Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 20 of 21 Posts

·
Registered
Joined
·
11 Posts
Discussion Starter · #1 ·
Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft® Windows Vista™ Home Premium , Service Pack 2, 32 bit
Processor: Intel(R) Core(TM) Duo CPU T2350 @ 1.86GHz, x86 Family 6 Model 14 Stepping 12
Processor Count: 2
RAM: 2037 Mb
Graphics Card: Mobile Intel(R) 945 Express Chipset Family, 256 Mb
Hard Drives: C: Total - 72316 MB, Free - 13438 MB; D: Total - 72308 MB, Free - 37698 MB;
Motherboard: Acer, Myall2 , Rev , LXAZ90X02770606F572000
Antivirus: superantispyware

I have IE 9 Beta and it will not load any web page. For instance msn is my home page, it will be in the address bar but the page is blank. I have reset the IE settings and restored advanced settings. I have tried to uninstall and reinstall it and it did not help.
I ran Hijack This but have no idea what I am looking at:Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:54:18 PM, on 1/7/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\iPhone Configuration Utility\iPCU.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 3646 bytes
I am currently using safari and haven't had any trouble however I need IE for my classes. Any help would be great.
 

·
Retired Trusted Advisor
Joined
·
34,806 Posts
Malware will often change Lan settings and configure proxy settings by "tunneling" traffic through a certain port (e.g. Local address: 127.0.0.1 Port: 5555).

Run HijackThis again.

Select Do a system scan only.

Put a check mark on:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522

Click Fix checked.

However, you do not have an antivirus running on that computer and if you're infected, the proxy settings might come back again. SUPERAntiSpyware is not an antivirus (and is not even running).
 

·
Registered
Joined
·
11 Posts
Discussion Starter · #11 ·
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:06:52 AM, on 1/8/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 4527 bytes
 

·
Registered
Joined
·
11 Posts
Discussion Starter · #13 ·
DDS (Ver_10-12-12.02)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/9/2008 7:59:09 PM
System Uptime: 1/7/2011 7:43:38 PM (17 hours ago)

Motherboard: Acer | | Myall2
Processor: Intel(R) Core(TM) Duo CPU T2350 @ 1.86GHz | U2E1 | 1867/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 71 GiB total, 14.009 GiB free.
D: is FIXED (NTFS) - 71 GiB total, 36.815 GiB free.
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1457: 12/29/2010 3:00:11 AM - Windows Update

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Acer Arcade Deluxe
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Agere Systems HDA Modem
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Photo Book Screen Saver
AVG 2011
AVG PC Tuneup 2011
BlackBerry Desktop Software 6.0
BlackBerry Device Software Updater
BlackBerry Device Software v4.5.0 for the BlackBerry 8300 smartphone
Bonjour
Convert AVI to MP4 1.3
EPSON Scan
EPSON Stylus NX400 Series Printer Uninstall
Feedback Tool
Glary Utilities 2.30.0.1066
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
iPhone Configuration Utility
iTunes
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) SE Runtime Environment 6 Update 1
LightScribe 1.4.124.1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MP3 Rocket
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
OGA Notifier 2.0.0048.0
PowerProducer
Quicken 2007
QuickTime
Realtek High Definition Audio Driver
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Toolbars
Skype™ 4.2
SUPERAntiSpyware
SupportSoft Assisted Service
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Visual C++ 8.0 ATL (x86) WinSXS MSM
Visual C++ 8.0 CRT (x86) WinSXS MSM
VLC media player 0.9.8a
Vuze
Windows Live ID Sign-in Assistant
Xobni Core
Yahoo! Software Update

==== Event Viewer Messages From Past Week ========

1/7/2011 7:47:06 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80029c4a'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
1/7/2011 7:44:04 PM, Error: volmgr [46] - Crash dump initialization failed!
1/7/2011 6:24:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/7/2011 6:24:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
1/7/2011 6:24:25 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
1/7/2011 6:24:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/7/2011 6:24:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
1/7/2011 6:24:00 PM, Error: EventLog [6008] - The previous system shutdown at 6:22:26 PM on 1/7/2011 was unexpected.
1/7/2011 4:12:05 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\James\AppData\Local\Microsoft\Windows\UsrClass.dat' was corrupted and it has been recovered. Some data might have been lost.
1/3/2011 12:24:20 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {4991D34B-80A1-4291-83B6-3328366B9097} to the user James-PC\James SID (S-1-5-21-3089797365-2726529599-4294900105-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
1/2/2011 9:52:56 AM, Error: EventLog [6008] - The previous system shutdown at 9:36:23 AM on 1/2/2011 was unexpected.
1/2/2011 9:15:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
1/2/2011 9:14:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
1/2/2011 9:14:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
1/2/2011 9:14:26 PM, Error: EventLog [6008] - The previous system shutdown at 8:56:55 PM on 1/2/2011 was unexpected.
1/2/2011 7:51:21 PM, Error: EventLog [6008] - The previous system shutdown at 7:49:52 PM on 1/2/2011 was unexpected.
1/2/2011 7:24:42 PM, Error: EventLog [6008] - The previous system shutdown at 7:22:55 PM on 1/2/2011 was unexpected.
1/1/2011 9:33:17 PM, Error: EventLog [6008] - The previous system shutdown at 9:32:07 PM on 1/1/2011 was unexpected.
1/1/2011 9:11:05 PM, Error: EventLog [6008] - The previous system shutdown at 9:09:40 PM on 1/1/2011 was unexpected.
1/1/2011 8:47:10 PM, Error: EventLog [6008] - The previous system shutdown at 8:45:09 PM on 1/1/2011 was unexpected.
1/1/2011 8:24:07 PM, Error: EventLog [6008] - The previous system shutdown at 8:22:09 PM on 1/1/2011 was unexpected.

==== End Of File ===========================DDS (Ver_10-12-12.02) - NTFSx86
Run by James at 12:40:18.03 on Sat 01/08/2011
Internet Explorer: 9.0.7930.16406
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.876 [GMT -5:00]

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Safari\Safari.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\James\AppData\Local\Temp\w5fusnjd.tmp\dds.com
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============
 

·
Registered
Joined
·
11 Posts
Discussion Starter · #15 ·
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/9/2008 7:59:09 PM
System Uptime: 1/7/2011 7:43:38 PM (18 hours ago)

Motherboard: Acer | | Myall2
Processor: Intel(R) Core(TM) Duo CPU T2350 @ 1.86GHz | U2E1 | 1867/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 71 GiB total, 14.008 GiB free.
D: is FIXED (NTFS) - 71 GiB total, 36.815 GiB free.
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1457: 12/29/2010 3:00:11 AM - Windows Update

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Acer Arcade Deluxe
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Agere Systems HDA Modem
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Photo Book Screen Saver
AVG 2011
AVG PC Tuneup 2011
BlackBerry Desktop Software 6.0
BlackBerry Device Software Updater
BlackBerry Device Software v4.5.0 for the BlackBerry 8300 smartphone
Bonjour
Convert AVI to MP4 1.3
EPSON Scan
EPSON Stylus NX400 Series Printer Uninstall
Feedback Tool
Glary Utilities 2.30.0.1066
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
iPhone Configuration Utility
iTunes
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) SE Runtime Environment 6 Update 1
LightScribe 1.4.124.1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MP3 Rocket
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
OGA Notifier 2.0.0048.0
PowerProducer
Quicken 2007
QuickTime
Realtek High Definition Audio Driver
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Toolbars
Skype™ 4.2
SUPERAntiSpyware
SupportSoft Assisted Service
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Visual C++ 8.0 ATL (x86) WinSXS MSM
Visual C++ 8.0 CRT (x86) WinSXS MSM
VLC media player 0.9.8a
Vuze
Windows Live ID Sign-in Assistant
Xobni Core
Yahoo! Software Update

==== Event Viewer Messages From Past Week ========

1/7/2011 7:47:06 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80029c4a'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
1/7/2011 7:44:04 PM, Error: volmgr [46] - Crash dump initialization failed!
1/7/2011 6:24:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/7/2011 6:24:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
1/7/2011 6:24:25 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
1/7/2011 6:24:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/7/2011 6:24:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
1/7/2011 6:24:00 PM, Error: EventLog [6008] - The previous system shutdown at 6:22:26 PM on 1/7/2011 was unexpected.
1/7/2011 4:12:05 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\James\AppData\Local\Microsoft\Windows\UsrClass.dat' was corrupted and it has been recovered. Some data might have been lost.
1/3/2011 12:24:20 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {4991D34B-80A1-4291-83B6-3328366B9097} to the user James-PC\James SID (S-1-5-21-3089797365-2726529599-4294900105-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
1/2/2011 9:52:56 AM, Error: EventLog [6008] - The previous system shutdown at 9:36:23 AM on 1/2/2011 was unexpected.
1/2/2011 9:15:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
1/2/2011 9:14:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
1/2/2011 9:14:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
1/2/2011 9:14:26 PM, Error: EventLog [6008] - The previous system shutdown at 8:56:55 PM on 1/2/2011 was unexpected.
1/2/2011 7:51:21 PM, Error: EventLog [6008] - The previous system shutdown at 7:49:52 PM on 1/2/2011 was unexpected.
1/2/2011 7:24:42 PM, Error: EventLog [6008] - The previous system shutdown at 7:22:55 PM on 1/2/2011 was unexpected.
1/1/2011 9:33:17 PM, Error: EventLog [6008] - The previous system shutdown at 9:32:07 PM on 1/1/2011 was unexpected.
1/1/2011 9:11:05 PM, Error: EventLog [6008] - The previous system shutdown at 9:09:40 PM on 1/1/2011 was unexpected.
1/1/2011 8:47:10 PM, Error: EventLog [6008] - The previous system shutdown at 8:45:09 PM on 1/1/2011 was unexpected.
1/1/2011 8:24:07 PM, Error: EventLog [6008] - The previous system shutdown at 8:22:09 PM on 1/1/2011 was unexpected.

==== End Of File ===========================
DDS (Ver_10-12-12.02) - NTFSx86
Run by James at 13:04:16.45 on Sat 01/08/2011
Internet Explorer: 9.0.7930.16406
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.914 [GMT -5:00]

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Safari\Safari.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\James\AppData\Local\Temp\igueoc3r.tmp\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

mStart Page = hxxp://www.msn.com
uInternet Settings,ProxyOverride = <local>;*.local
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2010-11-23 6128208]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 27216]
R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-12-18 21504]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2008-12-9 847392]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-1-7 517448]

=============== Created Last 30 ================

2011-01-07 21:36:03 -------- d-----w- c:\program files\Perfect Optimizer
2011-01-07 21:18:22 -------- d-----w- c:\progra~2\AVG Security Toolbar
2011-01-07 21:17:14 -------- d-----w- c:\windows\system32\drivers\AVG
2011-01-07 18:05:13 388096 ----a-r- c:\users\james\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-01-07 18:05:12 -------- d-----w- c:\program files\Trend Micro
2011-01-07 06:21:11 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{36d66545-d7aa-47ef-987f-9e4419c44a82}\mpengine.dll
2011-01-07 05:54:44 67312 ----a-w- c:\windows\UnDeployV.exe
2011-01-06 22:30:30 2381824 ----a-w- c:\windows\system32\mshtml.tlb
2011-01-06 22:30:30 1448448 ----a-w- c:\windows\system32\inetcpl.cpl
2011-01-04 21:37:36 -------- d-----w- c:\users\james\appdata\local\ElevatedDiagnostics
2011-01-04 21:35:59 -------- d-----w- c:\program files\Microsoft ATS
2011-01-03 00:08:05 -------- d-----w- c:\users\james\appdata\roaming\SUPERAntiSpyware.com
2011-01-03 00:08:05 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com
2011-01-03 00:07:51 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-12-31 17:47:05 -------- d-----w- c:\users\james\appdata\roaming\AVG10
2010-12-31 17:14:24 -------- d-----w- c:\progra~2\AVG10
2010-12-31 17:08:30 -------- d-----w- c:\progra~2\MFAData
2010-12-19 19:05:17 -------- d-----w- c:\program files\iPod
2010-12-19 19:05:15 -------- d-----w- c:\program files\iTunes
2010-12-19 19:01:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-12-19 19:01:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-12-19 19:01:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-12-19 19:01:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-12-19 19:01:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-12-19 19:01:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-12-19 19:01:24 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2010-12-16 04:43:36 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-16 04:43:24 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

==================== Find3M ====================

2010-11-29 22:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 22:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-12 23:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-18 13:37:35 81920 ----a-w- c:\windows\system32\consent.exe
2010-10-18 13:31:24 2038272 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 13:04:51.36 ===============
 

·
Retired Moderator Retired Malware Specialist
Joined
·
56,449 Posts
nothing showing wrong there

Download OTScanIt.exe to your Desktop
  • Close any open browsers.
  • If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
  • Double-click on OTS.exe to start the program.
  • Now on the toolbar at the top select "Scan all users" then click the Run Scan button
  • The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Save that notepad file
If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.
 

