JS/generic

View previous topic View next topic Go down

JS/generic

Post by cbitterli on 14th April 2010, 2:50 am

Here is my DDS.TXT
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/27/2008 7:46:18 PM
System Uptime: 4/12/2010 10:31:26 PM (24 hours ago)

Motherboard: BIOSTAR Group | | P4M90-M7A
Processor: Intel(R) Pentium(R) D CPU 3.40GHz | Socket 775 | 3400/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 190 GiB total, 164.595 GiB free.
D: is CDROM ()
E: is CDROM ()
G: is FIXED (FAT32) - 7 GiB total, 5.93 GiB free.
N: is FIXED (NTFS) - 19 GiB total, 5.681 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Description: Primary IDE Channel
Device ID: PCIIDE\IDECHANNEL\4&276F9A96&0&0
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Name: Primary IDE Channel
PNP Device ID: PCIIDE\IDECHANNEL\4&276F9A96&0&0
Service: atapi

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

32 Bit HP CIO Components Installer
4500_Help
A Better Calendar for Windows
Acronis True Image Home
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.1
Almeza MultiSet Professional 6.7
AnVir Task Manager
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
Auslogics Duplicate File Finder
Authentium AntiVirus SDK - 2
AutoHotkey 1.0.48.00
AVG Free 9.0
Booster 1.03
BPD_HPSU
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Carbonite Online Backup Setup
CDDRV_Installer
Coupon Printer for Windows
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocMgr
DocProc
DocProcQFolder
Driver Detective
DVD Suite
Easy Macro Recorder 3.81
eSupportQFolder
EVEREST Ultimate v4.20.1241 + Corporate Edition + Debug Beta Re
eVoice Player 1.0
Fax
Find+Run Robot 2.45.01
Foxit Reader
Genealogica Grafica
Google Chrome
Google Earth
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService
Graboid Video 1.65
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photosmart Essential 2.5
HP Update
HPProductAssistant
HPSSupply
InfraRecorder
IrfanView (remove only)
itsourtree.com - Home Edition 1.01
J4500
Java Auto Updater
Java DB 10.5.3.0
Java(TM) 6 Update 19
Java(TM) SE Development Kit 6 Update 19
Junk Mail filter update
KhalInstallWrapper
Learn to Play Bridge
Learn to Play Bridge 2
Legacy 7.4
Legacy Charting 7.0
Logitech QuickCam
Logitech QuickCam Driver Package
Logitech SetPoint
Malwarebytes' Anti-Malware
MarketResearch
MediaRing Talk
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft WSE 3.0 Runtime
Motherboard Monitor 5
Mozilla Firefox (3.6.3)
MozyHome Remote Backup
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
Norton Security Suite
OCR Software by I.R.I.S. 10.0
OpenOffice.org 3.0
Paragon Drive Backup™ 9 Professional
ParetoLogic DriverCure
Perfect Macro Recorder 2.00
Picasa 3
Platform
PowerArchiver 2006 v9.63
PowerDVD
PowerISO
PowerProducer
ProductContext
PSSWCORE
QuickTime
RadioGet 1.3.8
Realtek High Definition Audio Driver
Recuva (remove only)
Scan
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Segoe UI
Skype web features
Skype™ 4.1
SmartWebPrintingOC
Software Informer 1.0 BETA
SolutionCenter
SoundTaxi Media Suite 3.9.1
Spotmau WinCare 2007
Status
Sumatra PDF reader
SUPERAntiSpyware Free Edition
System Explorer 2.0.7
The Weather Channel Desktop 6
Toolbox
Total Commander (Remove or Repair)
TrayApp
TuneUp Utilities 2007
UltraVNC v1.0.2
Uniblue RegistryBooster 2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB951978)
VIA Chrome9 HC IGP Family Display
VIA Display Driver 6.14.10.0099
VIA Rhine-Family Fast-Ethernet Adapter
VideoLAN VLC media player 0.8.6d
VideoToolkit01
WebFldrs XP
WebReg
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
WinUtilities 6.2
WinX DVD Ripper Platinum 5.1.1
WinZip 14.0
World Archives Project Keying Tool Install and Uninstall
Yahoo! Software Update
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

