019,805 | R--- | M] (Thesycon GmbH, Germany) (PenClass) Pen Class [Kernel | Boot | Running] -> C:\WINDOWS\system32\Drivers\PenClass.sys -> [2001/04/09 16:45:00 | 00,008,138 | ---- | M] (Wacom Technology Corporation) (Asushwio) Asushwio [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ASUSHWIO.SYS -> [2000/03/29 14:17:42 | 00,005,824 | ---- | M] () [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://sympatico.msn.ca/ -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> http://www.live.ca [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Secondary Start Pages" -> http://www.live.ca [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.yahoo.com -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> HKEY_LOCAL_MACHINE\: URLSearchHooks\\"{03402f96-3dc7-4285-bc50-9e81fefafe43}" [HKLM] -> C:\Program Files\AIM Toolbar\aimtb.dll [AIM Toolbar Search Class] -> [2009/05/06 14:14:26 | 01,279,272 | ---- | M] (AOL LLC.) < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.asus.com -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.asus.com -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: Main\\"Start Page" -> http://www.asus.com -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: Main\\"Start Page" -> http://www.asus.com -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\] > -> -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\: Main\\"Default_Page_URL" -> http://sympatico.msn.ca/ -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\: Main\\"Default_Secondary_Page_URL" -> http://www.live.ca [binary data] -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\: Main\\"SearchDefaultBranded" -> 1 -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\: Main\\"Start Page" -> http://www.deviantart.com/ -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\: URLSearchHooks\\"{03402f96-3dc7-4285-bc50-9e81fefafe43}" [HKLM] -> C:\Program Files\AIM Toolbar\aimtb.dll [AIM Toolbar Search Class] -> [2009/05/06 14:14:26 | 01,279,272 | ---- | M] (AOL LLC.) HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2009/10/16 12:12:42 | 01,119,488 | ---- | M] () HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\John\Application Data\Mozilla\FireFox\Profiles\i7v73iit.default\prefs.js -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/08/08 14:59:00 | 00,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\Program Files\AVG\AVG9\Firefox [C:\PROGRAM FILES\AVG\AVG9\FIREFOX] -> [2009/10/29 18:42:26 | 00,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\avg@igeared -> C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED] -> [2009/10/29 18:42:44 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2008/07/28 12:20:48 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2008/07/28 12:20:48 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\John\Application Data\Mozilla\Extensions -> [2008/10/14 21:07:24 | 00,000,000 | ---D | M] -> C:\Documents and Settings\John\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2008/10/14 21:07:24 | 00,000,000 | ---D | M] -> C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\i7v73iit.default\extensions -> [2008/10/14 21:07:24 | 00,000,000 | ---D | M] -> C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\i7v73iit.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760} -> [2009/06/29 23:19:20 | 00,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2008/07/28 12:20:48 | 00,000,000 | ---D | M] -> C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2008/07/28 12:20:48 | 00,000,000 | ---D | M] < FireFox Components [Program Folders] > -> browserdirprovider.dll -> C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll -> [2008/07/02 21:52:46 | 00,023,040 | ---- | M] (Mozilla Foundation) brwsrcmp.dll -> C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll -> [2008/07/02 21:52:48 | 00,134,144 | ---- | M] (Mozilla Foundation) < HOSTS File > (50 bytes and 1 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 04:16:42 | 00,059,032 | ---- | M] (Adobe Systems Incorporated) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/10/29 18:42:38 | 01,471,768 | ---- | M] (AVG Technologies CZ, s.r.o.) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/02/17 16:11:04 | 00,408,440 | ---- | M] (Microsoft Corporation) {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2009/09/07 15:42:14 | 00,256,112 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [Google Toolbar Notifier BHO] -> [2009/11/02 00:25:56 | 00,762,864 | ---- | M] (Google Inc.) {b0cda128-b425-4eef-a174-61a11ac5dbf8} [HKLM] -> C:\Program Files\AIM Toolbar\aimtb.dll [AIM Toolbar Loader] -> [2009/05/06 14:14:26 | 01,279,272 | ---- | M] (AOL LLC.) {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} [HKLM] -> C:\Program Files\Windows Live Toolbar\msntb.dll [Windows Live Toolbar Helper] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [Google Dictionary Compression sdch] -> [2009/09/07 15:42:14 | 00,458,736 | ---- | M] (Google Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/09/07 15:42:14 | 00,256,112 | ---- | M] (Google Inc.) "{61539ecd-cc67-4437-a03c-9aaccbd14326}" [HKLM] -> C:\Program Files\AIM Toolbar\aimtb.dll [AIM Toolbar] -> [2009/05/06 14:14:26 | 01,279,272 | ---- | M] (AOL LLC.) "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> C:\Program Files\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2009/10/16 12:12:42 | 01,119,488 | ---- | M] () "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2005/08/04 20:54:42 | 00,343,112 | ---- | M] (Yahoo! Inc.) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\] > -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/09/07 15:42:14 | 00,256,112 | ---- | M] (Google Inc.) WebBrowser\\"{57F02779-3D88-4958-8AD3-83C12D86ADC7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{61539ECD-CC67-4437-A03C-9AACCBD14326}" [HKLM] -> C:\Program Files\AIM Toolbar\aimtb.dll [AIM Toolbar] -> [2009/05/06 14:14:26 | 01,279,272 | ---- | M] (AOL LLC.) WebBrowser\\"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" [HKLM] -> C:\Program Files\Windows Live Toolbar\msntb.dll [Windows Live Toolbar] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2009/10/16 12:12:42 | 01,119,488 | ---- | M] () < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AdobeCS4ServiceManager" -> C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe ["C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin] -> [2008/08/14 07:58:34 | 00,611,712 | ---- | M] (Adobe Systems Incorporated) "Alcmtr" -> C:\WINDOWS\Alcmtr.exe [ALCMTR.EXE] -> [2005/05/03 06:43:28 | 00,069,632 | ---- | M] (Realtek Semiconductor Corp.) "ASUS Live Update" -> C:\Program Files\ASUS\ASUS Live Update\ALU.exe [C:\Program Files\ASUS\ASUS Live Update\ALU.exe] -> [2003/09/19 12:54:44 | 00,172,032 | ---- | M] () "AVG9_TRAY" -> C:\Program Files\AVG\AVG9\avgtray.exe [C:\PROGRA~1\AVG\AVG9\avgtray.exe] -> [2009/10/29 18:42:32 | 02,010,904 | ---- | M] (AVG Technologies CZ, s.r.o.) "Easy-PrintToolBox" -> C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon] -> [2004/01/13 21:10:02 | 00,409,600 | ---- | M] (CANON INC.) "EOUApp" -> C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe] -> [2004/10/15 11:31:32 | 00,356,352 | ---- | M] (Intel