·
Registered
Joined
·
11 Posts
Discussion Starter · #17 ·
Code:
OTS logfile created on: 1/9/2011 10:56:52 AM - Run 3
OTS by OldTimer - Version 3.1.41.0     Folder = C:\Users\James\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 70.62 Gb Total Space | 13.98 Gb Free Space | 19.79% Space Free | Partition Type: NTFS
Drive D: | 70.61 Gb Total Space | 36.81 Gb Free Space | 52.14% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JAMES-PC
Current User Name: James
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Users\James\Downloads\OTS.exe -> [2011/01/09 10:34:33 | 000,642,560 | ---- | M] (OldTimer Tools)
avgrsx.exe -> C:\Program Files\AVG\AVG10\avgrsx.exe -> [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgchsvx.exe -> C:\Program Files\AVG\AVG10\avgchsvx.exe -> [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgnsx.exe -> C:\Program Files\AVG\AVG10\avgnsx.exe -> [2010/12/01 04:14:46 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgemcx.exe -> C:\Program Files\AVG\AVG10\avgemcx.exe -> [2010/12/01 04:14:14 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidsmonitor.exe -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe -> [2010/11/23 13:34:16 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidsagent.exe -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\Program Files\AVG\AVG10\avgwdsvc.exe -> [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgtray.exe -> C:\Program Files\AVG\AVG10\avgtray.exe -> [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgcsrvx.exe -> C:\Program Files\AVG\AVG10\avgcsrvx.exe -> [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.)
applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.)
safari.exe -> C:\Program Files\Safari\Safari.exe -> [2010/08/20 16:00:18 | 002,388,264 | ---- | M] (Apple Inc.)
explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
yahooauservice.exe -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
evteng.exe -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2008/10/16 16:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation)
regsrvc.exe -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2008/10/16 15:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation)
agrsmsvc.exe -> C:\Windows\System32\agrsmsvc.exe -> [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems)
 
[Modules - Safe List]
ots.exe -> C:\Users\James\Downloads\OTS.exe -> [2011/01/09 10:34:33 | 000,642,560 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll -> [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation)
gdiplus.dll -> C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll -> [2009/04/11 01:21:38 | 001,748,992 | ---- | M] (Microsoft Corporation)
 
[Win32 Services - Safe List]
(RoxLiveShare9) LiveShare P2P Server 9 [Auto | Stopped] ->  -> File not found
(CLTNetCnService) Symantec Lic NetConnect service [Auto | Stopped] ->  -> File not found
(ACDaemon) ArcSoft Connect Daemon [On_Demand | Stopped] -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> File not found
(AVG Security Toolbar Service) AVG Security Toolbar Service [On_Demand | Stopped] -> C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -> [2010/11/25 09:49:46 | 000,517,448 | ---- | M] ()
(AVGIDSAgent) AVGIDSAgent [Auto | Running] -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.)
(avgwd) AVG WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG10\avgwdsvc.exe -> [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.)
(FontCache) Windows Font Cache Service [On_Demand | Running] -> C:\Windows\System32\FntCache.dll -> [2010/08/17 18:49:16 | 000,797,184 | ---- | M] (Microsoft Corporation)
(WPFFontCache_v0400) Windows Presentation Foundation Font Cache 4.0.0.0 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -> [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(YahooAUService) Yahoo! Updater [Auto | Running] -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
(EvtEng) Intel® PROSet/Wireless Event Log [Auto | Running] -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2008/10/16 16:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation)
(RegSrvc) Intel® PROSet/Wireless Registry Service [Auto | Running] -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2008/10/16 15:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation)
(WinDefend) Windows Defender [Auto | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation)
(AgereModemAudio) Agere Modem Call Progress Audio [Auto | Running] -> C:\Windows\System32\agrsmsvc.exe -> [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems)
 
[Driver Services - Safe List]
(NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkfwd.sys -> File not found
(NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkflt.sys -> File not found
(IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\ipinip.sys -> File not found
(blbdrive) blbdrive [Kernel | Disabled | Stopped] -> C:\Windows\System32\drivers\blbdrive.sys -> File not found
(Avgldx86) AVG AVI Loader Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\avgldx86.sys -> [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avgtdix) AVG TDI Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\avgtdix.sys -> [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AVGIDSEH) AVGIDSEH [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -> [2010/09/13 15:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. )
(Avgmfx86) AVG Mini-Filter Resident Anti-Virus Shield [File_System | System | Running] -> C:\Windows\System32\drivers\avgmfx86.sys -> [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avgrkx86) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\avgrkx86.sys -> [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AVGIDSDriver) AVGIDSDriver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AVGIDSDriver.sys -> [2010/08/19 20:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. )
(AVGIDSShim) AVGIDSShim [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AVGIDSShim.sys -> [2010/08/19 20:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. )
(AVGIDSFilter) AVGIDSFilter [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AVGIDSFilter.sys -> [2010/08/19 20:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. )
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -> [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Rtlh86.sys -> [2009/05/25 05:50:44 | 000,164,864 | ---- | M] (Realtek                                            )
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\USBAUDIO.sys -> [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation)
(NETw5v32) Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NETw5v32.sys -> [2008/11/17 06:40:22 | 003,668,480 | ---- | M] (Intel Corporation)
(igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation)
(ialm) ialm [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation)
(NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NTIDrvr.sys -> [2006/12/05 00:09:32 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.)
(lv321av) Logitech USB PC Camera (VC0321) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\lv321av.sys -> [2006/11/20 18:02:42 | 000,847,392 | ---- | M] (Logitech Inc.)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTKVHDA.sys -> [2006/11/08 22:09:24 | 001,647,976 | ---- | M] (Realtek Semiconductor Corp.)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation)
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.)
(uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.)
(nvraid) nvraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic)
(SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid2.sys -> [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company)
(arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic)
(megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation)
(viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation)
(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\athr.sys -> [2006/11/02 02:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.)
(NETw3v32) Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\NETw3v32.sys -> [2006/10/30 09:42:28 | 001,786,880 | ---- | M] (Intel® Corporation)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SynTP.sys -> [2006/10/23 14:17:32 | 000,179,896 | ---- | M] (Synaptics, Inc.)
(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AGRSM.sys -> [2006/10/05 14:39:40 | 001,161,152 | ---- | M] (Agere Systems)
(UBHelper) UBHelper [Kernel | Boot | Running] -> C:\Windows\System32\drivers\UBHelper.sys -> [2006/08/28 21:30:04 | 000,013,952 | ---- | M] ()
(tifm21) tifm21 [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\tifm21.sys -> [2006/07/06 16:44:00 | 000,168,448 | ---- | M] (Texas Instruments)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://home.microsoft.com/search/search.asp -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.msn.com -> 
HKEY_LOCAL_MACHINE\: SearchURL\\"" -> http://home.microsoft.com/access/autosearch.asp?p=%s -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\] > -> -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\: "ProxyEnable" -> 0 -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\: "ProxyOverride" -> <local>;*.local -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\PROGRAM FILES\AVG\AVG10\FIREFOX\ [C:\PROGRAM FILES\AVG\AVG10\FIREFOX\] -> [2011/01/07 16:17:23 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
< HOSTS File > ([2006/09/18 16:41:30 | 000,000,736 | ---- | M] - 20 lines) -> C:\Windows\System32\drivers\etc\hosts -> 
Reset Hosts
::1             localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG10\avgssie.dll [AVG Safe Search] -> [2010/11/22 04:48:12 | 002,732,896 | ---- | M] (AVG Technologies CZ, s.r.o.)
{A3BC75A2-1F87-4686-AA43-5347D756017C} [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"AVG_TRAY" -> C:\Program Files\AVG\AVG10\avgtray.exe [C:\Program Files\AVG\AVG10\avgtray.exe] -> [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/19 02:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 01:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 01:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [255] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [255] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype Plug-In] -> [2010/09/27 13:42:44 | 001,250,696 | ---- | M] (Skype Technologies S.A.)
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype Plug-In] -> [2010/09/27 13:42:44 | 001,250,696 | ---- | M] (Skype Technologies S.A.)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> http://download.divx.com/player/DivXBrowserPlugin.cab [Reg Error: Value error.] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Value error.] -> 
{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} [HKLM] -> http://ax.emsisoft.com/asquared.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Value error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 209.18.47.61 209.18.47.62 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{A81DC6CA-971A-4040-978D-EF0987FD9508}\\DhcpNameServer -> 209.18.47.61 209.18.47.62   (Intel(R) PRO/Wireless 3945ABG Network Connection) -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
igfxcui -> C:\Windows\System32\igfxdev.dll -> [2008/02/11 18:46:44 | 000,204,800 | ---- | M] (Intel Corporation)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\autoexec.bat [REM Dummy file for NTVDMPATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> C:\autoexec.bat [ NTFS ] -> [2006/12/05 00:09:57 | 000,000,074 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\F
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\shell\AutoRun\command
\F\shell\AutoRun\command\\"" -> F:\wd_windows_tools\setup.exe [F:\wd_windows_tools\setup.exe] -> File not found
\{9c5f34e9-c97b-11dd-9570-0016d3536512}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c5f34e9-c97b-11dd-9570-0016d3536512}\shell\AutoRun\command
\{9c5f34e9-c97b-11dd-9570-0016d3536512}\shell\AutoRun\command\\"" -> F:\wd_windows_tools\setup.exe [F:\wd_windows_tools\setup.exe] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
[Registry - Additional Scans - Safe List]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.bat [@ = batfile] -> "%1" %* -> 
.cmd [@ = cmdfile] -> "%1" %* -> 
.com [@ = comfile] -> "%1" %* -> 
.cpl [@ = cplfile] -> C:\Windows\System32\control.exe -> [2006/11/02 04:44:59 | 000,211,968 | ---- | M] (Microsoft Corporation)
.exe [@ = exefile] -> "%1" %* -> 
.hlp [@ = hlpfile] -> Reg Error: Key error. -> File not found
.html [@ = ChromeHTML] -> Reg Error: Key error. -> File not found
.pif [@ = piffile] -> "%1" %* -> 
.scr [@ = scrfile] -> "%1" /S -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
avgsecuritytoolbar:{F2DDE6B2-9684-4A55-86D4-E255E237B77C} [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll[avgsecuritytoolbar] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKLM] -> C:\Program Files\AVG\AVG10\avgpp.dll[XPLPPFilter Class] -> [2010/10/22 04:57:34 | 000,181,600 | ---- | M] (AVG Technologies CZ, s.r.o.)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\Program Files\Common Files\Skype\Skype4COM.dll[IEProtocolHandler Class] -> [2010/09/02 14:15:04 | 002,135,336 | R--- | M] (Skype Technologies)
skype-ie-addon-data:{91774881-D725-4E58-B298-07617B9B86A8} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll[Skype IE add-on Pluggable Protocol] -> [2010/09/27 13:42:44 | 001,250,696 | ---- | M] (Skype Technologies S.A.)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" ->  [1] -> File not found
\\"UacDisableNotify" ->  [0] -> File not found
\\"InternetSettingsDisableNotify" ->  [0] -> File not found
\\"AutoUpdateDisableNotify" ->  [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring
\Monitoring\\"DisableMonitoring" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus
\Monitoring\SymantecAntiVirus\\"DisableMonitoring" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall
\Monitoring\SymantecFirewall\\"DisableMonitoring" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"AntiVirusOverride" ->  [1] -> File not found
\Svc\\"AntiSpywareOverride" ->  [0] -> File not found
\Svc\\"FirewallOverride" ->  [0] -> File not found
\Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
\Svc\\"VistaSp2" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> 
< Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
\\"DisableNotifications" ->  [0] -> File not found
\\"EnableFirewall" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging\ -> -> 
< Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"DisableNotifications" ->  [0] -> File not found
\\"EnableFirewall" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> 
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2010/07/27 17:44:08 | 000,152,864 | ---- | M] (Apple Inc.)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
ldap -> 4 = Restricted sites (Not a Default Protocol) -> 
news -> 4 = Restricted sites (Not a Default Protocol) -> 
nntp -> 4 = Restricted sites (Not a Default Protocol) -> 
oecmd -> 4 = Restricted sites (Not a Default Protocol) -> 
snews -> 4 = Restricted sites (Not a Default Protocol) -> 
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
@ivt -> @ivt protocol not assigned -> 
file -> file protocol not assigned -> 
ftp -> ftp protocol not assigned -> 
http -> http protocol not assigned -> 
https -> https protocol not assigned -> 
shell -> shell protocol not assigned -> 
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
@ivt -> @ivt protocol not assigned -> 
file -> file protocol not assigned -> 
ftp -> ftp protocol not assigned -> 
http -> http protocol not assigned -> 
https -> https protocol not assigned -> 
shell -> shell protocol not assigned -> 
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
{04E7A3BB-DB38-481C-A809-35FA60C78EDF} -> AVG 2011
{0840B4D6-7DD1-4187-8523-E6FC0007EFB7} -> Windows Live ID Sign-in Assistant
{0D2E80C8-0875-43EB-9623-47118E2DFBCA} -> Quicken 2007
{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} -> NTI CD & DVD-Maker
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43} -> Safari
{26A24AE4-039D-4CA4-87B4-2F83216012FF} -> Java(TM) 6 Update 23
{308B6AEA-DE50-4666-996D-0FA461719D6B} -> Apple Mobile Device Support
{3248F0A8-6813-11D6-A77B-00B0D0160010} -> Java(TM) SE Runtime Environment 6 Update 1
{3C3901C5-3455-3E0A-A214-0B093A5070A6} -> Microsoft .NET Framework 4 Client Profile
{45A66726-69BC-466B-A7A4-12FCBA4883D7} -> HiJackThis
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1 -> AVG PC Tuneup 2011
{57752979-A1C9-4C02-856B-FBB27AC4E02C} -> QuickTime
{5A3F6A80-7913-475E-8B96-477A952CFA43} -> SupportSoft Assisted Service
{5A447CFB-B64E-4D3C-9744-2EA44EFB8F97} -> BlackBerry Device Software Updater
{67ADE9AF-5CD9-4089-8825-55DE4B366799} -> NTI Backup NOW! 4.7
{6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update
{716E0306-8318-4364-8B8F-0CC4E9376BAC} -> MSXML 4.0 SP2 Parser and SDK
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{77DCDCE3-2DED-62F3-8154-05E745472D07} -> Acrobat.com
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{881F5DE8-9367-4B81-A325-E91BBC6472F9} -> iTunes
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8DC069E7-893C-41E1-9442-DE89FEC33371} -> Xobni Core
{90024193-9F13-4877-89D5-A1CDF0CBBF28} -> Feedback Tool
{90120000-0011-0000-0000-0000000FF1CE} -> Microsoft Office Professional Plus 2007
{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)
{90120000-0015-0409-0000-0000000FF1CE} -> Microsoft Office Access MUI (English) 2007
{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007
{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0019-0409-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (English) 2007
{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007
{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
{90120000-0044-0409-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (English) 2007
{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0117-0409-0000-0000000FF1CE} -> Microsoft Office Access Setup Metadata MUI (English) 2007
{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E} -> Visual C++ 8.0 ATL (x86) WinSXS MSM
{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E} -> Visual C++ 8.0 CRT (x86) WinSXS MSM
{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1 -> Convert AVI to MP4 1.3
{A2BCA9F1-566C-4805-97D1-7FDC93386723} -> Adobe AIR
{AC76BA86-7AD7-1033-7B44-A70000000000} -> Adobe Reader 7.0
{B2544A03-10D0-4E5E-BA69-0362FFC20D18} -> OGA Notifier 2.0.0048.0
{B7A0CE06-068E-11D6-97FD-0050BACBF861} -> PowerProducer
{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} -> Skype Toolbars
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{D103C4BA-F905-437A-8049-DB24763BBE36} -> Skype™ 4.2
{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE} -> BlackBerry Desktop Software 6.0
{E1180142-3B31-4DCC-9D27-7AC2D37662BF} -> LightScribe  1.4.124.1
{E2EE273D-E111-4FFD-ACD4-78E1D35E01D2} -> ArcSoft Photo Book Screen Saver
{EE6097DD-05F4-4178-9719-D3170BF098E8} -> Apple Application Support
{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37} -> Acer Arcade Deluxe
{F01052C2-6CB5-4FB2-91E2-84D32B7AAAFD} -> BlackBerry Device Software v4.5.0 for the BlackBerry 8300 smartphone
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} -> 32 Bit HP CIO Components Installer
{F4C68898-EBA5-46A9-82B3-2D30426086BF} -> AVG 2011
{F7B05784-334C-4F76-8BAB-30ABEB7FD534} -> TIPCI
{FA54AFB1-5745-4389-B8C1-9F7509672ED1} -> iPhone Configuration Utility
{FF1C31AE-0CDC-40CE-AB85-406F8B70D643} -> Bonjour
{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
8461-7759-5462-8226 -> Vuze
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin
Agere Systems Soft Modem -> Agere Systems HDA Modem
AVG -> AVG 2011
BlackBerry_Desktop -> BlackBerry Desktop Software 6.0
EPSON Scanner -> EPSON Scan
EPSON Stylus NX400 Series -> EPSON Stylus NX400 Series Printer Uninstall
Glary Utilities_is1 -> Glary Utilities 2.30.0.1066
HDMI -> Intel(R) Graphics Media Accelerator Driver
InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} -> NTI CD & DVD-Maker
InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534} -> Texas Instruments PCIxx21/x515/xx12 drivers.
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile -> Microsoft .NET Framework 4 Client Profile
MP3 Rocket -> MP3 Rocket
PROPLUS -> Microsoft Office Professional Plus 2007
SynTPDeinstKey -> Synaptics Pointing Device Driver
VLC media player -> VLC media player 0.9.8a
Yahoo! Software Update -> Yahoo! Software Update
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 1/6/2011 2:37:04 PM Computer Name = James-PC | Source = System Restore | ID = 8193 -> Description = 
Application [ Error ] 1/6/2011 2:37:04 PM Computer Name = James-PC | Source = System Restore | ID = 8210 -> Description = 
Application [ Error ] 1/6/2011 5:51:06 PM Computer Name = James-PC | Source = EventSystem | ID = 4609 -> Description = 
Application [ Error ] 1/6/2011 6:17:54 PM Computer Name = James-PC | Source = EventSystem | ID = 4609 -> Description = 
Application [ Error ] 1/6/2011 6:18:39 PM Computer Name = James-PC | Source = Bonjour Service | ID = 100 -> Description = 396: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Application [ Error ] 1/6/2011 6:18:41 PM Computer Name = James-PC | Source = Bonjour Service | ID = 100 -> Description = 380: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Application [ Error ] 1/6/2011 6:18:41 PM Computer Name = James-PC | Source = Bonjour Service | ID = 100 -> Description = 392: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Application [ Error ] 1/6/2011 6:18:41 PM Computer Name = James-PC | Source = Bonjour Service | ID = 100 -> Description = 388: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Application [ Error ] 1/6/2011 6:18:45 PM Computer Name = James-PC | Source = EventSystem | ID = 4609 -> Description = 
Application [ Error ] 1/6/2011 6:20:12 PM Computer Name = James-PC | Source = EventSystem | ID = 4609 -> Description = 
OSession [ Error ] 6/29/2009 9:02:07 PM Computer Name = James-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.
OSession [ Error ] 7/27/2009 6:18:52 PM Computer Name = James-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.
OSession [ Error ] 11/11/2009 4:19:19 AM Computer Name = James-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 24474 seconds with 600 seconds of active time.  This session ended with a crash.
System [ Error ] 1/7/2011 7:23:36 PM Computer Name = James-PC | Source = volmgr | ID = 262190 -> Description = Crash dump initialization failed!
System [ Error ] 1/7/2011 7:24:13 PM Computer Name = James-PC | Source = DCOM | ID = 10005 -> Description = 
System [ Error ] 1/7/2011 7:24:22 PM Computer Name = James-PC | Source = DCOM | ID = 10005 -> Description = 
System [ Error ] 1/7/2011 7:24:25 PM Computer Name = James-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 -> Description = 
System [ Error ] 1/7/2011 7:24:44 PM Computer Name = James-PC | Source = DCOM | ID = 10005 -> Description = 
System [ Error ] 1/7/2011 7:24:56 PM Computer Name = James-PC | Source = DCOM | ID = 10005 -> Description = 
System [ Error ] 1/7/2011 8:43:16 PM Computer Name = James-PC | Source = DCOM | ID = 10010 -> Description = 
System [ Error ] 1/7/2011 8:43:45 PM Computer Name = James-PC | Source = volmgr | ID = 262190 -> Description = Crash dump initialization failed!
System [ Error ] 1/7/2011 8:44:04 PM Computer Name = James-PC | Source = volmgr | ID = 262190 -> Description = Crash dump initialization failed!
System [ Error ] 1/7/2011 8:47:06 PM Computer Name = James-PC | Source = WMPNetworkSvc | ID = 866300 -> Description = 
 