4/9/2010 12:32:39 PM, error: Dhcp [1002] - The IP address lease 192.168.100.2 for the Network Card with network address 00E04D6B6392 has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
4/9/2010 12:32:18 PM, error: Dhcp [1002] - The IP address lease 68.54.248.34 for the Network Card with network address 00E04D6B6392 has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
4/7/2010 3:44:33 PM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
4/7/2010 3:44:33 PM, error: Service Control Manager [7022] - The dvpapi service hung on starting.
4/7/2010 3:39:11 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the N360 service.
4/12/2010 8:14:35 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde ViaIde xfilt
4/11/2010 8:24:48 PM, error: Service Control Manager [7031] - The Norton Security Suite service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/11/2010 11:54:56 PM, error: Service Control Manager [7031] - The Norton Security Suite service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

==== End Of File ===========================

cbitterli
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-04-14
OS OS : XP
Points Points : 24373
# Likes # Likes : 0

View user profile

Back to top Go down

Re: JS/generic

Post by Belahzur on 15th April 2010, 2:57 pm

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: JS/generic

Post by cbitterli on 15th April 2010, 5:40 pm

OTL logfile created on: 4/15/2010 1:29:06 PM - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\paul\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 189.92 Gb Total Space | 164.55 Gb Free Space | 86.64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7.43 Gb Total Space | 5.93 Gb Free Space | 79.80% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive N: | 18.68 Gb Total Space | 5.68 Gb Free Space | 30.42% Space Free | Partition Type: NTFS

Computer Name: CVB
Current User Name: paul
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/15 13:28:27 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\paul\My Documents\Downloads\OTL.exe
PRC - [2010/04/04 15:51:13 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/04/01 09:39:44 | 002,064,224 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/04/01 09:39:15 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/03/14 09:57:03 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/03/14 09:57:03 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/14 09:57:00 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/14 09:56:33 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/03/14 09:56:32 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/01 23:04:16 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/03/01 23:04:16 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.1.0.32\ccsvchst.exe
PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/02/04 14:00:00 | 000,495,432 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2009/08/07 15:36:26 | 003,993,368 | ---- | M] (ParetoLogic) -- C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
PRC - [2009/06/24 15:03:34 | 002,876,216 | ---- | M] (Mozy, Inc.) -- C:\Program Files\MozyHome\mozystat.exe
PRC - [2009/01/20 16:22:12 | 000,069,632 | ---- | M] (S3 Graphics Co., Inc.) -- C:\WINDOWS\system32\s3loadsv.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/07/27 21:12:49 | 002,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008/07/27 21:11:45 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/07/27 21:09:28 | 000,141,848 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/07/27 21:09:25 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
PRC - [2008/07/27 21:09:25 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2008/07/23 13:16:50 | 001,927,448 | ---- | M] (Uniblue Software) -- C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
PRC - [2008/07/08 18:48:16 | 000,204,800 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\S3Trayp.exe
PRC - [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/09 12:54:08 | 000,177,416 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
PRC - [2007/04/23 05:00:00 | 000,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2007/04/11 16:32:22 | 000,056,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
PRC - [2007/02/16 18:57:24 | 001,945,960 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2007/02/16 18:49:58 | 000,149,024 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2007/02/16 18:49:50 | 000,411,168 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2007/02/16 18:45:30 | 001,169,776 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2007/01/20 03:09:41 | 000,200,704 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2006/12/22 16:30:08 | 000,016,384 | ---- | M] () -- C:\Program Files\Spotmau WinCares 2007\FolderProtectService.exe
PRC - [2006/12/22 16:29:58 | 000,024,576 | ---- | M] () -- C:\Program Files\Spotmau WinCares 2007\FolderProtect.exe
PRC - [2006/06/18 14:56:10 | 000,712,704 | ---- | M] (UltraVNC) -- C:\Program Files\UltraVNC\winvnc.exe
PRC - [2003/04/01 11:33:00 | 000,053,248 | ---- | M] (ali) -- C:\USBStorage\USBDetector.exe