Corporation) "HControl" -> C:\WINDOWS\ATK0100\HControl.exe [C:\WINDOWS\ATK0100\HControl.exe] -> [2005/05/12 03:15:14 | 00,102,400 | ---- | M] () "High Definition Audio Property Page Shortcut" -> C:\WINDOWS\System32\HdAShCut.exe [HDAShCut.exe] -> [2005/01/07 17:07:16 | 00,061,952 | ---- | M] (Windows (R) Server 2003 DDK provider) "IntelWireless" -> C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless] -> [2004/10/15 11:27:56 | 00,385,024 | ---- | M] (Intel Corporation) "ISUSScheduler" -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> [2005/08/11 16:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) "Malwarebytes Anti-Malware (reboot)" -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe ["C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript] -> [2009/09/10 14:53:56 | 01,312,080 | ---- | M] (Malwarebytes Corporation) "Motive SmartBridge" -> C:\Program Files\NetAssistant\SmartBridge\MotiveSB.exe [C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe] -> [2004/10/22 15:13:54 | 00,393,216 | ---- | M] (Motive Communications, Inc.) "NeroFilterCheck" -> C:\WINDOWS\system32\NeroCheck.exe [C:\WINDOWS\system32\NeroCheck.exe] -> [2001/07/09 11:50:42 | 00,155,648 | ---- | M] (Ahead Software Gmbh) "NvCplDaemon" -> C:\WINDOWS\System32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2005/05/25 10:02:00 | 05,562,368 | ---- | M] (NVIDIA Corporation) "nwiz" -> C:\WINDOWS\System32\nwiz.exe [nwiz.exe /install] -> [2005/05/25 10:02:00 | 01,495,040 | ---- | M] (NVIDIA Corporation) "PinnacleDriverCheck" -> C:\WINDOWS\System32\PSDrvCheck.exe [C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg] -> [2004/03/10 15:26:10 | 00,406,016 | ---- | M] () "Power_Gear" -> C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1] -> [2004/09/21 16:55:40 | 00,081,920 | ---- | M] (ASUSTeK Computer Inc.) "QuickTime Task" -> C:\Program Files\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2007/10/19 20:16:26 | 00,286,720 | ---- | M] (Apple Inc.) "RecoverFromReboot" -> C:\WINDOWS\Temp\RecoverFromReboot.exe [C:\WINDOWS\Temp\RecoverFromReboot.exe] -> File not found "RemoteControl" -> C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe ["C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"] -> [2004/11/02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) "RTHDCPL" -> C:\WINDOWS\RTHDCPL.EXE [RTHDCPL.EXE] -> [2005/05/25 03:37:06 | 14,477,312 | ---- | M] (Realtek Semiconductor Corp.) "SynTPEnh" -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2004/12/22 01:23:38 | 00,688,218 | ---- | M] (Synaptics, Inc.) "SynTPLpr" -> C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] -> [2004/12/22 01:23:38 | 00,098,394 | ---- | M] (Synaptics, Inc.) "TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2007/01/14 17:52:34 | 00,185,896 | ---- | M] (RealNetworks, Inc.) "UVS10 Preload" -> C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe] -> [2006/03/07 00:52:16 | 00,036,864 | ---- | M] (Ulead Systems, Inc.) "WinampAgent" -> C:\Program Files\Winamp\winampa.exe ["C:\Program Files\Winamp\winampa.exe"] -> [2008/04/01 14:49:42 | 00,036,352 | ---- | M] () "Wireless Console" -> C:\Program Files\ASUS\Wireless Console\wcourier.exe [C:\Program Files\ASUS\Wireless Console\wcourier.exe] -> [2005/03/02 21:52:08 | 00,057,344 | ---- | M] () "Zshutdown" -> c:\sysprep\patch\sysprep.cmd [c:\sysprep\patch\sysprep.cmd] -> File not found "Zune Launcher" -> C:\Program Files\Zune\ZuneLauncher.exe ["C:\Program Files\Zune\ZuneLauncher.exe"] -> [2008/11/10 12:23:40 | 00,157,312 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\] > -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AdobeBridge" -> [] -> File not found "Aim6" -> C:\Program Files\AIM6\aim6.exe ["C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp] -> [2009/05/19 01:23:18 | 00,049,968 | ---- | M] (AOL LLC) "msnmsgr" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) "Steam" -> C:\Program Files\Steam\Steam.exe ["C:\Program Files\Steam\Steam.exe" -silent] -> [2009/10/24 00:15:44 | 01,217,808 | ---- | M] (Valve Corporation) "swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2009/05/22 23:14:48 | 00,039,408 | ---- | M] (Google Inc.) < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Chung Huynh Startup Folder > -> C:\Documents and Settings\Chung Huynh\Start Menu\Programs\Startup -> < Computer User Startup Folder > -> C:\Documents and Settings\Computer User\Start Menu\Programs\Startup -> < John Startup Folder > -> C:\Documents and Settings\John\Start Menu\Programs\Startup -> < Guest Startup Folder > -> C:\Documents and Settings\Guest\Start Menu\Programs\Startup -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009] > -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"NoActiveDesktopChanges" -> [0] -> File not found \\"NoSetActiveDesktop" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009] > -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableTaskMgr" -> [0] -> File not found < Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> [2009/04/21 22:43:04 | 10,351,936 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> [2009/04/21 22:43:04 | 10,351,936 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\] > -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\Software\Microsoft\Internet Explorer\MenuExt\ -> &AIM Toolbar Search -> C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html [C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html] -> [2008/05/22 10:44:38 | 00,000,747 | ---- | M] () &Windows Live Search -> C:\Program Files\Windows Live Toolbar\msntb.dll [res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm] -> [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation) E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> [2009/04/21 22:43:04 | 10,351,936 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {0b83c99c-1efa-4259-858f-bcb33e007a5b}:{61539ecd-cc67-4437-a03c-9aaccbd14326} [HKLM] -> C:\Program Files\AIM Toolbar\aimtb.dll [Button: AIM Toolbar] -> [2009/05/06 14:14:26 | 01,279,272 | ---- | M] (AOL LLC.) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation) {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}:Exec [HKLM] -> C:\Program Files\PartyGaming\PartyPoker\RunApp.exe [Button: PartyPoker.com] -> [2009/06/17 18:40:12 | 00,110,592 | ---- | M] () {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}:Exec [HKLM] -> C:\Program Files\PartyGaming\PartyPoker\RunApp.exe [Menu: PartyPoker.com] -> [2009/06/17 18:40:12 | 00,110,592 | ---- | M] () {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 20:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\] > -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. -> 2 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\] > -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-130833806-2211579550-2880065967-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] -> {1E54D648-B804-468d-BC78-4AFFED8E262E} [HKLM] -> http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab [System Requirements Lab Class] -> {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} [HKLM] -> http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab [CDownloadCtrl Object] -> {48DD0448-9209-4F81-9F6D-D83562940134} [HKLM] -> http://lads.myspace.com/upload/MySpaceUploader1006.cab [MySpace Uploader Control] -> {5DBF08EF-4BDE-11D3-B8E4-0080C84E9C66} [HKLM] -> http://tw.cyberlink.com/medi@show/tv/MediaShow.cab [Medi@Show Control] -> {8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Java Plug-in 1.4.2_05] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab [Reg Error: Key error.] -> {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} [HKLM] -> http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab [NeffyLauncherCtl Class] -> {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Java Plug-in 1.4.2_05] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} [HKLM] -> http://www.walmartphotocentre.ca/upload/activex/v2_0_0_11/PCAXSetupv2.0.0.11.cab? [Photo Upload Plugin Class] -> Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab [Reg Error: Key error.] -> TruePass EPF 7,0,100,739 [HKLM] -> https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.0.