[Files/Folders - Created Within 30 Days]
 Phenoix Homework -> C:\Users\James\Documents\Phenoix Homework -> [2011/01/08 22:41:31 | 000,000,000 | ---D | C]
 Perfect Optimizer -> C:\Program Files\Perfect Optimizer -> [2011/01/07 16:36:03 | 000,000,000 | ---D | C]
 AVG Security Toolbar -> C:\ProgramData\AVG Security Toolbar -> [2011/01/07 16:18:22 | 000,000,000 | ---D | C]
 AVG 2011 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011 -> [2011/01/07 16:18:12 | 000,000,000 | ---D | C]
 AVG -> C:\Windows\System32\drivers\AVG -> [2011/01/07 16:17:14 | 000,000,000 | ---D | C]
 Trend Micro -> C:\Program Files\Trend Micro -> [2011/01/07 13:05:12 | 000,000,000 | ---D | C]
 HiJackThis -> C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis -> [2011/01/07 13:05:12 | 000,000,000 | ---D | C]
 UnDeployV.exe -> C:\Windows\UnDeployV.exe -> [2011/01/07 00:54:44 | 000,067,312 | ---- | C] (Just Great Software)
 ieui.dll -> C:\Windows\System32\ieui.dll -> [2011/01/06 17:30:31 | 000,176,640 | ---- | C] (Microsoft Corporation)
 mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2011/01/06 17:30:30 | 002,381,824 | ---- | C] (Microsoft Corporation)
 inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2011/01/06 17:30:30 | 001,448,448 | ---- | C] (Microsoft Corporation)
 ieapfltr.dat -> C:\Windows\System32\ieapfltr.dat -> [2011/01/06 08:27:13 | 003,695,400 | ---- | C] (Microsoft Corporation)
 jscript9.dll -> C:\Windows\System32\jscript9.dll -> [2011/01/06 08:27:13 | 001,355,264 | ---- | C] (Microsoft Corporation)
 jscript.dll -> C:\Windows\System32\jscript.dll -> [2011/01/06 08:27:13 | 000,719,360 | ---- | C] (Microsoft Corporation)
 msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2011/01/06 08:27:13 | 000,596,480 | ---- | C] (Microsoft Corporation)
 iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2011/01/06 08:27:13 | 000,460,088 | ---- | C] (Microsoft Corporation)
 ieapfltr.dll -> C:\Windows\System32\ieapfltr.dll -> [2011/01/06 08:27:13 | 000,441,856 | ---- | C] (Microsoft Corporation)
 vbscript.dll -> C:\Windows\System32\vbscript.dll -> [2011/01/06 08:27:13 | 000,424,960 | ---- | C] (Microsoft Corporation)
 html.iec -> C:\Windows\System32\html.iec -> [2011/01/06 08:27:13 | 000,367,104 | ---- | C] (Microsoft Corporation)
 dxtmsft.dll -> C:\Windows\System32\dxtmsft.dll -> [2011/01/06 08:27:13 | 000,353,280 | ---- | C] (Microsoft Corporation)
 ieaksie.dll -> C:\Windows\System32\ieaksie.dll -> [2011/01/06 08:27:13 | 000,227,840 | ---- | C] (Microsoft Corporation)
 dxtrans.dll -> C:\Windows\System32\dxtrans.dll -> [2011/01/06 08:27:13 | 000,223,232 | ---- | C] (Microsoft Corporation)
 ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2011/01/06 08:27:13 | 000,193,024 | ---- | C] (Microsoft Corporation)
 msrating.dll -> C:\Windows\System32\msrating.dll -> [2011/01/06 08:27:13 | 000,166,400 | ---- | C] (Microsoft Corporation)
 ieakui.dll -> C:\Windows\System32\ieakui.dll -> [2011/01/06 08:27:13 | 000,163,840 | ---- | C] (Microsoft Corporation)
 msls31.dll -> C:\Windows\System32\msls31.dll -> [2011/01/06 08:27:13 | 000,160,768 | ---- | C] (Microsoft Corporation)
 ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2011/01/06 08:27:13 | 000,142,848 | ---- | C] (Microsoft Corporation)
 ieakeng.dll -> C:\Windows\System32\ieakeng.dll -> [2011/01/06 08:27:13 | 000,130,560 | ---- | C] (Microsoft Corporation)
 iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2011/01/06 08:27:13 | 000,114,176 | ---- | C] (Microsoft Corporation)
 IEAdvpack.dll -> C:\Windows\System32\IEAdvpack.dll -> [2011/01/06 08:27:13 | 000,110,592 | ---- | C] (Microsoft Corporation)
 url.dll -> C:\Windows\System32\url.dll -> [2011/01/06 08:27:13 | 000,109,568 | ---- | C] (Microsoft Corporation)
 inseng.dll -> C:\Windows\System32\inseng.dll -> [2011/01/06 08:27:13 | 000,080,384 | ---- | C] (Microsoft Corporation)
 SetIEInstalledDate.exe -> C:\Windows\System32\SetIEInstalledDate.exe -> [2011/01/06 08:27:13 | 000,076,800 | ---- | C] (Microsoft Corporation)
 RegisterIEPKEYs.exe -> C:\Windows\System32\RegisterIEPKEYs.exe -> [2011/01/06 08:27:13 | 000,074,752 | ---- | C] (Microsoft Corporation)
 SetDepNx.exe -> C:\Windows\System32\SetDepNx.exe -> [2011/01/06 08:27:13 | 000,072,704 | ---- | C] (Microsoft Corporation)
 jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2011/01/06 08:27:13 | 000,065,024 | ---- | C] (Microsoft Corporation)
 admparse.dll -> C:\Windows\System32\admparse.dll -> [2011/01/06 08:27:13 | 000,051,200 | ---- | C] (Microsoft Corporation)
 pngfilt.dll -> C:\Windows\System32\pngfilt.dll -> [2011/01/06 08:27:13 | 000,049,664 | ---- | C] (Microsoft Corporation)
 mshtmler.dll -> C:\Windows\System32\mshtmler.dll -> [2011/01/06 08:27:13 | 000,048,640 | ---- | C] (Microsoft Corporation)
 msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2011/01/06 08:27:13 | 000,044,544 | ---- | C] (Microsoft Corporation)
 imgutil.dll -> C:\Windows\System32\imgutil.dll -> [2011/01/06 08:27:13 | 000,033,280 | ---- | C] (Microsoft Corporation)
 licmgr10.dll -> C:\Windows\System32\licmgr10.dll -> [2011/01/06 08:27:13 | 000,023,552 | ---- | C] (Microsoft Corporation)
 msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2011/01/06 08:27:13 | 000,010,240 | ---- | C] (Microsoft Corporation)
 iexpress.exe -> C:\Windows\System32\iexpress.exe -> [2011/01/06 08:27:12 | 000,150,016 | ---- | C] (Microsoft Corporation)
 wextract.exe -> C:\Windows\System32\wextract.exe -> [2011/01/06 08:27:12 | 000,149,504 | ---- | C] (Microsoft Corporation)
 iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2011/01/06 08:27:12 | 000,111,104 | ---- | C] (Microsoft Corporation)
 iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2011/01/06 08:27:12 | 000,075,264 | ---- | C] (Microsoft Corporation)
 iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2011/01/06 08:27:12 | 000,032,768 | ---- | C] (Microsoft Corporation)
 ElevatedDiagnostics -> C:\Users\James\AppData\Local\ElevatedDiagnostics -> [2011/01/04 16:37:36 | 000,000,000 | ---D | C]
 Windows PowerShell 1.0 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 1.0 -> [2011/01/04 16:36:53 | 000,000,000 | R--D | C]
 WindowsPowerShell -> C:\Windows\System32\WindowsPowerShell -> [2011/01/04 16:36:53 | 000,000,000 | ---D | C]
 Microsoft ATS -> C:\Program Files\Microsoft ATS -> [2011/01/04 16:35:59 | 000,000,000 | ---D | C]
 XpsRasterService.dll -> C:\Windows\System32\XpsRasterService.dll -> [2011/01/03 00:44:55 | 000,135,680 | ---- | C] (Microsoft Corporation)
 d3d10warp.dll -> C:\Windows\System32\d3d10warp.dll -> [2011/01/03 00:44:54 | 001,174,528 | ---- | C] (Microsoft Corporation)
 DWrite.dll -> C:\Windows\System32\DWrite.dll -> [2011/01/03 00:44:54 | 001,068,032 | ---- | C] (Microsoft Corporation)
 MFH264Dec.dll -> C:\Windows\System32\MFH264Dec.dll -> [2011/01/03 00:44:54 | 000,979,456 | ---- | C] (Microsoft Corporation)
 FntCache.dll -> C:\Windows\System32\FntCache.dll -> [2011/01/03 00:44:54 | 000,797,184 | ---- | C] (Microsoft Corporation)
 d2d1.dll -> C:\Windows\System32\d2d1.dll -> [2011/01/03 00:44:54 | 000,680,960 | ---- | C] (Microsoft Corporation)
 MFHEAACdec.dll -> C:\Windows\System32\MFHEAACdec.dll -> [2011/01/03 00:44:54 | 000,357,376 | ---- | C] (Microsoft Corporation)
 mfmp4src.dll -> C:\Windows\System32\mfmp4src.dll -> [2011/01/03 00:44:54 | 000,302,592 | ---- | C] (Microsoft Corporation)
 XpsGdiConverter.dll -> C:\Windows\System32\XpsGdiConverter.dll -> [2011/01/03 00:44:54 | 000,280,064 | ---- | C] (Microsoft Corporation)
 mfreadwrite.dll -> C:\Windows\System32\mfreadwrite.dll -> [2011/01/03 00:44:54 | 000,261,632 | ---- | C] (Microsoft Corporation)
 d3d10_1core.dll -> C:\Windows\System32\d3d10_1core.dll -> [2011/01/03 00:44:54 | 000,219,648 | ---- | C] (Microsoft Corporation)
 d3d10_1.dll -> C:\Windows\System32\d3d10_1.dll -> [2011/01/03 00:44:54 | 000,161,280 | ---- | C] (Microsoft Corporation)
 Feedback Tool -> C:\Program Files\Feedback Tool -> [2011/01/03 00:44:33 | 000,000,000 | ---D | C]
 SUPERAntiSpyware.com -> C:\Users\James\AppData\Roaming\SUPERAntiSpyware.com -> [2011/01/02 19:08:05 | 000,000,000 | ---D | C]
 SUPERAntiSpyware.com -> C:\ProgramData\SUPERAntiSpyware.com -> [2011/01/02 19:08:05 | 000,000,000 | ---D | C]
 SUPERAntiSpyware -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware -> [2011/01/02 19:07:56 | 000,000,000 | ---D | C]
 SUPERAntiSpyware -> C:\Program Files\SUPERAntiSpyware -> [2011/01/02 19:07:51 | 000,000,000 | ---D | C]
 AVG PC Tuneup 2011 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011 -> [2011/01/01 23:35:10 | 000,000,000 | ---D | C]
 AVG10 -> C:\Users\James\AppData\Roaming\AVG10 -> [2010/12/31 12:47:05 | 000,000,000 | ---D | C]
 AVG10 -> C:\ProgramData\AVG10 -> [2010/12/31 12:14:24 | 000,000,000 | ---D | C]
 MFAData -> C:\ProgramData\MFAData -> [2010/12/31 12:08:30 | 000,000,000 | ---D | C]
 javaws.exe -> C:\Windows\System32\javaws.exe -> [2010/12/31 12:02:49 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.)
 javaw.exe -> C:\Windows\System32\javaw.exe -> [2010/12/31 12:02:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
 java.exe -> C:\Windows\System32\java.exe -> [2010/12/31 12:02:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
 movies -> C:\Users\James\Documents\movies -> [2010/12/27 19:08:49 | 000,000,000 | ---D | C]
 iTunes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes -> [2010/12/19 14:07:23 | 000,000,000 | ---D | C]
 iPod -> C:\Program Files\iPod -> [2010/12/19 14:05:17 | 000,000,000 | ---D | C]
 iTunes -> C:\Program Files\iTunes -> [2010/12/19 14:05:15 | 000,000,000 | ---D | C]
 QuickTime -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime -> [2010/12/19 14:00:43 | 000,000,000 | ---D | C]
 QuickTime -> C:\Program Files\QuickTime -> [2010/12/19 14:00:11 | 000,000,000 | ---D | C]
 win32k.sys -> C:\Windows\System32\win32k.sys -> [2010/12/15 23:44:27 | 002,038,272 | ---- | C] (Microsoft Corporation)
 taskschd.dll -> C:\Windows\System32\taskschd.dll -> [2010/12/15 23:44:22 | 000,352,768 | ---- | C] (Microsoft Corporation)
 wmicmiplugin.dll -> C:\Windows\System32\wmicmiplugin.dll -> [2010/12/15 23:44:21 | 000,345,600 | ---- | C] (Microsoft Corporation)
 taskcomp.dll -> C:\Windows\System32\taskcomp.dll -> [2010/12/15 23:44:19 | 000,270,336 | ---- | C] (Microsoft Corporation)
 consent.exe -> C:\Windows\System32\consent.exe -> [2010/12/15 23:44:13 | 000,081,920 | ---- | C] (Microsoft Corporation)
 atmfd.dll -> C:\Windows\System32\atmfd.dll -> [2010/12/15 23:44:09 | 000,292,352 | ---- | C] (Adobe Systems Incorporated)
 atmlib.dll -> C:\Windows\System32\atmlib.dll -> [2010/12/15 23:44:09 | 000,034,304 | ---- | C] (Adobe Systems)
 fontsub.dll -> C:\Windows\System32\fontsub.dll -> [2010/12/15 23:44:08 | 000,072,704 | ---- | C] (Microsoft Corporation)
 tzres.dll -> C:\Windows\System32\tzres.dll -> [2010/12/15 23:43:36 | 000,002,048 | ---- | C] (Microsoft Corporation)
 pcouffin.sys -> C:\Users\James\AppData\Roaming\pcouffin.sys -> [2008/12/24 00:10:10 | 000,047,360 | ---- | C] (VSO Software)
 1 C:\Users\James\Documents\*.tmp files -> C:\Users\James\Documents\*.tmp -> 
 