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {63D5CEE9-9342-4875-955E-0229B433FB7E}\\NameServer -> 192.168.2.1 (Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45) -> {95A01484-0C02-4623-989D-4D29C93BF43D}\\DhcpNameServer -> 192.168.0.1 (Intel(R) PRO/Wireless 2200BG Network Connection) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 20:12:20 | 01,033,728 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> avgrsstarter -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/10/29 18:42:50 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) IntelWireless -> C:\Program Files\Intel\Wireless\Bin\LgNotify.dll -> [2004/10/15 11:27:42 | 00,110,592 | ---- | M] (Intel Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 20:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 20:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) "C:\Documents and Settings\Computer User\Desktop\Games\mameppk_bin_gcc-0.117-20070712\mameppkgui.exe" -> C:\Documents and Settings\Computer User\Desktop\Games\mameppk_bin_gcc-0.117-20070712\mameppkgui.exe [C:\Documents and Settings\Computer User\Desktop\Games\mameppk_bin_gcc-0.117-20070712\mameppkgui.exe:*:Enabled:mameppkgui] -> File not found "C:\Documents and Settings\Computer User\Desktop\mame32ppk119\mame32ppk119.exe" -> C:\Documents and Settings\Computer User\Desktop\mame32ppk119\mame32ppk119.exe [C:\Documents and Settings\Computer User\Desktop\mame32ppk119\mame32ppk119.exe:*:Enabled:mame32ppk119] -> File not found "C:\Documents and Settings\Computer User\Desktop\TetriNET\TETRINET.EXE" -> C:\Documents and Settings\Computer User\Desktop\TetriNET\TETRINET.EXE [C:\Documents and Settings\Computer User\Desktop\TetriNET\TETRINET.EXE:*:Enabled:TETRINET] -> File not found "C:\Documents and Settings\Computer User\My Documents\mIRC\mirc.exe" -> C:\Documents and Settings\Computer User\My Documents\mIRC\mirc.exe [C:\Documents and Settings\Computer User\My Documents\mIRC\mirc.exe:*:Enabled:mIRC] -> [2007/08/16 17:11:52 | 02,380,800 | ---- | M] (mIRC Co. Ltd.) "C:\Documents and Settings\John\Desktop\NWF\Nintendo_WFC_USB\NintendoWFCReg\setup.exe" -> C:\Documents and Settings\John\Desktop\NWF\Nintendo_WFC_USB\NintendoWFCReg\setup.exe [C:\Documents and Settings\John\Desktop\NWF\Nintendo_WFC_USB\NintendoWFCReg\setup.exe:*:Enabled:setup] -> File not found "C:\Documents and Settings\John\Local Settings\Temp\7zSE.tmp\SymNRT.exe" -> C:\Documents and Settings\John\Local Settings\Temp\7zSE.tmp\SymNRT.exe [C:\Documents and Settings\John\Local Settings\Temp\7zSE.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool] -> File not found "C:\Program Files\7-Zip\7zFM.exe" -> C:\Program Files\7-Zip\7zFM.exe [C:\Program Files\7-Zip\7zFM.exe:*:Enabled:7-Zip File Manager] -> [2008/08/19 05:21:42 | 00,385,536 | ---- | M] (Igor Pavlov) "C:\Program Files\AIM6\aim6.exe" -> C:\Program Files\AIM6\aim6.exe [C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM] -> [2009/05/19 01:23:18 | 00,049,968 | ---- | M] (AOL LLC) "C:\Program Files\AVG\AVG9\avgnsx.exe" -> C:\Program Files\AVG\AVG9\avgnsx.exe [C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe] -> [2009/10/29 18:42:36 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgupd.exe" -> C:\Program Files\AVG\AVG9\avgupd.exe [C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe] -> [2009/10/29 18:42:30 | 00,877,848 | ---- | M] (AVG Technologies CZ, s.r.o.) "C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> File not found "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -> C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4] -> [2008/08/14 07:58:34 | 00,611,712 | ---- | M] (Adobe Systems Incorporated) "C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2006/11/03 03:17:28 | 00,010,800 | ---- | M] (AOL LLC) "C:\Program Files\Daidaijiru\AoSuguri\AoSuguriXE.exe" -> C:\Program Files\Daidaijiru\AoSuguri\AoSuguriXE.exe [C:\Program Files\Daidaijiru\AoSuguri\AoSuguriXE.exe:*:Enabled:AoSuguriXE] -> File not found "C:\Program Files\LANDesk\LDClient\tmcsvc.exe" -> C:\Program Files\LANDesk\LDClient\tmcsvc.exe [C:\Program Files\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast] -> [2007/01/05 08:18:24 | 00,114,688 | ---- | M] (LANDesk Software, Ltd.) "C:\Program Files\LANDesk\Shared Files\residentagent.exe" -> C:\Program Files\LANDesk\Shared Files\residentagent.exe [C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk(R) Management Agent] -> [2007/01/09 11:03:10 | 00,122,880 | ---- | M] (LANDesk Software, Ltd.) "C:\Program Files\mIRC\mirc.exe" -> C:\Program Files\mIRC\mirc.exe [C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC] -> File not found "C:\Program Files\Opera\Opera.exe" -> C:\Program Files\Opera\Opera.exe [C:\Program Files\Opera\Opera.exe:*:Enabled:Opera] -> [2006/12/13 16:48:32 | 00,079,360 | ---- | M] (Opera Software) "C:\Program Files\Sword of The New World\ge.exe" -> C:\Program Files\Sword of The New World\ge.exe [C:\Program Files\Sword of The New World\ge.exe:*:Enabled:Sword of the new world] -> File not found "C:\Program Files\uTorrent\uTorrent.exe" -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [2009/07/24 22:17:06 | 00,288,048 | ---- | M] (BitTorrent, Inc.) "C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\System32\cba\pds.exe" -> C:\WINDOWS\System32\cba\pds.exe [C:\WINDOWS\System32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service] -> [2006/06/05 12:49:26 | 00,032,819 | ---- | M] (LANDesk Software Ltd.) "C:\WINDOWS\System32\msgsys.exe" -> C:\WINDOWS\System32\msgsys.exe [C:\WINDOWS\System32\msgsys.exe:*:Enabled:LANDesk Message Service] -> [2006/06/05 12:49:24 | 00,028,729 | ---- | M] (LANDesk Software Ltd.) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ FAT32 ] -> [2005/10/27 16:59:54 | 00,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{e837eddb-3296-11de-94c9-0015002b9427} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e837eddb-3296-11de-94c9-0015002b9427}\Shell \{e837eddb-3296-11de-94c9-0015002b9427}\Shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e837eddb-3296-11de-94c9-0015002b9427}\Shell\AutoRun \{e837eddb-3296-11de-94c9-0015002b9427}\Shell\AutoRun\\"" -> [Auto&Play] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e837eddb-3296-11de-94c9-0015002b9427}\Shell\AutoRun\command \{e837eddb-3296-11de-94c9-0015002b9427}\Shell\AutoRun\command\\"" -> H:\LaunchU3.exe [H:\LaunchU3.exe -a] -> File not found \{e837eddc-3296-11de-94c9-0015002b9427} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e837eddc-3296-11de-94c9-0015002b9427}\Shell\AutoRun\command \{e837eddc-3296-11de-94c9-0015002b9427}\Shell\AutoRun\command\\"" -> J:\setupSNK.exe [J:\setupSNK.