[Files/Folders - Modified Within 30 Days]
 Apple Safari.lnk -> C:\Users\James\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk -> [2011/01/09 10:48:55 | 000,002,305 | ---- | M] ()
 GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2011/01/09 10:29:00 | 000,000,886 | ---- | M] ()
 incavi.avm -> C:\Windows\System32\drivers\AVG\incavi.avm -> [2011/01/09 09:48:42 | 103,833,463 | ---- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/01/09 09:44:36 | 000,003,296 | -H-- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/01/09 09:44:36 | 000,003,296 | -H-- | M] ()
 GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2011/01/08 12:34:20 | 000,000,882 | ---- | M] ()
 HiJackThis.lnk -> C:\Users\James\Desktop\HiJackThis.lnk -> [2011/01/08 08:06:15 | 000,002,523 | ---- | M] ()
 img029.jpg -> C:\Users\James\Documents\img029.jpg -> [2011/01/07 20:58:32 | 000,691,231 | ---- | M] ()
 img028.jpg -> C:\Users\James\Documents\img028.jpg -> [2011/01/07 20:47:17 | 000,694,657 | ---- | M] ()
 perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011/01/07 20:37:23 | 000,607,406 | ---- | M] ()
 perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011/01/07 20:37:23 | 000,105,014 | ---- | M] ()
 FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2011/01/07 19:45:12 | 000,390,768 | ---- | M] ()
 GlaryInitialize.job -> C:\Windows\tasks\GlaryInitialize.job -> [2011/01/07 19:45:00 | 000,000,312 | ---- | M] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2011/01/07 19:44:27 | 000,067,584 | --S- | M] ()
 d3d9caps.dat -> C:\Users\James\AppData\Local\d3d9caps.dat -> [2011/01/07 19:21:53 | 000,000,680 | ---- | M] ()
 AVG 2011.lnk -> C:\Users\Public\Desktop\AVG 2011.lnk -> [2011/01/07 16:18:13 | 000,000,834 | ---- | M] ()
 iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2011/01/07 01:12:08 | 000,001,668 | ---- | M] ()
 Launch Internet Explorer Browser.lnk -> C:\Users\James\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011/01/06 08:30:30 | 000,000,947 | ---- | M] ()
 icrav03.rat -> C:\Windows\System32\icrav03.rat -> [2011/01/06 08:27:38 | 000,008,798 | ---- | M] ()
 ticrf.rat -> C:\Windows\System32\ticrf.rat -> [2011/01/06 08:27:38 | 000,001,988 | ---- | M] ()
 img027.jpg -> C:\Users\James\Documents\img027.jpg -> [2011/01/05 22:55:01 | 000,339,102 | ---- | M] ()
 img026.jpg -> C:\Users\James\Documents\img026.jpg -> [2011/01/05 16:33:35 | 000,942,654 | ---- | M] ()
 ocsetup_install_MicrosoftWindowsPowerShell.etl -> C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl -> [2011/01/04 16:36:13 | 004,063,232 | ---- | M] ()
 ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf -> C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf -> [2011/01/04 16:36:13 | 000,196,608 | ---- | M] ()
 ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx -> C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx -> [2011/01/04 16:36:13 | 000,065,536 | ---- | M] ()
 SUPERAntiSpyware Free Edition.lnk -> C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2011/01/02 19:07:56 | 000,001,804 | ---- | M] ()
 AVG PC Tuneup 2011.lnk -> C:\Users\James\Desktop\AVG PC Tuneup 2011.lnk -> [2011/01/01 23:35:12 | 000,000,974 | ---- | M] ()
 SYSTEM -> C:\Windows\System32\SYSTEM -> [2010/12/31 12:52:11 | 000,000,020 | ---- | M] ()
 LofRecom&Pictures.docx -> C:\Users\James\Documents\LofRecom&Pictures.docx -> [2010/12/28 15:48:47 | 001,485,320 | ---- | M] ()
 letterofrecommendation -WO.jpg -> C:\Users\James\Documents\letterofrecommendation -WO.jpg -> [2010/12/28 15:43:21 | 001,007,467 | ---- | M] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/12/28 09:12:11 | 000,100,864 | ---- | M] ()
 pictures.docx -> C:\Users\James\Documents\pictures.docx -> [2010/12/20 09:08:11 | 000,476,943 | ---- | M] ()
 100_2413.JPG -> C:\Users\James\Desktop\100_2413.JPG -> [2010/12/19 22:29:58 | 000,353,992 | ---- | M] ()
 100_2412.JPG -> C:\Users\James\Desktop\100_2412.JPG -> [2010/12/19 22:29:34 | 000,728,008 | ---- | M] ()
 100_2409.JPG -> C:\Users\James\Desktop\100_2409.JPG -> [2010/12/19 22:12:26 | 000,770,172 | ---- | M] ()
 100_2408.JPG -> C:\Users\James\Desktop\100_2408.JPG -> [2010/12/19 22:12:18 | 000,734,028 | ---- | M] ()
 QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2010/12/19 14:00:43 | 000,001,730 | ---- | M] ()
 Couple Resume-Domestic.doc -> C:\Users\James\Documents\Couple Resume-Domestic.doc -> [2010/12/18 17:52:45 | 000,054,784 | ---- | M] ()
 13 C:\Users\James\AppData\Local\Temp\*.tmp files -> C:\Users\James\AppData\Local\Temp\*.tmp -> 
 1 C:\Users\James\Documents\*.tmp files -> C:\Users\James\Documents\*.tmp -> 
 
[Files - No Company Name]
 incavi.avm -> C:\Windows\System32\drivers\AVG\incavi.avm -> [2011/01/09 09:48:42 | 103,833,463 | ---- | C] ()
 img029.jpg -> C:\Users\James\Documents\img029.jpg -> [2011/01/07 20:48:31 | 000,691,231 | ---- | C] ()
 img028.jpg -> C:\Users\James\Documents\img028.jpg -> [2011/01/07 20:45:15 | 000,694,657 | ---- | C] ()
 AVG 2011.lnk -> C:\Users\Public\Desktop\AVG 2011.lnk -> [2011/01/07 16:18:13 | 000,000,834 | ---- | C] ()
 HiJackThis.lnk -> C:\Users\James\Desktop\HiJackThis.lnk -> [2011/01/07 13:05:12 | 000,002,523 | ---- | C] ()
 ieuinit.inf -> C:\Windows\System32\ieuinit.inf -> [2011/01/06 08:27:13 | 000,072,533 | ---- | C] ()
 img027.jpg -> C:\Users\James\Documents\img027.jpg -> [2011/01/05 22:55:00 | 000,339,102 | ---- | C] ()
 img026.jpg -> C:\Users\James\Documents\img026.jpg -> [2011/01/05 16:33:33 | 000,942,654 | ---- | C] ()
 ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf -> C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf -> [2011/01/04 16:36:07 | 000,196,608 | ---- | C] ()
 ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx -> C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx -> [2011/01/04 16:36:07 | 000,065,536 | ---- | C] ()
 ocsetup_install_MicrosoftWindowsPowerShell.etl -> C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl -> [2011/01/04 16:36:06 | 004,063,232 | ---- | C] ()
 SUPERAntiSpyware Free Edition.lnk -> C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2011/01/02 19:07:56 | 000,001,804 | ---- | C] ()
 AVG PC Tuneup 2011.lnk -> C:\Users\James\Desktop\AVG PC Tuneup 2011.lnk -> [2011/01/01 23:35:12 | 000,000,974 | ---- | C] ()
 SYSTEM -> C:\Windows\System32\SYSTEM -> [2010/12/31 12:52:11 | 000,000,020 | ---- | C] ()
 LofRecom&Pictures.docx -> C:\Users\James\Documents\LofRecom&Pictures.docx -> [2010/12/28 15:48:47 | 001,485,320 | ---- | C] ()
 letterofrecommendation -WO.jpg -> C:\Users\James\Documents\letterofrecommendation -WO.jpg -> [2010/12/28 15:41:38 | 001,007,467 | ---- | C] ()
 pictures.docx -> C:\Users\James\Documents\pictures.docx -> [2010/12/20 09:08:10 | 000,476,943 | ---- | C] ()
 100_2412.JPG -> C:\Users\James\Desktop\100_2412.JPG -> [2010/12/20 09:00:22 | 000,728,008 | ---- | C] ()
 100_2413.JPG -> C:\Users\James\Desktop\100_2413.JPG -> [2010/12/20 09:00:22 | 000,353,992 | ---- | C] ()
 100_2409.JPG -> C:\Users\James\Desktop\100_2409.JPG -> [2010/12/20 08:43:48 | 000,770,172 | ---- | C] ()
 100_2408.JPG -> C:\Users\James\Desktop\100_2408.JPG -> [2010/12/20 08:43:48 | 000,734,028 | ---- | C] ()
 iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/12/19 14:07:23 | 000,001,668 | ---- | C] ()
 QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2010/12/19 14:00:43 | 000,001,730 | ---- | C] ()
 Couple Resume-Domestic.doc -> C:\Users\James\Documents\Couple Resume-Domestic.doc -> [2010/12/18 17:47:56 | 000,054,784 | ---- | C] ()
 d3d9caps.dat -> C:\Users\James\AppData\Local\d3d9caps.dat -> [2010/09/17 08:49:08 | 000,000,680 | ---- | C] ()
 Rim.Desktop.Exception.log -> C:\Users\James\AppData\Roaming\Rim.Desktop.Exception.log -> [2010/08/15 23:38:29 | 000,000,231 | ---- | C] ()
 Rim.Desktop.HttpServerSetup.log -> C:\Users\James\AppData\Roaming\Rim.Desktop.HttpServerSetup.log -> [2010/08/11 06:17:24 | 000,000,801 | ---- | C] ()
 xobni_installer_updater.log -> C:\Users\James\AppData\Local\xobni_installer_updater.log -> [2009/11/17 23:29:01 | 000,000,032 | ---- | C] ()
 iniasd.txt -> C:\Users\James\AppData\Roaming\iniasd.txt -> [2009/09/28 22:48:19 | 000,000,014 | ---- | C] ()
 OGACheckControl.dll -> C:\Windows\System32\OGACheckControl.dll -> [2009/08/03 14:07:42 | 000,403,816 | ---- | C] ()
 EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/07/20 20:30:48 | 000,117,248 | ---- | C] ()
 UserTile.png -> C:\Users\James\AppData\Roaming\UserTile.png -> [2009/05/02 21:47:28 | 000,158,506 | ---- | C] ()
 RtNicProp32.dll -> C:\Windows\System32\RtNicProp32.dll -> [2009/03/05 05:54:58 | 000,073,728 | ---- | C] ()
 PICSDK.ini -> C:\Windows\System32\PICSDK.ini -> [2009/02/27 19:09:23 | 000,000,097 | ---- | C] ()
 EPSNX400.ini -> C:\Windows\EPSNX400.ini -> [2009/02/27 19:05:17 | 000,000,044 | ---- | C] ()
 QUICKEN.INI -> C:\Windows\QUICKEN.INI -> [2009/02/13 22:03:42 | 000,000,148 | ---- | C] ()
 vso_ts_preview.xml -> C:\Users\James\AppData\Roaming\vso_ts_preview.xml -> [2008/12/24 00:17:08 | 000,000,671 | ---- | C] ()
 pcouffin.log -> C:\Users\James\AppData\Roaming\pcouffin.log -> [2008/12/24 00:12:23 | 000,000,033 | ---- | C] ()
 inst.exe -> C:\Users\James\AppData\Roaming\inst.exe -> [2008/12/24 00:10:10 | 000,087,608 | ---- | C] ()
 pcouffin.cat -> C:\Users\James\AppData\Roaming\pcouffin.cat -> [2008/12/24 00:10:10 | 000,007,887 | ---- | C] ()
 pcouffin.inf -> C:\Users\James\AppData\Roaming\pcouffin.inf -> [2008/12/24 00:10:10 | 000,001,144 | ---- | C] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/12/13 23:57:07 | 000,100,864 | ---- | C] ()
 lvcoinst.ini -> C:\Windows\System32\lvcoinst.ini -> [2008/12/09 18:46:59 | 000,042,594 | ---- | C] ()
 igfxCoIn_v1114.dll -> C:\Windows\System32\igfxCoIn_v1114.dll -> [2008/12/09 18:45:56 | 000,204,800 | ---- | C] ()
 libcurl.dll -> C:\Windows\System32\libcurl.dll -> [2008/03/04 18:52:34 | 000,286,720 | ---- | C] ()
 igfxCoIn_v1437.dll -> C:\Windows\System32\igfxCoIn_v1437.dll -> [2008/02/11 19:55:18 | 000,147,456 | ---- | C] ()
 zlib1.dll -> C:\Windows\System32\zlib1.dll -> [2007/10/31 09:39:54 | 000,059,904 | ---- | C] ()
 libexpatw.dll -> C:\Windows\System32\libexpatw.dll -> [2007/05/17 13:58:10 | 000,143,360 | ---- | C] ()
 NTIBUN4.dll -> C:\Windows\System32\NTIBUN4.dll -> [2006/12/05 07:15:30 | 000,001,024 | RH-- | C] ()
 libxml2.dll -> C:\Windows\libxml2.dll -> [2006/12/05 06:58:20 | 000,743,424 | R--- | C] ()
 iconv.dll -> C:\Windows\iconv.dll -> [2006/12/05 06:56:37 | 000,872,448 | R--- | C] ()
 UBHelper.sys -> C:\Windows\System32\drivers\UBHelper.sys -> [2006/12/05 00:10:14 | 000,013,952 | ---- | C] ()
 _psisdecd.dll -> C:\Windows\System32\_psisdecd.dll -> [2006/12/05 00:09:00 | 000,198,144 | ---- | C] ()
 sugo3l3.dll -> C:\Windows\System32\sugo3l3.dll -> [2006/12/04 01:25:14 | 000,022,723 | ---- | C] ()
 PreLaunch.ini -> C:\Windows\PreLaunch.ini -> [2006/12/02 13:32:24 | 000,000,042 | ---- | C] ()
 Capsule.dll -> C:\Windows\Capsule.dll -> [2006/12/02 13:32:23 | 000,204,800 | ---- | C] ()
 WdfCoInstaller01000.dll -> C:\Windows\System32\WdfCoInstaller01000.dll -> [2006/12/02 13:32:22 | 001,060,424 | ---- | C] ()
 MSNSpook.dll -> C:\Windows\System32\MSNSpook.dll -> [2006/11/16 16:20:10 | 000,086,016 | ---- | C] ()
 MSNChatHook.dll -> C:\Windows\System32\MSNChatHook.dll -> [2006/11/16 16:19:10 | 000,037,376 | ---- | C] ()
 sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 07:35:32 | 000,005,632 | ---- | C] ()
 pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 02:40:29 | 000,013,750 | ---- | C] ()
 multiplex_vcd.dll -> C:\Windows\System32\multiplex_vcd.dll -> [2001/12/26 18:12:30 | 000,065,536 | ---- | C] ()
 Hmpg12.dll -> C:\Windows\System32\Hmpg12.dll -> [2001/09/04 01:46:38 | 000,110,592 | ---- | C] ()
 HMPV2_ENC.dll -> C:\Windows\System32\HMPV2_ENC.dll -> [2001/07/30 18:33:56 | 000,118,784 | ---- | C] ()
 HMPV2_ENC_MMX.dll -> C:\Windows\System32\HMPV2_ENC_MMX.dll -> [2001/07/24 00:04:36 | 000,118,784 | ---- | C] ()
 iyvu9_32.dll -> C:\Windows\System32\iyvu9_32.dll -> [1997/06/13 20:56:08 | 000,056,832 | ---- | C] ()
 
[Alternate Data Streams]
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:3FC4A10A
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:81C88EA7
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:45FE2B4E
@Alternate Data Stream - 182 bytes -> C:\ProgramData\TEMP:F3AB0B43
< End of report >
 

·
Registered
Joined
·
11 Posts
Discussion Starter · #18 ·
Code:
OTS logfile created on: 1/9/2011 10:56:52 AM - Run 3
OTS by OldTimer - Version 3.1.41.0     Folder = C:\Users\James\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 70.62 Gb Total Space | 13.98 Gb Free Space | 19.79% Space Free | Partition Type: NTFS
Drive D: | 70.61 Gb Total Space | 36.81 Gb Free Space | 52.14% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: JAMES-PC
Current User Name: James
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
 
[Processes - Safe List]
ots.exe -> C:\Users\James\Downloads\OTS.exe -> [2011/01/09 10:34:33 | 000,642,560 | ---- | M] (OldTimer Tools)
avgrsx.exe -> C:\Program Files\AVG\AVG10\avgrsx.exe -> [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgchsvx.exe -> C:\Program Files\AVG\AVG10\avgchsvx.exe -> [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgnsx.exe -> C:\Program Files\AVG\AVG10\avgnsx.exe -> [2010/12/01 04:14:46 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgemcx.exe -> C:\Program Files\AVG\AVG10\avgemcx.exe -> [2010/12/01 04:14:14 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidsmonitor.exe -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe -> [2010/11/23 13:34:16 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidsagent.exe -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\Program Files\AVG\AVG10\avgwdsvc.exe -> [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgtray.exe -> C:\Program Files\AVG\AVG10\avgtray.exe -> [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgcsrvx.exe -> C:\Program Files\AVG\AVG10\avgcsrvx.exe -> [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.)
applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.)
safari.exe -> C:\Program Files\Safari\Safari.exe -> [2010/08/20 16:00:18 | 002,388,264 | ---- | M] (Apple Inc.)
explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
yahooauservice.exe -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
evteng.exe -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2008/10/16 16:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation)
regsrvc.exe -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2008/10/16 15:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation)
agrsmsvc.exe -> C:\Windows\System32\agrsmsvc.exe -> [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems)
 
[Modules - Safe List]
ots.exe -> C:\Users\James\Downloads\OTS.exe -> [2011/01/09 10:34:33 | 000,642,560 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll -> [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation)
gdiplus.dll -> C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll -> [2009/04/11 01:21:38 | 001,748,992 | ---- | M] (Microsoft Corporation)
 
[Win32 Services - Safe List]
(RoxLiveShare9) LiveShare P2P Server 9 [Auto | Stopped] ->  -> File not found
(CLTNetCnService) Symantec Lic NetConnect service [Auto | Stopped] ->  -> File not found
(ACDaemon) ArcSoft Connect Daemon [On_Demand | Stopped] -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> File not found
(AVG Security Toolbar Service) AVG Security Toolbar Service [On_Demand | Stopped] -> C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -> [2010/11/25 09:49:46 | 000,517,448 | ---- | M] ()
(AVGIDSAgent) AVGIDSAgent [Auto | Running] -> C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.)
(avgwd) AVG WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG10\avgwdsvc.exe -> [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.)
(FontCache) Windows Font Cache Service [On_Demand | Running] -> C:\Windows\System32\FntCache.dll -> [2010/08/17 18:49:16 | 000,797,184 | ---- | M] (Microsoft Corporation)
(WPFFontCache_v0400) Windows Presentation Foundation Font Cache 4.0.0.0 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -> [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(YahooAUService) Yahoo! Updater [Auto | Running] -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
(EvtEng) Intel® PROSet/Wireless Event Log [Auto | Running] -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2008/10/16 16:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation)
(RegSrvc) Intel® PROSet/Wireless Registry Service [Auto | Running] -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2008/10/16 15:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation)
(WinDefend) Windows Defender [Auto | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation)
(AgereModemAudio) Agere Modem Call Progress Audio [Auto | Running] -> C:\Windows\System32\agrsmsvc.exe -> [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems)
 