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> File not found exefile [open] -> "%1" %* -> File not found [Registry - Additional Scans - Safe List] < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> 6to4 -> C:\WINDOWS\system32\6to4svc.dll [C:\WINDOWS\system32\6to4svc.dll] -> [2008/04/13 20:11:48 | 00,100,352 | ---- | M] (Microsoft Corporation) AppMgmt -> C:\WINDOWS\System32\appmgmts.dll [C:\WINDOWS\System32\appmgmts.dll] -> File not found HidServ -> C:\WINDOWS\System32\hidserv.dll [C:\WINDOWS\System32\hidserv.dll] -> File not found Ias -> [] -> Iprip -> [] -> Irmon -> C:\WINDOWS\system32\irmon.dll [C:\WINDOWS\system32\irmon.dll] -> [2008/04/13 20:11:56 | 00,028,160 | ---- | M] (Microsoft Corporation) NWCWorkstation -> [] -> Nwsapagent -> [] -> Wmi -> [] -> WmdmPmSp -> [] -> helpsvc -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll] -> [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> File not found cmdfile [open] -> "%1" %* -> File not found comfile [open] -> "%1" %* -> File not found exefile [open] -> "%1" %* -> File not found htmlfile [edit] -> "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 -> [2007/04/19 14:07:38 | 00,061,280 | ---- | M] (Microsoft Corporation) htmlfile [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/08/27 01:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) htmlfile [opennew] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/08/27 01:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) htmlfile [print] -> "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 -> [2007/04/19 14:07:38 | 00,061,280 | ---- | M] (Microsoft Corporation) http [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/08/27 01:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) https [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome -> [2009/08/27 01:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) InternetShortcut [print] -> C:\PROGRA~1\SYMPAT~1\COMMUN~1\Program\netscape.exe /print("%1") -> [2000/05/02 17:04:00 | 05,565,088 | ---- | M] (Netscape Communications Corporation) piffile [open] -> "%1" %* -> File not found regfile [merge] -> Reg Error: Key error. scrfile [config] -> "%1" -> File not found scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/04/13 20:12:42 | 00,135,168 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> File not found txtfile [edit] -> Reg Error: Key error. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> File not found Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 20:12:20 | 01,033,728 | ---- | M] (Microsoft Corporation) Directory [Winamp.Bookmark] -> "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" -> [2008/04/01 14:50:32 | 01,307,648 | ---- | M] (Nullsoft) Directory [Winamp.Enqueue] -> "C:\Program Files\Winamp\winamp.exe" /ADD "%1" -> [2008/04/01 14:50:32 | 01,307,648 | ---- | M] (Nullsoft) Directory [Winamp.Play] -> "C:\Program Files\Winamp\winamp.exe" "%1" -> [2008/04/01 14:50:32 | 01,307,648 | ---- | M] (Nullsoft) Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/04/13 20:12:20 | 01,033,728 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/04/13 20:12:20 | 01,033,728 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/04/13 20:12:20 | 01,033,728 | ---- | M] (Microsoft Corporation) Applications\iexplore.exe [open] -> "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 -> [2009/08/27 01:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "C:\Program Files\Internet Explorer\iexplore.exe" -> [2009/08/27 01:18:44 | 00,634,648 | ---- | M] (Microsoft Corporation) < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 10/31/2009 10:34:28 PM Computer Name = CHUNG_COM | Source = Google Update | ID = 20 -> Description = Application [ Error ] 11/1/2009 6:29:07 AM Computer Name = CHUNG_COM | Source = Google Update | ID = 20 -> Description = Application [ Error ] 11/1/2009 4:29:27 PM Computer Name = CHUNG_COM | Source = Google Update | ID = 20 -> Description = Application [ Error ] 11/1/2009 5:29:21 PM Computer Name = CHUNG_COM | Source = Google Update | ID = 20 -> Description = Application [ Error ] 11/1/2009 6:29:21 PM Computer Name = CHUNG_COM | Source = Google Update | ID = 20 -> Description = Application [ Error ] 11/1/2009 7:29:05 PM Computer Name = CHUNG_COM | Source = Google Update | ID = 20 -> Description = Application [ Error ] 11/2/2009 2:37:45 AM Computer Name = CHUNG_COM | Source = Application Error | ID = 1000 -> Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x040e5710. Application [ Error ] 11/2/2009 2:37:55 AM Computer Name = CHUNG_COM | Source = Application Error | ID = 1000 -> Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d. Application [ Error ] 11/4/2009 1:25:11 AM Computer Name = CHUNG_COM | Source = Application Error | ID = 1000 -> Description = Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000. Application [ Error ] 11/5/2009 1:03:20 AM Computer Name = CHUNG_COM | Source = Application Hang | ID = 1002 -> Description = Hanging application OTS.exe, version 3.1.3.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. System [ Error ] 11/4/2009 11:48:26 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7034 -> Description = The LANDesk(R) Management Agent service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 11/4/2009 11:48:26 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7034 -> Description = The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 11/4/2009 11:48:26 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7034 -> Description = The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 11/4/2009 11:48:26 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7034 -> Description = The OwnershipProtocol service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 11/4/2009 11:48:26 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7034 -> Description = The RegSrvc service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 11/4/2009 11:48:26 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7034 -> Description = The Syntek STK1160 Service service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 11/4/2009 11:48:26 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7034 -> Description = The TabletService service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 11/4/2009 11:48:26 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7034 -> Description = The Ulead Burning Helper service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 11/4/2009 11:48:27 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7034 -> Description = The Viewpoint Manager Service service terminated unexpectedly. It has done this 1 time(s). System [ Error ] 11/4/2009 11:48:27 PM Computer Name = CHUNG_COM | Source = Service Control Manager | ID = 7031 -> Description = The Zune Bus Enumerator service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. [Files/Folders - Created Within 30 Days] C:\Documents and Settings\John\Application Data\Malwarebytes -> C:\Documents and Settings\John\Application Data\Malwarebytes -> [2009/11/04 23:07:16 | 00,000,000 | ---D | C] mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2009/11/04 23:07:00 | 00,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2009/11/04 23:06:58 | 00,019,160 | ---- | C] (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2009/11/04 23:06:58 | 00,000,000 | ---D | C] C:\Documents and Settings\All Users\Application Data\Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2009/11/04 23:06:58 | 00,000,000 | ---D | C] _OTS -> C:\_OTS -> [2009/11/04 22:48:18 | 00,000,000 | ---D | C] Norton_Removal_Tool.exe -> C:\Documents and Settings\John\Desktop\Norton_Removal_Tool.exe -> [2009/11/04 22:19:23 | 00,793,200 | ---- | C] (Symantec Corporation) OTS.exe -> C:\Documents and Settings\John\Desktop\OTS.exe -> [2009/11/02 22:48:23 | 00,524,800 | ---- | C] (OldTimer Tools) RootRepeal -> C:\Documents and Settings\John\Desktop\RootRepeal -> [2009/11/02 14:57:24 | 00,000,000 | ---D | C] PCTCore.sys -> C:\WINDOWS\System32\drivers\PCTCore.sys -> [2009/11/01 02:13:53 | 00,206,256 | ---- | C] (PC Tools) PCTAppEvent.sys -> C:\WINDOWS\System32\drivers\PCTAppEvent.sys -> [2009/11/01 02:13:53 | 00,086,888 | ---- | C] (PC Tools) pctplsg.sys -> C:\WINDOWS\System32\drivers\pctplsg.sys -> [2009/11/01 02:13:33 | 00,064,392 | ---- | C] (PC Tools) C:\Program Files\Spyware Doctor -> C:\Program Files\Spyware Doctor -> [2009/11/01 02:13:25 | 00,000,000 | ---D | C] C:\Documents and Settings\John\Application Data\PC Tools -> C:\Documents and Settings\John\Application Data\PC Tools -> [2009/11/01 02:13:25 | 00,000,000 | ---D | C] C:\Documents and Settings\All Users\Application Data\PC Tools -> C:\Documents and Settings\All Users\Application Data\PC Tools -> [2009/11/01 02:13:25 | 00,000,000 | ---D | C] pctgntdi.sys -> C:\WINDOWS\System32\drivers\pctgntdi.sys -> [2009/11/01 01:48:43 | 00,159,600 | ---- | C] (PC Tools) C:\Program Files\Common Files\PC Tools -> C:\Program Files\Common Files\PC Tools -> [2009/11/01 01:44:44 | 00,000,000 | ---D | C] FOUND.021 -> C:\FOUND.021 -> [2009/11/01 01:35:58 | 00,000,000 | -HSD | C] snes9xTYL-0.2c -> C:\Documents and Settings\John\Desktop\snes9xTYL-0.2c -> [2009/10/29 21:50:00 | 00,000,000 | ---D | C] PSPGBA_v1.1 -> C:\Documents and Settings\John\Desktop\PSPGBA_v1.1 -> [2009/10/29 21:48:18 | 00,000,000 | ---D | C] rinv3.2 -> C:\Documents and Settings\John\Desktop\rinv3.2 -> [2009/10/29 21:47:55 | 00,000,000 | ---D | C] 5.50_gen-a -> C:\Documents and Settings\John\Desktop\5.50_gen-a -> [2009/10/29 20:50:54 | 00,000,000 | ---D | C] pspident -> C:\Documents and Settings\John\Desktop\pspident -> [2009/10/29 20:44:38 | 00,000,000 | ---D | C] $AVG -> C:\$AVG -> [2009/10/29 19:34:48 | 00,000,000 | -H-D | C] avgrsstx.dll -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/10/29 18:42:49 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) avgtdix.sys -> C:\WINDOWS\System32\drivers\avgtdix.sys -> [2009/10/29 18:42:48 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) avgldx86.sys -> C:\WINDOWS\System32\drivers\avgldx86.sys -> [2009/10/29 18:42:47 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) avgmfx86.sys -> C:\WINDOWS\System32\drivers\avgmfx86.sys -> [2009/10/29 18:42:46 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) Avg -> C:\WINDOWS\System32\drivers\Avg -> [2009/10/29 18:42:45 | 00,000,000 | ---D | C] C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar -> C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar -> [2009/10/29 18:42:43 | 00,000,000 | ---D | C] C:\Program Files\AVG -> C:\Program Files\AVG -> [2009/10/29 18:42:22 | 00,000,000 | ---D | C] C:\Documents and Settings\All Users\Application Data\avg9 -> C:\Documents and Settings\All Users\Application Data\avg9 -> [2009/10/29 18:42:16 | 00,000,000 | ---D | C] Config.Msi -> C:\Config.Msi -> [2009/10/29 18:29:44 | 00,000,000 | -HSD | C] IIDX ASC pics -> C:\Documents and Settings\John\Desktop\IIDX ASC pics -> [2009/10/13 22:04:04 | 00,000,000 | ---D | C] Push Start -> C:\Documents and Settings\John\Desktop\Push Start -> [2009/10/09 17:56:46 | 00,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] Check Updates for Windows Live Toolbar.job -> C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job -> [2009/11/04 23:49:06 | 00,000,256 | ---- | M] () GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2009/11/04 23:34:06 | 00,000,886 | ---- | M] () GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2009/11/04 23:34:04 | 00,000,882 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2009/11/04 23:23:26 | 00,001,158 | ---- | M] () tablet.dat -> C:\WINDOWS\System32\tablet.dat -> [2009/11/04 23:22:56 | 00,012,941 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2009/11/04 23:22:48 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009/11/04 23:22:40 | 00,002,048 | --S- | M] () NTUSER.DAT -> C:\Documents and Settings\John\NTUSER.DAT -> [2009/11/04 23:21:26 | 06,029,312 | -H-- | M] () ntuser.ini -> C:\Documents and Settings\John\ntuser.ini -> [2009/11/04 23:21:26 | 00,000,178 | -HS- | M] () IconCache.db -> C:\Documents and Settings\John\Local Settings\Application Data\IconCache.db -> [2009/11/04 23:21:20 | 03,757,978 | -H-- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/11/04 23:07:06 | 00,000,600 | ---- | M] () nvapps.xml -> C:\WINDOWS\System32\nvapps.xml -> [2009/11/04 22:28:14 | 00,022,051 | ---- | M] () Norton_Removal_Tool.exe -> C:\Documents and Settings\John\Desktop\Norton_Removal_Tool.exe -> [2009/11/04 22:19:26 | 00,793,200 | ---- | M] (Symantec Corporation) sqmdata19.sqm -> C:\sqmdata19.sqm -> [2009/11/04 20:28:44 | 00,000,268 | -H-- | M] () sqmnoopt19.sqm -> C:\sqmnoopt19.sqm -> [2009/11/04 20:28:44 | 00,000,244 | -H-- | M] () incavi.avm -> C:\WINDOWS\System32\drivers\Avg\incavi.avm -> [2009/11/04 20:23:12 | 44,702,207 | ---- | M] () microavi.avg -> C:\WINDOWS\System32\drivers\Avg\microavi.avg -> [2009/11/04 20:22:32 | 00,084,916 | ---- | M] () OTS.exe -> C:\Documents and Settings\John\Desktop\OTS.exe -> [2009/11/02 22:48:24 | 00,524,800 | ---- | M] (OldTimer Tools) sqmdata18.sqm -> C:\sqmdata18.sqm -> [2009/11/02 16:11:38 | 00,000,268 | -H-- | M] () sqmnoopt18.sqm -> C:\sqmnoopt18.sqm -> [2009/11/02 16:11:38 | 00,000,244 | -H-- | M] () sqmdata17.sqm -> C:\sqmdata17.sqm -> [2009/11/02 16:05:26 | 00,000,268 | -H-- | M] () sqmnoopt17.sqm -> C:\sqmnoopt17.sqm -> [2009/11/02 16:05:26 | 00,000,244 | -H-- | M] () RootRepeal.zip -> C:\Documents and Settings\John\Desktop\RootRepeal.zip -> [2009/11/02 14:57:04 | 00,464,491 | ---- | M] () Harvey Birdman - S4E07 - The Death of Harvey [IcyFlamez].jpg -> C:\Documents and Settings\John\Desktop\Harvey Birdman - S4E07 - The Death of Harvey [IcyFlamez].jpg -> [2009/11/02 00:17:58 | 00,002,507 | ---- | M] () Harvey Birdman - S4E07 - The Death of Harvey [IcyFlamez].mp4 -> C:\Documents and Settings\John\Desktop\Harvey Birdman - S4E07 - The Death of Harvey [IcyFlamez].mp4 -> [2009/11/02 00:17:56 | 81,400,934 | ---- | M] () Harvey Birdman - S4E06 - Juror in Court [IcyFlamez].jpg -> C:\Documents and Settings\John\Desktop\Harvey