[Driver Services - Safe List]
(NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkfwd.sys -> File not found
(NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkflt.sys -> File not found
(IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\ipinip.sys -> File not found
(blbdrive) blbdrive [Kernel | Disabled | Stopped] -> C:\Windows\System32\drivers\blbdrive.sys -> File not found
(Avgldx86) AVG AVI Loader Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\avgldx86.sys -> [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avgtdix) AVG TDI Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\avgtdix.sys -> [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AVGIDSEH) AVGIDSEH [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -> [2010/09/13 15:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. )
(Avgmfx86) AVG Mini-Filter Resident Anti-Virus Shield [File_System | System | Running] -> C:\Windows\System32\drivers\avgmfx86.sys -> [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avgrkx86) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\avgrkx86.sys -> [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AVGIDSDriver) AVGIDSDriver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AVGIDSDriver.sys -> [2010/08/19 20:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. )
(AVGIDSShim) AVGIDSShim [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AVGIDSShim.sys -> [2010/08/19 20:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. )
(AVGIDSFilter) AVGIDSFilter [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AVGIDSFilter.sys -> [2010/08/19 20:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. )
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -> [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Rtlh86.sys -> [2009/05/25 05:50:44 | 000,164,864 | ---- | M] (Realtek                                            )
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\USBAUDIO.sys -> [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation)
(NETw5v32) Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NETw5v32.sys -> [2008/11/17 06:40:22 | 003,668,480 | ---- | M] (Intel Corporation)
(igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation)
(ialm) ialm [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation)
(NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NTIDrvr.sys -> [2006/12/05 00:09:32 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.)
(lv321av) Logitech USB PC Camera (VC0321) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\lv321av.sys -> [2006/11/20 18:02:42 | 000,847,392 | ---- | M] (Logitech Inc.)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTKVHDA.sys -> [2006/11/08 22:09:24 | 001,647,976 | ---- | M] (Realtek Semiconductor Corp.)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation)
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.)
(uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.)
(nvraid) nvraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic)
(SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid2.sys -> [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company)
(arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic)
(megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation)
(viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2006/11/02 04:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2006/11/02 04:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2006/11/02 04:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation)
(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\athr.sys -> [2006/11/02 02:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.)
(NETw3v32) Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\NETw3v32.sys -> [2006/10/30 09:42:28 | 001,786,880 | ---- | M] (Intel® Corporation)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SynTP.sys -> [2006/10/23 14:17:32 | 000,179,896 | ---- | M] (Synaptics, Inc.)
(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AGRSM.sys -> [2006/10/05 14:39:40 | 001,161,152 | ---- | M] (Agere Systems)
(UBHelper) UBHelper [Kernel | Boot | Running] -> C:\Windows\System32\drivers\UBHelper.sys -> [2006/08/28 21:30:04 | 000,013,952 | ---- | M] ()
(tifm21) tifm21 [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\tifm21.sys -> [2006/07/06 16:44:00 | 000,168,448 | ---- | M] (Texas Instruments)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://home.microsoft.com/search/search.asp -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.msn.com -> 
HKEY_LOCAL_MACHINE\: SearchURL\\"" -> http://home.microsoft.com/access/autosearch.asp?p=%s -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\] > -> -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\: "ProxyEnable" -> 0 -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\: "ProxyOverride" -> <local>;*.local -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\PROGRAM FILES\AVG\AVG10\FIREFOX\ [C:\PROGRAM FILES\AVG\AVG10\FIREFOX\] -> [2011/01/07 16:17:23 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > -> 
< HOSTS File > ([2006/09/18 16:41:30 | 000,000,736 | ---- | M] - 20 lines) -> C:\Windows\System32\drivers\etc\hosts -> 
Reset Hosts
::1             localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG10\avgssie.dll [AVG Safe Search] -> [2010/11/22 04:48:12 | 002,732,896 | ---- | M] (AVG Technologies CZ, s.r.o.)
{A3BC75A2-1F87-4686-AA43-5347D756017C} [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar BHO] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [AVG Security Toolbar] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"AVG_TRAY" -> C:\Program Files\AVG\AVG10\avgtray.exe [C:\Program Files\AVG\AVG10\avgtray.exe] -> [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/19 02:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 01:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 01:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [255] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [255] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype Plug-In] -> [2010/09/27 13:42:44 | 001,250,696 | ---- | M] (Skype Technologies S.A.)
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype Plug-In] -> [2010/09/27 13:42:44 | 001,250,696 | ---- | M] (Skype Technologies S.A.)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\] > -> HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-3089797365-2726529599-4294900105-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> http://download.divx.com/player/DivXBrowserPlugin.cab [Reg Error: Value error.] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Value error.] -> 
{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} [HKLM] -> http://ax.emsisoft.com/asquared.cab [Reg Error: Key error.] -> 
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Value error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 209.18.47.61 209.18.47.62 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{A81DC6CA-971A-4040-978D-EF0987FD9508}\\DhcpNameServer -> 209.18.47.61 209.18.47.62   (Intel(R) PRO/Wireless 3945ABG Network Connection) -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
igfxcui -> C:\Windows\System32\igfxdev.dll -> [2008/02/11 18:46:44 | 000,204,800 | ---- | M] (Intel Corporation)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\autoexec.bat [REM Dummy file for NTVDMPATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> C:\autoexec.bat [ NTFS ] -> [2006/12/05 00:09:57 | 000,000,074 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\F
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\shell\AutoRun\command
\F\shell\AutoRun\command\\"" -> F:\wd_windows_tools\setup.exe [F:\wd_windows_tools\setup.exe] -> File not found
\{9c5f34e9-c97b-11dd-9570-0016d3536512}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c5f34e9-c97b-11dd-9570-0016d3536512}\shell\AutoRun\command
\{9c5f34e9-c97b-11dd-9570-0016d3536512}\shell\AutoRun\command\\"" -> F:\wd_windows_tools\setup.exe [F:\wd_windows_tools\setup.exe] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = comfile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
[Registry - Additional Scans - Safe List]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.bat [@ = batfile] -> "%1" %* -> 
.cmd [@ = cmdfile] -> "%1" %* -> 
.com [@ = comfile] -> "%1" %* -> 
.cpl [@ = cplfile] -> C:\Windows\System32\control.exe -> [2006/11/02 04:44:59 | 000,211,968 | ---- | M] (Microsoft Corporation)
.exe [@ = exefile] -> "%1" %* -> 
.hlp [@ = hlpfile] -> Reg Error: Key error. -> File not found
.html [@ = ChromeHTML] -> Reg Error: Key error. -> File not found
.pif [@ = piffile] -> "%1" %* -> 
.scr [@ = scrfile] -> "%1" /S -> 
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> 
avgsecuritytoolbar:{F2DDE6B2-9684-4A55-86D4-E255E237B77C} [HKLM] -> C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll[avgsecuritytoolbar] -> [2010/11/25 09:49:42 | 002,463,048 | ---- | M] ()
linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKLM] -> C:\Program Files\AVG\AVG10\avgpp.dll[XPLPPFilter Class] -> [2010/10/22 04:57:34 | 000,181,600 | ---- | M] (AVG Technologies CZ, s.r.o.)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\Program Files\Common Files\Skype\Skype4COM.dll[IEProtocolHandler Class] -> [2010/09/02 14:15:04 | 002,135,336 | R--- | M] (Skype Technologies)
skype-ie-addon-data:{91774881-D725-4E58-B298-07617B9B86A8} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll[Skype IE add-on Pluggable Protocol] -> [2010/09/27 13:42:44 | 001,250,696 | ---- | M] (Skype Technologies S.A.)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" ->  [1] -> File not found
\\"UacDisableNotify" ->  [0] -> File not found
\\"InternetSettingsDisableNotify" ->  [0] -> File not found
\\"AutoUpdateDisableNotify" ->  [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring
\Monitoring\\"DisableMonitoring" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus
\Monitoring\SymantecAntiVirus\\"DisableMonitoring" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall
\Monitoring\SymantecFirewall\\"DisableMonitoring" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"AntiVirusOverride" ->  [1] -> File not found
\Svc\\"AntiSpywareOverride" ->  [0] -> File not found
\Svc\\"FirewallOverride" ->  [0] -> File not found
\Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
\Svc\\"VistaSp2" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> -> 
< Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
\\"DisableNotifications" ->  [0] -> File not found
\\"EnableFirewall" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging\ -> -> 
< Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile -> 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"DisableNotifications" ->  [0] -> File not found
\\"EnableFirewall" ->  [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> 
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> 
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2010/07/27 17:44:08 | 000,152,864 | ---- | M] (Apple Inc.)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
ldap -> 4 = Restricted sites (Not a Default Protocol) -> 
news -> 4 = Restricted sites (Not a Default Protocol) -> 
nntp -> 4 = Restricted sites (Not a Default Protocol) -> 
oecmd -> 4 = Restricted sites (Not a Default Protocol) -> 
snews -> 4 = Restricted sites (Not a Default Protocol) -> 
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
@ivt -> @ivt protocol not assigned -> 
file -> file protocol not assigned -> 
ftp -> ftp protocol not assigned -> 
http -> http protocol not assigned -> 
https -> https protocol not assigned -> 
shell -> shell protocol not assigned -> 
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> 
@ivt -> @ivt protocol not assigned -> 
file -> file protocol not assigned -> 
ftp -> ftp protocol not assigned -> 
http -> http protocol not assigned -> 
https -> https protocol not assigned -> 
shell -> shell protocol not assigned -> 
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> 
{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
{04E7A3BB-DB38-481C-A809-35FA60C78EDF} -> AVG 2011
{0840B4D6-7DD1-4187-8523-E6FC0007EFB7} -> Windows Live ID Sign-in Assistant
{0D2E80C8-0875-43EB-9623-47118E2DFBCA} -> Quicken 2007
{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} -> NTI CD & DVD-Maker
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43} -> Safari
{26A24AE4-039D-4CA4-87B4-2F83216012FF} -> Java(TM) 6 Update 23
{308B6AEA-DE50-4666-996D-0FA461719D6B} -> Apple Mobile Device Support
{3248F0A8-6813-11D6-A77B-00B0D0160010} -> Java(TM) SE Runtime Environment 6 Update 1
{3C3901C5-3455-3E0A-A214-0B093A5070A6} -> Microsoft .NET Framework 4 Client Profile
{45A66726-69BC-466B-A7A4-12FCBA4883D7} -> HiJackThis
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1 -> AVG PC Tuneup 2011
{57752979-A1C9-4C02-856B-FBB27AC4E02C} -> QuickTime
{5A3F6A80-7913-475E-8B96-477A952CFA43} -> SupportSoft Assisted Service
{5A447CFB-B64E-4D3C-9744-2EA44EFB8F97} -> BlackBerry Device Software Updater
{67ADE9AF-5CD9-4089-8825-55DE4B366799} -> NTI Backup NOW! 4.7
{6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update
{716E0306-8318-4364-8B8F-0CC4E9376BAC} -> MSXML 4.0 SP2 Parser and SDK
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{77DCDCE3-2DED-62F3-8154-05E745472D07} -> Acrobat.com
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{881F5DE8-9367-4B81-A325-E91BBC6472F9} -> iTunes
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8DC069E7-893C-41E1-9442-DE89FEC33371} -> Xobni Core
{90024193-9F13-4877-89D5-A1CDF0CBBF28} -> Feedback Tool
{90120000-0011-0000-0000-0000000FF1CE} -> Microsoft Office Professional Plus 2007
{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)
{90120000-0015-0409-0000-0000000FF1CE} -> Microsoft Office Access MUI (English) 2007
{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007
{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0019-0409-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (English) 2007
{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007
{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
{90120000-0044-0409-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (English) 2007
{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0117-0409-0000-0000000FF1CE} -> Microsoft Office Access Setup Metadata MUI (English) 2007
{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E} -> Visual C++ 8.0 ATL (x86) WinSXS MSM
{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E} -> Visual C++ 8.0 CRT (x86) WinSXS MSM
{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1 -> Convert AVI to MP4 1.3
{A2BCA9F1-566C-4805-97D1-7FDC93386723} -> Adobe AIR
{AC76BA86-7AD7-1033-7B44-A70000000000} -> Adobe Reader 7.0
{B2544A03-10D0-4E5E-BA69-0362FFC20D18} -> OGA Notifier 2.0.0048.0
{B7A0CE06-068E-11D6-97FD-0050BACBF861} -> PowerProducer
{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} -> Skype Toolbars
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{D103C4BA-F905-437A-8049-DB24763BBE36} -> Skype™ 4.2
{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE} -> BlackBerry Desktop Software 6.0
{E1180142-3B31-4DCC-9D27-7AC2D37662BF} -> LightScribe  1.4.124.1
{E2EE273D-E111-4FFD-ACD4-78E1D35E01D2} -> ArcSoft Photo Book Screen Saver
{EE6097DD-05F4-4178-9719-D3170BF098E8} -> Apple Application Support
{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37} -> Acer Arcade Deluxe
{F01052C2-6CB5-4FB2-91E2-84D32B7AAAFD} -> BlackBerry Device Software v4.5.0 for the BlackBerry 8300 smartphone
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} -> 32 Bit HP CIO Components Installer
{F4C68898-EBA5-46A9-82B3-2D30426086BF} -> AVG 2011
{F7B05784-334C-4F76-8BAB-30ABEB7FD534} -> TIPCI
{FA54AFB1-5745-4389-B8C1-9F7509672ED1} -> iPhone Configuration Utility
{FF1C31AE-0CDC-40CE-AB85-406F8B70D643} -> Bonjour
{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
8461-7759-5462-8226 -> Vuze
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin
Agere Systems Soft Modem -> Agere Systems HDA Modem
AVG -> AVG 2011
BlackBerry_Desktop -> BlackBerry Desktop Software 6.0
EPSON Scanner -> EPSON Scan
EPSON Stylus NX400 Series -> EPSON Stylus NX400 Series Printer Uninstall
Glary Utilities_is1 -> Glary Utilities 2.30.0.1066
HDMI -> Intel(R) Graphics Media Accelerator Driver
InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} -> NTI CD & DVD-Maker
InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534} -> Texas Instruments PCIxx21/x515/xx12 drivers.
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile -> Microsoft .NET Framework 4 Client Profile
MP3 Rocket -> MP3 Rocket
PROPLUS -> Microsoft Office Professional Plus 2007
SynTPDeinstKey -> Synaptics Pointing Device Driver
VLC media player -> VLC media player 0.9.8a
Yahoo! Software Update -> Yahoo! Software Update
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 1/6/2011 2:37:04 PM Computer Name = James-PC | Source = System Restore | ID = 8193 -> Description = 
Application [ Error ] 1/6/2011 2:37:04 PM Computer Name = James-PC | Source = System Restore | ID = 8210 -> Description = 
Application [ Error ] 1/6/2011 5:51:06 PM Computer Name = James-PC | Source = EventSystem | ID = 4609 -> Description = 
Application [ Error ] 1/6/2011 6:17:54 PM Computer Name = James-PC | Source = EventSystem | ID = 4609 -> Description = 
Application [ Error ] 1/6/2011 6:18:39 PM Computer Name = James-PC | Source = Bonjour Service | ID = 100 -> Description = 396: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Application [ Error ] 1/6/2011 6:18:41 PM Computer Name = James-PC | Source = Bonjour Service | ID = 100 -> Description = 380: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Application [ Error ] 1/6/2011 6:18:41 PM Computer Name = James-PC | Source = Bonjour Service | ID = 100 -> Description = 392: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Application [ Error ] 1/6/2011 6:18:41 PM Computer Name = James-PC | Source = Bonjour Service | ID = 100 -> Description = 388: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Application [ Error ] 1/6/2011 6:18:45 PM Computer Name = James-PC | Source = EventSystem | ID = 4609 -> Description = 
Application [ Error ] 1/6/2011 6:20:12 PM Computer Name = James-PC | Source = EventSystem | ID = 4609 -> Description = 
OSession [ Error ] 6/29/2009 9:02:07 PM Computer Name = James-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.
OSession [ Error ] 7/27/2009 6:18:52 PM Computer Name = James-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.
OSession [ Error ] 11/11/2009 4:19:19 AM Computer Name = James-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 24474 seconds with 600 seconds of active time.  This session ended with a crash.
System [ Error ] 1/7/2011 7:23:36 PM Computer Name = James-PC | Source = volmgr | ID = 262190 -> Description = Crash dump initialization failed!
System [ Error ] 1/7/2011 7:24:13 PM Computer Name = James-PC | Source = DCOM | ID = 10005 -> Description = 
System [ Error ] 1/7/2011 7:24:22 PM Computer Name = James-PC | Source = DCOM | ID = 10005 -> Description = 
System [ Error ] 1/7/2011 7:24:25 PM Computer Name = James-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 -> Description = 
System [ Error ] 1/7/2011 7:24:44 PM Computer Name = James-PC | Source = DCOM | ID = 10005 -> Description = 
System [ Error ] 1/7/2011 7:24:56 PM Computer Name = James-PC | Source = DCOM | ID = 10005 -> Description = 
System [ Error ] 1/7/2011 8:43:16 PM Computer Name = James-PC | Source = DCOM | ID = 10010 -> Description = 
System [ Error ] 1/7/2011 8:43:45 PM Computer Name = James-PC | Source = volmgr | ID = 262190 -> Description = Crash dump initialization failed!
System [ Error ] 1/7/2011 8:44:04 PM Computer Name = James-PC | Source = volmgr | ID = 262190 -> Description = Crash dump initialization failed!
System [ Error ] 1/7/2011 8:47:06 PM Computer Name = James-PC | Source = WMPNetworkSvc | ID = 866300 -> Description = 
 
[Files/Folders - Created Within 30 Days]
 Phenoix Homework -> C:\Users\James\Documents\Phenoix Homework -> [2011/01/08 22:41:31 | 000,000,000 | ---D | C]
 Perfect Optimizer -> C:\Program Files\Perfect Optimizer -> [2011/01/07 16:36:03 | 000,000,000 | ---D | C]
 AVG Security Toolbar -> C:\ProgramData\AVG Security Toolbar -> [2011/01/07 16:18:22 | 000,000,000 | ---D | C]
 AVG 2011 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011 -> [2011/01/07 16:18:12 | 000,000,000 | ---D | C]
 AVG -> C:\Windows\System32\drivers\AVG -> [2011/01/07 16:17:14 | 000,000,000 | ---D | C]
 Trend Micro -> C:\Program Files\Trend Micro -> [2011/01/07 13:05:12 | 000,000,000 | ---D | C]
 HiJackThis -> C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis -> [2011/01/07 13:05:12 | 000,000,000 | ---D | C]
 UnDeployV.exe -> C:\Windows\UnDeployV.exe -> [2011/01/07 00:54:44 | 000,067,312 | ---- | C] (Just Great Software)
 ieui.dll -> C:\Windows\System32\ieui.dll -> [2011/01/06 17:30:31 | 000,176,640 | ---- | C] (Microsoft Corporation)
 mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2011/01/06 17:30:30 | 002,381,824 | ---- | C] (Microsoft Corporation)
 inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2011/01/06 17:30:30 | 001,448,448 | ---- | C] (Microsoft Corporation)
 ieapfltr.dat -> C:\Windows\System32\ieapfltr.dat -> [2011/01/06 08:27:13 | 003,695,400 | ---- | C] (Microsoft Corporation)
 jscript9.dll -> C:\Windows\System32\jscript9.dll -> [2011/01/06 08:27:13 | 001,355,264 | ---- | C] (Microsoft Corporation)
 jscript.dll -> C:\Windows\System32\jscript.dll -> [2011/01/06 08:27:13 | 000,719,360 | ---- | C] (Microsoft Corporation)
 msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2011/01/06 08:27:13 | 000,596,480 | ---- | C] (Microsoft Corporation)
 iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2011/01/06 08:27:13 | 000,460,088 | ---- | C] (Microsoft Corporation)
 ieapfltr.dll -> C:\Windows\System32\ieapfltr.dll -> [2011/01/06 08:27:13 | 000,441,856 | ---- | C] (Microsoft Corporation)
 vbscript.dll -> C:\Windows\System32\vbscript.dll -> [2011/01/06 08:27:13 | 000,424,960 | ---- | C] (Microsoft Corporation)
 html.iec -> C:\Windows\System32\html.iec -> [2011/01/06 08:27:13 | 000,367,104 | ---- | C] (Microsoft Corporation)
 dxtmsft.dll -> C:\Windows\System32\dxtmsft.dll -> [2011/01/06 08:27:13 | 000,353,280 | ---- | C] (Microsoft Corporation)
 ieaksie.dll -> C:\Windows\System32\ieaksie.dll -> [2011/01/06 08:27:13 | 000,227,840 | ---- | C] (Microsoft Corporation)
 dxtrans.dll -> C:\Windows\System32\dxtrans.dll -> [2011/01/06 08:27:13 | 000,223,232 | ---- | C] (Microsoft Corporation)
 ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2011/01/06 08:27:13 | 000,193,024 | ---- | C] (Microsoft Corporation)
 msrating.dll -> C:\Windows\System32\msrating.dll -> [2011/01/06 08:27:13 | 000,166,400 | ---- | C] (Microsoft Corporation)
 ieakui.dll -> C:\Windows\System32\ieakui.dll -> [2011/01/06 08:27:13 | 000,163,840 | ---- | C] (Microsoft Corporation)
 msls31.dll -> C:\Windows\System32\msls31.dll -> [2011/01/06 08:27:13 | 000,160,768 | ---- | C] (Microsoft Corporation)
 ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2011/01/06 08:27:13 | 000,142,848 | ---- | C] (Microsoft Corporation)
 ieakeng.dll -> C:\Windows\System32\ieakeng.dll -> [2011/01/06 08:27:13 | 000,130,560 | ---- | C] (Microsoft Corporation)
 iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2011/01/06 08:27:13 | 000,114,176 | ---- | C] (Microsoft Corporation)
 IEAdvpack.dll -> C:\Windows\System32\IEAdvpack.dll -> [2011/01/06 08:27:13 | 000,110,592 | ---- | C] (Microsoft Corporation)
 url.dll -> C:\Windows\System32\url.dll -> [2011/01/06 08:27:13 | 000,109,568 | ---- | C] (Microsoft Corporation)
 inseng.dll -> C:\Windows\System32\inseng.dll -> [2011/01/06 08:27:13 | 000,080,384 | ---- | C] (Microsoft Corporation)
 SetIEInstalledDate.exe -> C:\Windows\System32\SetIEInstalledDate.exe -> [2011/01/06 08:27:13 | 000,076,800 | ---- | C] (Microsoft Corporation)
 RegisterIEPKEYs.exe -> C:\Windows\System32\RegisterIEPKEYs.exe -> [2011/01/06 08:27:13 | 000,074,752 | ---- | C] (Microsoft Corporation)
 SetDepNx.exe -> C:\Windows\System32\SetDepNx.exe -> [2011/01/06 08:27:13 | 000,072,704 | ---- | C] (Microsoft Corporation)
 jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2011/01/06 08:27:13 | 000,065,024 | ---- | C] (Microsoft Corporation)
 admparse.dll -> C:\Windows\System32\admparse.dll -> [2011/01/06 08:27:13 | 000,051,200 | ---- | C] (Microsoft Corporation)
 pngfilt.dll -> C:\Windows\System32\pngfilt.dll -> [2011/01/06 08:27:13 | 000,049,664 | ---- | C] (Microsoft Corporation)
 mshtmler.dll -> C:\Windows\System32\mshtmler.dll -> [2011/01/06 08:27:13 | 000,048,640 | ---- | C] (Microsoft Corporation)
 msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2011/01/06 08:27:13 | 000,044,544 | ---- | C] (Microsoft Corporation)
 imgutil.dll -> C:\Windows\System32\imgutil.dll -> [2011/01/06 08:27:13 | 000,033,280 | ---- | C] (Microsoft Corporation)
 licmgr10.dll -> C:\Windows\System32\licmgr10.dll -> [2011/01/06 08:27:13 | 000,023,552 | ---- | C] (Microsoft Corporation)
 msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2011/01/06 08:27:13 | 000,010,240 | ---- | C] (Microsoft Corporation)
 iexpress.exe -> C:\Windows\System32\iexpress.exe -> [2011/01/06 08:27:12 | 000,150,016 | ---- | C] (Microsoft Corporation)
 wextract.exe -> C:\Windows\System32\wextract.exe -> [2011/01/06 08:27:12 | 000,149,504 | ---- | C] (Microsoft Corporation)
 iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2011/01/06 08:27:12 | 000,111,104 | ---- | C] (Microsoft Corporation)
 iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2011/01/06 08:27:12 | 000,075,264 | ---- | C] (Microsoft Corporation)
 iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2011/01/06 08:27:12 | 000,032,768 | ---- | C] (Microsoft Corporation)
 ElevatedDiagnostics -> C:\Users\James\AppData\Local\ElevatedDiagnostics -> [2011/01/04 16:37:36 | 000,000,000 | ---D | C]
 Windows PowerShell 1.0 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 1.0 -> [2011/01/04 16:36:53 | 000,000,000 | R--D | C]
 WindowsPowerShell -> C:\Windows\System32\WindowsPowerShell -> [2011/01/04 16:36:53 | 000,000,000 | ---D | C]
 Microsoft ATS -> C:\Program Files\Microsoft ATS -> [2011/01/04 16:35:59 | 000,000,000 | ---D | C]
 XpsRasterService.dll -> C:\Windows\System32\XpsRasterService.dll -> [2011/01/03 00:44:55 | 000,135,680 | ---- | C] (Microsoft Corporation)
 d3d10warp.dll -> C:\Windows\System32\d3d10warp.dll -> [2011/01/03 00:44:54 | 001,174,528 | ---- | C] (Microsoft Corporation)
 DWrite.dll -> C:\Windows\System32\DWrite.dll -> [2011/01/03 00:44:54 | 001,068,032 | ---- | C] (Microsoft Corporation)
 MFH264Dec.dll -> C:\Windows\System32\MFH264Dec.dll -> [2011/01/03 00:44:54 | 000,979,456 | ---- | C] (Microsoft Corporation)
 FntCache.dll -> C:\Windows\System32\FntCache.dll -> [2011/01/03 00:44:54 | 000,797,184 | ---- | C] (Microsoft Corporation)
 d2d1.dll -> C:\Windows\System32\d2d1.dll -> [2011/01/03 00:44:54 | 000,680,960 | ---- | C] (Microsoft Corporation)
 MFHEAACdec.dll -> C:\Windows\System32\MFHEAACdec.dll -> [2011/01/03 00:44:54 | 000,357,376 | ---- | C] (Microsoft Corporation)
 mfmp4src.dll -> C:\Windows\System32\mfmp4src.dll -> [2011/01/03 00:44:54 | 000,302,592 | ---- | C] (Microsoft Corporation)
 XpsGdiConverter.dll -> C:\Windows\System32\XpsGdiConverter.dll -> [2011/01/03 00:44:54 | 000,280,064 | ---- | C] (Microsoft Corporation)
 mfreadwrite.dll -> C:\Windows\System32\mfreadwrite.dll -> [2011/01/03 00:44:54 | 000,261,632 | ---- | C] (Microsoft Corporation)
 d3d10_1core.dll -> C:\Windows\System32\d3d10_1core.dll -> [2011/01/03 00:44:54 | 000,219,648 | ---- | C] (Microsoft Corporation)
 d3d10_1.dll -> C:\Windows\System32\d3d10_1.dll -> [2011/01/03 00:44:54 | 000,161,280 | ---- | C] (Microsoft Corporation)
 Feedback Tool -> C:\Program Files\Feedback Tool -> [2011/01/03 00:44:33 | 000,000,000 | ---D | C]
 SUPERAntiSpyware.com -> C:\Users\James\AppData\Roaming\SUPERAntiSpyware.com -> [2011/01/02 19:08:05 | 000,000,000 | ---D | C]
 SUPERAntiSpyware.com -> C:\ProgramData\SUPERAntiSpyware.com -> [2011/01/02 19:08:05 | 000,000,000 | ---D | C]
 SUPERAntiSpyware -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware -> [2011/01/02 19:07:56 | 000,000,000 | ---D | C]
 SUPERAntiSpyware -> C:\Program Files\SUPERAntiSpyware -> [2011/01/02 19:07:51 | 000,000,000 | ---D | C]
 AVG PC Tuneup 2011 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011 -> [2011/01/01 23:35:10 | 000,000,000 | ---D | C]
 AVG10 -> C:\Users\James\AppData\Roaming\AVG10 -> [2010/12/31 12:47:05 | 000,000,000 | ---D | C]
 AVG10 -> C:\ProgramData\AVG10 -> [2010/12/31 12:14:24 | 000,000,000 | ---D | C]
 MFAData -> C:\ProgramData\MFAData -> [2010/12/31 12:08:30 | 000,000,000 | ---D | C]
 javaws.exe -> C:\Windows\System32\javaws.exe -> [2010/12/31 12:02:49 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.)
 javaw.exe -> C:\Windows\System32\javaw.exe -> [2010/12/31 12:02:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
 java.exe -> C:\Windows\System32\java.exe -> [2010/12/31 12:02:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
 movies -> C:\Users\James\Documents\movies -> [2010/12/27 19:08:49 | 000,000,000 | ---D | C]
 iTunes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes -> [2010/12/19 14:07:23 | 000,000,000 | ---D | C]
 iPod -> C:\Program Files\iPod -> [2010/12/19 14:05:17 | 000,000,000 | ---D | C]
 iTunes -> C:\Program Files\iTunes -> [2010/12/19 14:05:15 | 000,000,000 | ---D | C]
 QuickTime -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime -> [2010/12/19 14:00:43 | 000,000,000 | ---D | C]
 QuickTime -> C:\Program Files\QuickTime -> [2010/12/19 14:00:11 | 000,000,000 | ---D | C]
 win32k.sys -> C:\Windows\System32\win32k.sys -> [2010/12/15 23:44:27 | 002,038,272 | ---- | C] (Microsoft Corporation)
 taskschd.dll -> C:\Windows\System32\taskschd.dll -> [2010/12/15 23:44:22 | 000,352,768 | ---- | C] (Microsoft Corporation)
 wmicmiplugin.dll -> C:\Windows\System32\wmicmiplugin.dll -> [2010/12/15 23:44:21 | 000,345,600 | ---- | C] (Microsoft Corporation)
 taskcomp.dll -> C:\Windows\System32\taskcomp.dll -> [2010/12/15 23:44:19 | 000,270,336 | ---- | C] (Microsoft Corporation)
 consent.exe -> C:\Windows\System32\consent.exe -> [2010/12/15 23:44:13 | 000,081,920 | ---- | C] (Microsoft Corporation)
 atmfd.dll -> C:\Windows\System32\atmfd.dll -> [2010/12/15 23:44:09 | 000,292,352 | ---- | C] (Adobe Systems Incorporated)
 atmlib.dll -> C:\Windows\System32\atmlib.dll -> [2010/12/15 23:44:09 | 000,034,304 | ---- | C] (Adobe Systems)
 fontsub.dll -> C:\Windows\System32\fontsub.dll -> [2010/12/15 23:44:08 | 000,072,704 | ---- | C] (Microsoft Corporation)
 tzres.dll -> C:\Windows\System32\tzres.dll -> [2010/12/15 23:43:36 | 000,002,048 | ---- | C] (Microsoft Corporation)
 pcouffin.sys -> C:\Users\James\AppData\Roaming\pcouffin.sys -> [2008/12/24 00:10:10 | 000,047,360 | ---- | C] (VSO Software)
 1 C:\Users\James\Documents\*.tmp files -> C:\Users\James\Documents\*.tmp -> 
 