Birdman - S4E06 - Juror in Court [IcyFlamez].jpg -> [2009/11/01 23:28:10 | 00,005,658 | ---- | M] () Harvey Birdman - S4E06 - Juror in Court [IcyFlamez].mp4 -> C:\Documents and Settings\John\Desktop\Harvey Birdman - S4E06 - Juror in Court [IcyFlamez].mp4 -> [2009/11/01 23:28:08 | 38,177,645 | ---- | M] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2009/11/01 21:48:58 | 00,000,116 | ---- | M] () Spyware Doctor.lnk -> C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk -> [2009/11/01 02:13:42 | 00,001,541 | ---- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2009/11/01 01:37:50 | 02,379,768 | ---- | M] () PSPGBA_v1.1.zip -> C:\Documents and Settings\John\Desktop\PSPGBA_v1.1.zip -> [2009/10/29 21:47:34 | 00,573,777 | ---- | M] () snes9xTYL-0.2c.zip -> C:\Documents and Settings\John\Desktop\snes9xTYL-0.2c.zip -> [2009/10/29 21:47:04 | 01,092,874 | ---- | M] () iavichjw.avm -> C:\WINDOWS\System32\drivers\Avg\iavichjw.avm -> [2009/10/29 18:43:04 | 00,113,461 | ---- | M] () avgtdix.sys -> C:\WINDOWS\System32\drivers\avgtdix.sys -> [2009/10/29 18:42:50 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) avgrsstx.dll -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/10/29 18:42:50 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) AVG Free 9.0.lnk -> C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk -> [2009/10/29 18:42:50 | 00,001,411 | ---- | M] () avi7.avg -> C:\WINDOWS\System32\drivers\Avg\avi7.avg -> [2009/10/29 18:42:48 | 06,061,540 | ---- | M] () miniavi.avg -> C:\WINDOWS\System32\drivers\Avg\miniavi.avg -> [2009/10/29 18:42:48 | 00,492,629 | ---- | M] () avgldx86.sys -> C:\WINDOWS\System32\drivers\avgldx86.sys -> [2009/10/29 18:42:48 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) avgmfx86.sys -> C:\WINDOWS\System32\drivers\avgmfx86.sys -> [2009/10/29 18:42:48 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) WiiTradeGames.wps -> C:\Documents and Settings\John\My Documents\WiiTradeGames.wps -> [2009/10/28 15:51:22 | 00,009,728 | ---- | M] () wklnhst.dat -> C:\Documents and Settings\John\Application Data\wklnhst.dat -> [2009/10/28 15:51:22 | 00,000,710 | ---- | M] () sqmdata16.sqm -> C:\sqmdata16.sqm -> [2009/10/23 20:17:42 | 00,000,268 | -H-- | M] () sqmnoopt16.sqm -> C:\sqmnoopt16.sqm -> [2009/10/23 20:17:42 | 00,000,244 | -H-- | M] () mshtml.dll -> C:\WINDOWS\System32\mshtml.dll -> [2009/10/20 23:08:54 | 03,598,336 | ---- | M] (Microsoft Corporation) mshtml.dll -> C:\WINDOWS\System32\dllcache\mshtml.dll -> [2009/10/20 23:08:54 | 03,598,336 | ---- | M] (Microsoft Corporation) sqmdata15.sqm -> C:\sqmdata15.sqm -> [2009/10/17 21:25:14 | 00,000,268 | -H-- | M] () sqmnoopt15.sqm -> C:\sqmnoopt15.sqm -> [2009/10/17 21:25:14 | 00,000,244 | -H-- | M] () sqmdata14.sqm -> C:\sqmdata14.sqm -> [2009/10/17 21:09:26 | 00,000,268 | -H-- | M] () sqmnoopt14.sqm -> C:\sqmnoopt14.sqm -> [2009/10/17 21:09:26 | 00,000,244 | -H-- | M] () PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2009/10/14 20:04:32 | 00,496,480 | ---- | M] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2009/10/14 20:04:32 | 00,437,774 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2009/10/14 20:04:32 | 00,069,572 | ---- | M] () imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2009/10/14 20:00:14 | 00,001,393 | ---- | M] () GDIPFONTCACHEV1.DAT -> C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT -> [2009/10/13 22:06:24 | 00,092,704 | ---- | M] () sqmdata13.sqm -> C:\sqmdata13.sqm -> [2009/10/12 22:26:44 | 00,000,268 | -H-- | M] () sqmnoopt13.sqm -> C:\sqmnoopt13.sqm -> [2009/10/12 22:26:44 | 00,000,244 | -H-- | M] () sqmdata12.sqm -> C:\sqmdata12.sqm -> [2009/10/12 22:10:24 | 00,000,268 | -H-- | M] () sqmnoopt12.sqm -> C:\sqmnoopt12.sqm -> [2009/10/12 22:10:24 | 00,000,244 | -H-- | M] () sqmdata11.sqm -> C:\sqmdata11.sqm -> [2009/10/12 15:42:42 | 00,000,268 | -H-- | M] () sqmnoopt11.sqm -> C:\sqmnoopt11.sqm -> [2009/10/12 15:42:42 | 00,000,244 | -H-- | M] () sqmdata10.sqm -> C:\sqmdata10.sqm -> [2009/10/09 22:25:42 | 00,000,268 | -H-- | M] () sqmnoopt10.sqm -> C:\sqmnoopt10.sqm -> [2009/10/09 22:25:42 | 00,000,244 | -H-- | M] () Push Start.rtf -> C:\Documents and Settings\John\My Documents\Push Start.rtf -> [2009/10/09 14:02:38 | 00,001,944 | ---- | M] () sqmdata09.sqm -> C:\sqmdata09.sqm -> [2009/10/08 10:24:32 | 00,000,268 | -H-- | M] () sqmnoopt09.sqm -> C:\sqmnoopt09.sqm -> [2009/10/08 10:24:32 | 00,000,244 | -H-- | M] () youtube.rtf -> C:\Documents and Settings\John\My Documents\youtube.rtf -> [2009/10/07 12:16:20 | 00,002,555 | ---- | M] () [Files - No Company Name] Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/11/04 23:07:04 | 00,000,600 | ---- | C] () RootRepeal.zip -> C:\Documents and Settings\John\Desktop\RootRepeal.zip -> [2009/11/02 14:57:07 | 00,464,491 | ---- | C] () Harvey Birdman - S4E07 - The Death of Harvey [IcyFlamez].mp4 -> C:\Documents and Settings\John\Desktop\Harvey Birdman - S4E07 - The Death of Harvey [IcyFlamez].mp4 -> [2009/11/02 00:20:23 | 81,400,934 | ---- | C] () Harvey Birdman - S4E07 - The Death of Harvey [IcyFlamez].jpg -> C:\Documents and Settings\John\Desktop\Harvey Birdman - S4E07 - The Death of Harvey [IcyFlamez].jpg -> [2009/11/02 00:20:23 | 00,002,507 | ---- | C] () Harvey Birdman - S4E06 - Juror in Court [IcyFlamez].mp4 -> C:\Documents and Settings\John\Desktop\Harvey Birdman - S4E06 - Juror in Court [IcyFlamez].mp4 -> [2009/11/02 00:20:21 | 38,177,645 | ---- | C] () Harvey Birdman - S4E06 - Juror in Court [IcyFlamez].jpg -> C:\Documents and Settings\John\Desktop\Harvey Birdman - S4E06 - Juror in Court [IcyFlamez].jpg -> [2009/11/02 00:20:21 | 00,005,658 | ---- | C] () pctcore.cat -> C:\WINDOWS\System32\drivers\pctcore.cat -> [2009/11/01 02:13:53 | 00,007,396 | ---- | C] () Spyware Doctor.lnk -> C:\Documents and Settings\All Users\Desktop\Spyware Doctor.lnk -> [2009/11/01 02:13:40 | 00,001,541 | ---- | C] () PSPGBA_v1.1.zip -> C:\Documents and Settings\John\Desktop\PSPGBA_v1.1.zip -> [2009/10/29 21:47:32 | 00,573,777 | ---- | C] () snes9xTYL-0.2c.zip -> C:\Documents and Settings\John\Desktop\snes9xTYL-0.2c.zip -> [2009/10/29 21:47:02 | 01,092,874 | ---- | C] () iavichjw.avm -> C:\WINDOWS\System32\drivers\Avg\iavichjw.avm -> [2009/10/29 18:43:02 | 00,113,461 | ---- | C] () incavi.avm -> C:\WINDOWS\System32\drivers\Avg\incavi.avm -> [2009/10/29 18:42:49 | 44,702,207 | ---- | C] () microavi.avg -> C:\WINDOWS\System32\drivers\Avg\microavi.avg -> [2009/10/29 18:42:49 | 00,084,916 | ---- | C] () AVG Free 9.0.lnk -> C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk -> [2009/10/29 18:42:49 | 00,001,411 | ---- | C] () miniavi.avg -> C:\WINDOWS\System32\drivers\Avg\miniavi.avg -> [2009/10/29 18:42:46 | 00,492,629 | ---- | C] () avi7.avg -> C:\WINDOWS\System32\drivers\Avg\avi7.avg -> [2009/10/29 18:42:45 | 06,061,540 | ---- | C] () WiiTradeGames.wps -> C:\Documents and Settings\John\My Documents\WiiTradeGames.wps -> [2009/10/28 15:51:20 | 00,009,728 | ---- | C] () Push Start.rtf -> C:\Documents and Settings\John\My Documents\Push Start.rtf -> [2009/10/09 14:02:36 | 00,001,944 | ---- | C] () youtube.rtf -> C:\Documents and Settings\John\My Documents\youtube.rtf -> [2009/10/07 12:16:18 | 00,002,555 | ---- | C] () AVSredirect.dll -> C:\WINDOWS\System32\AVSredirect.dll -> [2009/05/27 16:51:07 | 00,027,648 | ---- | C] () xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2009/05/20 20:18:32 | 00,815,104 | ---- | C] () xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2009/05/20 20:18:25 | 00,180,224 | ---- | C] () libfilefmt-1.1.0.dll -> C:\WINDOWS\System32\libfilefmt-1.1.0.dll -> [2009/05/17 00:35:19 | 03,423,744 | ---- | C] () libavi-dd-1.2.0.dll -> C:\WINDOWS\System32\libavi-dd-1.2.0.dll -> [2009/05/17 00:35:19 | 00,020,480 | ---- | C] () libmcl-3.1.1.dll -> C:\WINDOWS\System32\libmcl-3.1.1.dll -> [2009/05/17 00:35:18 | 00,706,048 | ---- | C] () Chip.dll -> C:\WINDOWS\System32\Chip.dll -> [2008/10/12 18:45:46 | 00,034,308 | ---- | C] () FoxImager.dll -> C:\WINDOWS\System32\FoxImager.dll -> [2008/10/12 18:45:11 | 00,323,584 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2008/09/23 21:27:48 | 00,000,376 | ---- | C] () RtlCPAPI.dll -> C:\WINDOWS\System32\RtlCPAPI.dll -> [2008/06/15 11:02:33 | 00,156,672 | ---- | C] () sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2007/11/28 14:33:11 | 00,685,816 | ---- | C] () n02.ini -> C:\WINDOWS\n02.ini -> [2007/10/12 22:08:52 | 00,000,440 | ---- | C] () Wintab.dll -> C:\WINDOWS\System32\Wintab.dll -> [2007/08/19 14:25:16 | 00,015,744 | ---- | C] () kaillera.ini -> C:\WINDOWS\kaillera.ini -> [2007/07/08 21:58:56 | 00,001,630 | ---- | C] () netscape.INI -> C:\WINDOWS\netscape.INI -> [2007/01/21 19:46:51 | 00,000,224 | ---- | C] () MCC16.dll -> C:\WINDOWS\System32\MCC16.dll -> [2006/11/08 17:48:43 | 00,006,048 | ---- | C] () ntsautodial.ini -> C:\WINDOWS\ntsautodial.ini -> [2006/11/05 15:08:08 | 00,000,130 | ---- | C] () Textart.INI -> C:\WINDOWS\Textart.INI -> [2006/10/29 18:17:22 | 00,000,000 | ---- | C] () fftw3.dll -> C:\WINDOWS\System32\fftw3.dll -> [2006/08/16 10:13:34 | 01,382,280 | ---- | C] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2006/07/30 19:49:36 | 00,000,116 | ---- | C] () fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2006/07/19 14:48:36 | 00,001,793 | ---- | C] () KGyGaAvL.sys -> C:\WINDOWS\System32\KGyGaAvL.sys -> [2006/06/17 16:59:44 | 00,001,890 | -HS- | C] () vidx16.dll -> C:\WINDOWS\System32\vidx16.dll -> [2006/06/11 11:04:20 | 00,010,240 | ---- | C] () CNMVS75.DLL -> C:\WINDOWS\System32\CNMVS75.DLL -> [2006/06/10 09:13:01 | 00,008,704 | ---- | C] () regobj.dll -> C:\WINDOWS\System32\regobj.dll -> [2006/06/04 06:06:49 | 00,040,448 | ---- | C] () ASUSHWIO.SYS -> C:\WINDOWS\System32\drivers\ASUSHWIO.SYS -> [2006/05/28 03:47:27 | 00,005,824 | ---- | C] () impborl.dll -> C:\WINDOWS\impborl.dll -> [2005/10/27 17:22:39 | 00,012,288 | ---- | C] () ASLM75.SYS -> C:\WINDOWS\System32\ASLM75.SYS -> [2005/10/27 17:11:28 | 00,006,272 | ---- | C] () ASLM75.SYS -> C:\WINDOWS\System32\drivers\ASLM75.SYS -> [2005/10/27 17:11:26 | 00,006,272 | ---- | C] () orun32.ini -> C:\WINDOWS\orun32.ini -> [2005/10/27 17:03:56 | 00,000,882 | ---- | C] () smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2005/10/27 02:26:02 | 00,000,061 | ---- | C] () ATKACPI.sys -> C:\WINDOWS\System32\drivers\ATKACPI.sys -> [2005/02/17 10:07:48 | 00,005,632 | ---- | C] () ASUSASV2.DLL -> C:\WINDOWS\System32\ASUSASV2.DLL -> [2004/10/11 11:19:00 | 00,092,672 | ---- | C] () MMIOPORT.SYS -> C:\WINDOWS\System32\drivers\MMIOPORT.SYS -> [2004/08/19 10:07:40 | 00,007,424 | R--- | C] () OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2004/08/19 10:07:40 | 00,002,540 | ---- | C] () win.ini -> C:\WINDOWS\win.ini -> [2004/08/19 10:07:20 | 00,000,720 | ---- | C] () system.ini -> C:\WINDOWS\system.ini -> [2004/08/19 10:07:18 | 00,000,227 | ---- | C] () iwca.dll -> C:\WINDOWS\System32\iwca.dll -> [2004/08/12 08:44:10 | 00,016,384 | ---- | C] () libmmd.dll -> C:\WINDOWS\System32\libmmd.dll -> [2004/03/18 07:44:29 | 01,663,068 | ---- | C] () OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 15:05:08 | 00,002,695 | ---- | C] () UA000106.DLL -> C:\WINDOWS\UA000106.DLL -> [2002/03/16 20:00:00 | 00,007,420 | ---- | C] () UA000079.DLL -> C:\WINDOWS\UA000079.DLL -> [2002/03/16 20:00:00 | 00,007,420 | ---- | C] () UA000035.DLL -> C:\WINDOWS\UA000035.DLL -> [2002/03/16 20:00:00 | 00,007,420 | ---- | C] () [File - Lop Check] C:\Documents and Settings\All Users\Application Data\Borland -> C:\Documents and Settings\All Users\Application Data\Borland -> [2006/06/04 06:04:26 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\CanonBJ -> C:\Documents and Settings\All Users\Application Data\CanonBJ -> [2006/08/12 10:18:50 | 00,000,000 | -H-D | M] C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar -> C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar -> [2007/06/16 21:16:18 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Outspark -> C:\Documents and Settings\All Users\Application Data\Outspark -> [2007/08/27 23:37:14 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2007/10/08 11:45:58 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Pinnacle -> C:\Documents and Settings\All Users\Application Data\Pinnacle -> [2007/11/28 15:07:38 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\vulScan -> C:\Documents and Settings\All Users\Application Data\vulScan -> [2008/09/08 11:48:02 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2008/09/27 14:49:02 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Ulead Systems -> C:\Documents and Settings\All Users\Application Data\Ulead Systems -> [2009/05/14 19:44:10 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc -> C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc -> [2009/05/14 20:19:14 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\acccore -> C:\Documents and Settings\All Users\Application Data\acccore -> [2009/06/29 23:19:04 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\AIM Toolbar -> C:\Documents and Settings\All Users\Application Data\AIM Toolbar -> [2009/06/29 23:19:12 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\avg9 -> C:\Documents and Settings\All Users\Application Data\avg9 -> [2009/10/29 18:42:18 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar -> C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar -> [2009/10/29 18:42:44 | 00,000,000 | ---D | M] C:\Documents and Settings\Chung Huynh\Application Data\COREL -> C:\Documents and Settings\Chung Huynh\Application Data\COREL -> [2006/06/04 06:09:48 | 00,000,000 | ---D | M] C:\Documents and Settings\Chung Huynh\Application Data\Template -> C:\Documents and Settings\Chung Huynh\Application Data\Template -> [2006/06/24 11:50:12 | 00,000,000 | ---D | M] C:\Documents and Settings\Chung Huynh\Application Data\Corel Photo Album -> C:\Documents and Settings\Chung Huynh\Application Data\Corel Photo Album -> [2007/11/28 15:19:04 | 00,000,000 | ---D | M] C:\Documents and Settings\Chung Huynh\Application Data\Steinberg -> C:\Documents and Settings\Chung Huynh\Application Data\Steinberg -> [2007/12/05 19:39:48 | 00,000,000 | ---D | M] C:\Documents and Settings\Chung Huynh\Application Data\acccore -> C:\Documents and Settings\Chung Huynh\Application Data\acccore -> [2008/05/22 16:48:34 | 00,000,000 | ---D | M] C:\Documents and Settings\Chung Huynh\Application Data\Ulead Systems -> C:\Documents and Settings\Chung Huynh\Application Data\Ulead Systems -> [2009/10/17 21:59:10 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\Template -> C:\Documents and Settings\Computer User\Application Data\Template -> [2006/09/29 19:42:20 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\Corel -> C:\Documents and Settings\Computer User\Application Data\Corel -> [2007/01/14 17:10:20 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\Opera -> C:\Documents and Settings\Computer User\Application Data\Opera -> [2007/03/21 22:12:52 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\acccore -> C:\Documents and Settings\Computer User\Application Data\acccore -> [2007/10/08 15:27:02 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\Viewpoint -> C:\Documents and Settings\Computer User\Application Data\Viewpoint -> [2007/10/08 15:47:26 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\Secret of the Solstice -> C:\Documents and Settings\Computer User\Application Data\Secret of the Solstice -> [2007/12/06 23:08:14 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\Corel Photo Album -> C:\Documents and Settings\Computer User\Application Data\Corel Photo Album -> [2007/12/09 20:40:10 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\fltk.org -> C:\Documents and Settings\Computer User\Application Data\fltk.org -> [2007/12/16 22:04:02 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\Damdai -> C:\Documents and Settings\Computer User\Application Data\Damdai -> [2008/06/06 12:45:56 | 00,000,000 | ---D | M] C:\Documents and Settings\Computer User\Application Data\Ulead Systems -> C:\Documents and Settings\Computer User\Application Data\Ulead Systems -> [2009/05/17 16:41:42 | 00,000,000 | ---D | M] C:\Documents and Settings\John\Application Data\Corel Photo Album -> C:\Documents and Settings\John\Application Data\Corel Photo Album -> [2008/09/13 00:47:12 | 00,000,000 | ---D | M] C:\Documents and Settings\John\Application Data\acccore -> C:\Documents and Settings\John\Application Data\acccore -> [2008/09/13 01:05:18 | 00,000,000 | ---D | M] C:\Documents and Settings\John\Application Data\Template -> C:\Documents and Settings\John\Application Data\Template -> [2008/09/24 10:21:48 | 00,000,000 | ---D | M] C:\Documents and Settings\John\Application Data\fltk.org -> C:\Documents and Settings\John\Application Data\fltk.org -> [2008/09/27 01:11:42 | 00,000,000 | ---D | M] C:\Documents and Settings\John\Application Data\Damdai -> C:\Documents and Settings\John\Application Data\Damdai -> [2008/11/19 11:58:58 | 00,000,000 | ---D | M] C:\Documents and Settings\John\Application Data\uTorrent -> C:\Documents and Settings\John\Application Data\uTorrent -> [2009/01/27 03:00:14 | 00,000,000 | ---D | M] C:\Documents and Settings\John\Application Data\Ulead Systems -> C:\Documents and Settings\John\Application Data\Ulead Systems -> [2009/05/14 19:47:06 | 00,000,000 | ---D | M] C:\Documents and Settings\John\Application Data\ImgBurn -> C:\Documents and Settings\John\Application Data\ImgBurn -> [2009/07/24 16:31:34 | 00,000,000 | ---D | M] C:\Documents and Settings\John\Application Data\OxelonMC -> C:\Documents and Settings\John\Application Data\OxelonMC -> [2009/09/03 22:20:06 | 00,000,000 | ---D | M] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [2004/08/04 20:00:00 | 00,000,065 | RH-- | M] () SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [2009/11/04 23:22:48 | 00,000,006 | -H-- | M] () Check Updates for Windows Live Toolbar.job -> C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job -> [2009/11/04 23:49:06 | 00,000,256 | ---- | M] () [File - Purity Scan] [Custom Scans] < %SYSTEMDRIVE%\*.exe > < %SYSTEMROOT%\*.* /s /r > 10 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> 5 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> 1 C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> 1 C:\WINDOWS\system32\FxsTmp\*.tmp files -> C:\WINDOWS\system32\FxsTmp\*.tmp -> 1 C:\WINDOWS\twain_32\STK1150\*.tmp files -> C:\WINDOWS\twain_32\STK1150\*.tmp -> < %SYSTEMDRIVE%\eventlog.dll /s /md5 > eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll -> [2004/08/04 20:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=6D4FEB43EE538FC5428CC7F0565AA656 -> C:\WINDOWS\ServicePackFiles\i386\eventlog.dll -> [2008/04/13 20:11:54 | 00,056,320 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=6D4FEB43EE538FC5428CC7F0565AA656 -> C:\WINDOWS\system32\eventlog.dll -> [2008/04/13 20:11:54 | 00,056,320 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\scecli.dll /s /md5 > scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll -> [2004/08/04 20:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -> C:\WINDOWS\ServicePackFiles\i386\scecli.dll -> [2008/04/13 20:12:06 | 00,181,248 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -> C:\WINDOWS\system32\scecli.dll -> [2008/04/13 20:12:06 | 00,181,248 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\netlogon.dll /s /md5 > netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll -> [2004/08/04 20:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=1B7F071C51B77C272875C3A23E1E4550 -> C:\WINDOWS\ServicePackFiles\i386\netlogon.dll -> [2008/04/13 20:12:02 | 00,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=1B7F071C51B77C272875C3A23E1E4550 -> C:\WINDOWS\system32\netlogon.dll -> [2008/04/13 20:12:02 | 00,407,040 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\cngaudit.dll /s /md5 > < %SYSTEMDRIVE%\sceclt.dll /s /md5 > < %SYSTEMDRIVE%\ntelogon.dll /s /md5 > < %SYSTEMDRIVE%\logevent.dll /s /md5 > < %SYSTEMDRIVE%\iaStor.sys /s /md5 > < %SYSTEMDRIVE%\nvstor.sys /s /md5 > < %SYSTEMDRIVE%\atapi.sys /s /md5 > atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys -> [2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=9F3A2F5AA6875C72BF062C712CFA2674 -> C:\WINDOWS\ServicePackFiles\i386\atapi.sys -> [2008/04/13 14:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=9F3A2F5AA6875C72BF062C712CFA2674 -> C:\WINDOWS\system32\drivers\atapi.sys -> [2008/04/13 14:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys -> [2004/08/04 20:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 > < %SYSTEMDRIVE%\viasraid.sys /s /md5 > < %SYSTEMDRIVE%\AGP440.sys /s /md5 > agp440.sys : MD5=08FD04AA961BDC77FB983F328334E3D7 -> C:\WINDOWS\ServicePackFiles\i386\agp440.sys -> [2008/04/13 14:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) agp440.sys : MD5=08FD04AA961BDC77FB983F328334E3D7 -> C:\WINDOWS\system32\drivers\agp440.sys -> [2008/04/13 14:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\vaxscsi.sys /s /md5 > < %SYSTEMDRIVE%\comres.dll /s /md5 > comres.dll : MD5=6728270CB7DBB776ED086F5AC4C82310 -> C:\WINDOWS\$NtServicePackUninstall$\comres.dll -> [2004/08/04 20:00:00 | 00,792,064 | ---- | M] (Microsoft Corporation) comres.dll : MD5=1280A158C722FA95A80FB7AEBE78FA7D -> C:\WINDOWS\ServicePackFiles\i386\comres.dll -> [2008/04/13 20:11:52 | 00,792,064 | ---- | M] (Microsoft Corporation) comres.dll : MD5=1280A158C722FA95A80FB7AEBE78FA7D -> C:\WINDOWS\system32\comres.dll -> [2008/04/13 20:11:52 | 00,792,064 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\appmgmts.dll /s /md5 > < End of report > [/code]