[Files/Folders - Modified Within 30 Days]
 Apple Safari.lnk -> C:\Users\James\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk -> [2011/01/09 10:48:55 | 000,002,305 | ---- | M] ()
 GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2011/01/09 10:29:00 | 000,000,886 | ---- | M] ()
 incavi.avm -> C:\Windows\System32\drivers\AVG\incavi.avm -> [2011/01/09 09:48:42 | 103,833,463 | ---- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/01/09 09:44:36 | 000,003,296 | -H-- | M] ()
 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/01/09 09:44:36 | 000,003,296 | -H-- | M] ()
 GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2011/01/08 12:34:20 | 000,000,882 | ---- | M] ()
 HiJackThis.lnk -> C:\Users\James\Desktop\HiJackThis.lnk -> [2011/01/08 08:06:15 | 000,002,523 | ---- | M] ()
 img029.jpg -> C:\Users\James\Documents\img029.jpg -> [2011/01/07 20:58:32 | 000,691,231 | ---- | M] ()
 img028.jpg -> C:\Users\James\Documents\img028.jpg -> [2011/01/07 20:47:17 | 000,694,657 | ---- | M] ()
 perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011/01/07 20:37:23 | 000,607,406 | ---- | M] ()
 perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011/01/07 20:37:23 | 000,105,014 | ---- | M] ()
 FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2011/01/07 19:45:12 | 000,390,768 | ---- | M] ()
 GlaryInitialize.job -> C:\Windows\tasks\GlaryInitialize.job -> [2011/01/07 19:45:00 | 000,000,312 | ---- | M] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2011/01/07 19:44:27 | 000,067,584 | --S- | M] ()
 d3d9caps.dat -> C:\Users\James\AppData\Local\d3d9caps.dat -> [2011/01/07 19:21:53 | 000,000,680 | ---- | M] ()
 AVG 2011.lnk -> C:\Users\Public\Desktop\AVG 2011.lnk -> [2011/01/07 16:18:13 | 000,000,834 | ---- | M] ()
 iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2011/01/07 01:12:08 | 000,001,668 | ---- | M] ()
 Launch Internet Explorer Browser.lnk -> C:\Users\James\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011/01/06 08:30:30 | 000,000,947 | ---- | M] ()
 icrav03.rat -> C:\Windows\System32\icrav03.rat -> [2011/01/06 08:27:38 | 000,008,798 | ---- | M] ()
 ticrf.rat -> C:\Windows\System32\ticrf.rat -> [2011/01/06 08:27:38 | 000,001,988 | ---- | M] ()
 img027.jpg -> C:\Users\James\Documents\img027.jpg -> [2011/01/05 22:55:01 | 000,339,102 | ---- | M] ()
 img026.jpg -> C:\Users\James\Documents\img026.jpg -> [2011/01/05 16:33:35 | 000,942,654 | ---- | M] ()
 ocsetup_install_MicrosoftWindowsPowerShell.etl -> C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl -> [2011/01/04 16:36:13 | 004,063,232 | ---- | M] ()
 ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf -> C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf -> [2011/01/04 16:36:13 | 000,196,608 | ---- | M] ()
 ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx -> C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx -> [2011/01/04 16:36:13 | 000,065,536 | ---- | M] ()
 SUPERAntiSpyware Free Edition.lnk -> C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2011/01/02 19:07:56 | 000,001,804 | ---- | M] ()
 AVG PC Tuneup 2011.lnk -> C:\Users\James\Desktop\AVG PC Tuneup 2011.lnk -> [2011/01/01 23:35:12 | 000,000,974 | ---- | M] ()
 SYSTEM -> C:\Windows\System32\SYSTEM -> [2010/12/31 12:52:11 | 000,000,020 | ---- | M] ()
 LofRecom&Pictures.docx -> C:\Users\James\Documents\LofRecom&Pictures.docx -> [2010/12/28 15:48:47 | 001,485,320 | ---- | M] ()
 letterofrecommendation -WO.jpg -> C:\Users\James\Documents\letterofrecommendation -WO.jpg -> [2010/12/28 15:43:21 | 001,007,467 | ---- | M] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/12/28 09:12:11 | 000,100,864 | ---- | M] ()
 pictures.docx -> C:\Users\James\Documents\pictures.docx -> [2010/12/20 09:08:11 | 000,476,943 | ---- | M] ()
 100_2413.JPG -> C:\Users\James\Desktop\100_2413.JPG -> [2010/12/19 22:29:58 | 000,353,992 | ---- | M] ()
 100_2412.JPG -> C:\Users\James\Desktop\100_2412.JPG -> [2010/12/19 22:29:34 | 000,728,008 | ---- | M] ()
 100_2409.JPG -> C:\Users\James\Desktop\100_2409.JPG -> [2010/12/19 22:12:26 | 000,770,172 | ---- | M] ()
 100_2408.JPG -> C:\Users\James\Desktop\100_2408.JPG -> [2010/12/19 22:12:18 | 000,734,028 | ---- | M] ()
 QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2010/12/19 14:00:43 | 000,001,730 | ---- | M] ()
 Couple Resume-Domestic.doc -> C:\Users\James\Documents\Couple Resume-Domestic.doc -> [2010/12/18 17:52:45 | 000,054,784 | ---- | M] ()
 13 C:\Users\James\AppData\Local\Temp\*.tmp files -> C:\Users\James\AppData\Local\Temp\*.tmp -> 
 1 C:\Users\James\Documents\*.tmp files -> C:\Users\James\Documents\*.tmp -> 
 
[Files - No Company Name]
 incavi.avm -> C:\Windows\System32\drivers\AVG\incavi.avm -> [2011/01/09 09:48:42 | 103,833,463 | ---- | C] ()
 img029.jpg -> C:\Users\James\Documents\img029.jpg -> [2011/01/07 20:48:31 | 000,691,231 | ---- | C] ()
 img028.jpg -> C:\Users\James\Documents\img028.jpg -> [2011/01/07 20:45:15 | 000,694,657 | ---- | C] ()
 AVG 2011.lnk -> C:\Users\Public\Desktop\AVG 2011.lnk -> [2011/01/07 16:18:13 | 000,000,834 | ---- | C] ()
 HiJackThis.lnk -> C:\Users\James\Desktop\HiJackThis.lnk -> [2011/01/07 13:05:12 | 000,002,523 | ---- | C] ()
 ieuinit.inf -> C:\Windows\System32\ieuinit.inf -> [2011/01/06 08:27:13 | 000,072,533 | ---- | C] ()
 img027.jpg -> C:\Users\James\Documents\img027.jpg -> [2011/01/05 22:55:00 | 000,339,102 | ---- | C] ()
 img026.jpg -> C:\Users\James\Documents\img026.jpg -> [2011/01/05 16:33:33 | 000,942,654 | ---- | C] ()
 ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf -> C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf -> [2011/01/04 16:36:07 | 000,196,608 | ---- | C] ()
 ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx -> C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx -> [2011/01/04 16:36:07 | 000,065,536 | ---- | C] ()
 ocsetup_install_MicrosoftWindowsPowerShell.etl -> C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl -> [2011/01/04 16:36:06 | 004,063,232 | ---- | C] ()
 SUPERAntiSpyware Free Edition.lnk -> C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2011/01/02 19:07:56 | 000,001,804 | ---- | C] ()
 AVG PC Tuneup 2011.lnk -> C:\Users\James\Desktop\AVG PC Tuneup 2011.lnk -> [2011/01/01 23:35:12 | 000,000,974 | ---- | C] ()
 SYSTEM -> C:\Windows\System32\SYSTEM -> [2010/12/31 12:52:11 | 000,000,020 | ---- | C] ()
 LofRecom&Pictures.docx -> C:\Users\James\Documents\LofRecom&Pictures.docx -> [2010/12/28 15:48:47 | 001,485,320 | ---- | C] ()
 letterofrecommendation -WO.jpg -> C:\Users\James\Documents\letterofrecommendation -WO.jpg -> [2010/12/28 15:41:38 | 001,007,467 | ---- | C] ()
 pictures.docx -> C:\Users\James\Documents\pictures.docx -> [2010/12/20 09:08:10 | 000,476,943 | ---- | C] ()
 100_2412.JPG -> C:\Users\James\Desktop\100_2412.JPG -> [2010/12/20 09:00:22 | 000,728,008 | ---- | C] ()
 100_2413.JPG -> C:\Users\James\Desktop\100_2413.JPG -> [2010/12/20 09:00:22 | 000,353,992 | ---- | C] ()
 100_2409.JPG -> C:\Users\James\Desktop\100_2409.JPG -> [2010/12/20 08:43:48 | 000,770,172 | ---- | C] ()
 100_2408.JPG -> C:\Users\James\Desktop\100_2408.JPG -> [2010/12/20 08:43:48 | 000,734,028 | ---- | C] ()
 iTunes.lnk -> C:\Users\Public\Desktop\iTunes.lnk -> [2010/12/19 14:07:23 | 000,001,668 | ---- | C] ()
 QuickTime Player.lnk -> C:\Users\Public\Desktop\QuickTime Player.lnk -> [2010/12/19 14:00:43 | 000,001,730 | ---- | C] ()
 Couple Resume-Domestic.doc -> C:\Users\James\Documents\Couple Resume-Domestic.doc -> [2010/12/18 17:47:56 | 000,054,784 | ---- | C] ()
 d3d9caps.dat -> C:\Users\James\AppData\Local\d3d9caps.dat -> [2010/09/17 08:49:08 | 000,000,680 | ---- | C] ()
 Rim.Desktop.Exception.log -> C:\Users\James\AppData\Roaming\Rim.Desktop.Exception.log -> [2010/08/15 23:38:29 | 000,000,231 | ---- | C] ()
 Rim.Desktop.HttpServerSetup.log -> C:\Users\James\AppData\Roaming\Rim.Desktop.HttpServerSetup.log -> [2010/08/11 06:17:24 | 000,000,801 | ---- | C] ()
 xobni_installer_updater.log -> C:\Users\James\AppData\Local\xobni_installer_updater.log -> [2009/11/17 23:29:01 | 000,000,032 | ---- | C] ()
 iniasd.txt -> C:\Users\James\AppData\Roaming\iniasd.txt -> [2009/09/28 22:48:19 | 000,000,014 | ---- | C] ()
 OGACheckControl.dll -> C:\Windows\System32\OGACheckControl.dll -> [2009/08/03 14:07:42 | 000,403,816 | ---- | C] ()
 EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/07/20 20:30:48 | 000,117,248 | ---- | C] ()
 UserTile.png -> C:\Users\James\AppData\Roaming\UserTile.png -> [2009/05/02 21:47:28 | 000,158,506 | ---- | C] ()
 RtNicProp32.dll -> C:\Windows\System32\RtNicProp32.dll -> [2009/03/05 05:54:58 | 000,073,728 | ---- | C] ()
 PICSDK.ini -> C:\Windows\System32\PICSDK.ini -> [2009/02/27 19:09:23 | 000,000,097 | ---- | C] ()
 EPSNX400.ini -> C:\Windows\EPSNX400.ini -> [2009/02/27 19:05:17 | 000,000,044 | ---- | C] ()
 QUICKEN.INI -> C:\Windows\QUICKEN.INI -> [2009/02/13 22:03:42 | 000,000,148 | ---- | C] ()
 vso_ts_preview.xml -> C:\Users\James\AppData\Roaming\vso_ts_preview.xml -> [2008/12/24 00:17:08 | 000,000,671 | ---- | C] ()
 pcouffin.log -> C:\Users\James\AppData\Roaming\pcouffin.log -> [2008/12/24 00:12:23 | 000,000,033 | ---- | C] ()
 inst.exe -> C:\Users\James\AppData\Roaming\inst.exe -> [2008/12/24 00:10:10 | 000,087,608 | ---- | C] ()
 pcouffin.cat -> C:\Users\James\AppData\Roaming\pcouffin.cat -> [2008/12/24 00:10:10 | 000,007,887 | ---- | C] ()
 pcouffin.inf -> C:\Users\James\AppData\Roaming\pcouffin.inf -> [2008/12/24 00:10:10 | 000,001,144 | ---- | C] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/12/13 23:57:07 | 000,100,864 | ---- | C] ()
 lvcoinst.ini -> C:\Windows\System32\lvcoinst.ini -> [2008/12/09 18:46:59 | 000,042,594 | ---- | C] ()
 igfxCoIn_v1114.dll -> C:\Windows\System32\igfxCoIn_v1114.dll -> [2008/12/09 18:45:56 | 000,204,800 | ---- | C] ()
 libcurl.dll -> C:\Windows\System32\libcurl.dll -> [2008/03/04 18:52:34 | 000,286,720 | ---- | C] ()
 igfxCoIn_v1437.dll -> C:\Windows\System32\igfxCoIn_v1437.dll -> [2008/02/11 19:55:18 | 000,147,456 | ---- | C] ()
 zlib1.dll -> C:\Windows\System32\zlib1.dll -> [2007/10/31 09:39:54 | 000,059,904 | ---- | C] ()
 libexpatw.dll -> C:\Windows\System32\libexpatw.dll -> [2007/05/17 13:58:10 | 000,143,360 | ---- | C] ()
 NTIBUN4.dll -> C:\Windows\System32\NTIBUN4.dll -> [2006/12/05 07:15:30 | 000,001,024 | RH-- | C] ()
 libxml2.dll -> C:\Windows\libxml2.dll -> [2006/12/05 06:58:20 | 000,743,424 | R--- | C] ()
 iconv.dll -> C:\Windows\iconv.dll -> [2006/12/05 06:56:37 | 000,872,448 | R--- | C] ()
 UBHelper.sys -> C:\Windows\System32\drivers\UBHelper.sys -> [2006/12/05 00:10:14 | 000,013,952 | ---- | C] ()
 _psisdecd.dll -> C:\Windows\System32\_psisdecd.dll -> [2006/12/05 00:09:00 | 000,198,144 | ---- | C] ()
 sugo3l3.dll -> C:\Windows\System32\sugo3l3.dll -> [2006/12/04 01:25:14 | 000,022,723 | ---- | C] ()
 PreLaunch.ini -> C:\Windows\PreLaunch.ini -> [2006/12/02 13:32:24 | 000,000,042 | ---- | C] ()
 Capsule.dll -> C:\Windows\Capsule.dll -> [2006/12/02 13:32:23 | 000,204,800 | ---- | C] ()
 WdfCoInstaller01000.dll -> C:\Windows\System32\WdfCoInstaller01000.dll -> [2006/12/02 13:32:22 | 001,060,424 | ---- | C] ()
 MSNSpook.dll -> C:\Windows\System32\MSNSpook.dll -> [2006/11/16 16:20:10 | 000,086,016 | ---- | C] ()
 MSNChatHook.dll -> C:\Windows\System32\MSNChatHook.dll -> [2006/11/16 16:19:10 | 000,037,376 | ---- | C] ()
 sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 07:35:32 | 000,005,632 | ---- | C] ()
 pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 02:40:29 | 000,013,750 | ---- | C] ()
 multiplex_vcd.dll -> C:\Windows\System32\multiplex_vcd.dll -> [2001/12/26 18:12:30 | 000,065,536 | ---- | C] ()
 Hmpg12.dll -> C:\Windows\System32\Hmpg12.dll -> [2001/09/04 01:46:38 | 000,110,592 | ---- | C] ()
 HMPV2_ENC.dll -> C:\Windows\System32\HMPV2_ENC.dll -> [2001/07/30 18:33:56 | 000,118,784 | ---- | C] ()
 HMPV2_ENC_MMX.dll -> C:\Windows\System32\HMPV2_ENC_MMX.dll -> [2001/07/24 00:04:36 | 000,118,784 | ---- | C] ()
 iyvu9_32.dll -> C:\Windows\System32\iyvu9_32.dll -> [1997/06/13 20:56:08 | 000,056,832 | ---- | C] ()
 
[Alternate Data Streams]
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:3FC4A10A
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:81C88EA7
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:45FE2B4E
@Alternate Data Stream - 182 bytes -> C:\ProgramData\TEMP:F3AB0B43
< End of report >
 
1 - 20 of 21 Posts
Status
Not open for further replies.
Top