========== Modules (SafeList) ==========

MOD - [2010/04/15 13:28:27 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\paul\My Documents\Downloads\OTL.exe
MOD - [2010/03/26 19:52:36 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.1.0.32\asoehook.dll
MOD - [2009/07/12 04:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.1.0.32\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 04:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Security Suite\Engine\4.1.0.32\microsoft.vc90.crt\msvcp90.dll
MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/12 02:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2007/10/19 14:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcInj.dll
MOD - [2007/04/23 05:00:00 | 000,045,568 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/14 09:57:00 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/14 09:56:33 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/03/01 23:04:16 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Security Suite\Engine\4.1.0.32\ccSvcHst.exe -- (N360)
SRV - [2009/09/29 06:41:04 | 000,335,872 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\SoundTaxi Media Suite\STSService.exe -- (STSService)
SRV - [2009/09/28 16:13:04 | 000,335,872 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\RadioGet\RGService.exe -- (RGService)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/01/20 16:22:12 | 000,069,632 | ---- | M] (S3 Graphics Co., Inc.) [Auto | Running] -- C:\WINDOWS\system32\s3loadsv.exe -- (S3LoadSv)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/27 21:09:28 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\logishrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/07/27 21:09:28 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/07/09 12:54:08 | 000,177,416 | R--- | M] (Authentium, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe -- (dvpapi)
SRV - [2007/05/16 09:41:18 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2007/02/16 18:49:50 | 000,411,168 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006/12/22 16:30:08 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Program Files\Spotmau WinCares 2007\FolderProtectService.exe -- (FolderProtectService)
SRV - [2006/06/18 14:56:10 | 000,712,704 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\UltraVNC\WinVNC.exe -- (winvnc)


========== Driver Services (SafeList) ==========

DRV - [2010/04/04 18:11:07 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/04/04 01:00:00 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/04/04 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/04/04 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/04/04 01:00:00 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\NAVENG.SYS -- (NAVENG)
DRV - [2010/03/24 16:38:08 | 000,536,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100324.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/03/14 09:57:04 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/03/14 09:57:03 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/14 09:56:32 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/02/26 22:23:54 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\Ironx86.SYS -- (SymIRON)
DRV - [2010/02/26 22:23:21 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0401000.020\SRTSP.SYS -- (SRTSP)
DRV - [2010/02/26 22:23:21 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\ccHPx86.sys -- (ccHP)
DRV - [2010/02/22 23:13:55 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/02/21 08:54:31 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/21 08:54:30 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/21 08:54:30 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/11/26 02:41:48 | 000,172,592 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\SYMEFA.SYS -- (SymEFA)
DRV - [2009/11/21 20:43:48 | 000,362,032 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0401000.020\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/11/16 20:51:14 | 000,329,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100409.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2009/10/14 23:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\SYMDS.SYS -- (SymDS)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/04/30 23:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/04/30 22:55:34 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2009/03/17 09:34:10 | 000,561,152 | ---- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2009/02/18 19:31:04 | 005,028,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/12/13 14:47:38 | 000,040,496 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2008/12/13 14:47:38 | 000,032,056 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2008/08/05 21:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/07/27 19:56:34 | 000,392,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008/07/27 19:56:34 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/07/27 19:56:32 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008/04/14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 22:06:08 | 000,084,480 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97via.sys -- (VIAudio) VIA AC'97 Audio Controller (WDM)
DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/20 17:56:28 | 000,017,920 | ---- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2007/11/07 10:18:54 | 000,007,936 | R--- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\inidvd.sys -- (INIDVD)
DRV - [2007/10/19 14:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/10/18 06:28:52 | 000,052,224 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ViPrt.sys -- (ViPrt)
DRV - [2007/10/18 06:28:30 | 000,016,896 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ViBus.sys -- (ViBus)
DRV - [2007/10/11 22:00:42 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/11 21:55:58 | 001,279,000 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2007/10/11 19:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 19:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/09/21 05:49:10 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2007/08/16 10:09:38 | 000,003,604 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Tseries BIOS Update\Award\BS_Flash.sys -- (BS_Flash)
DRV - [2007/07/09 12:01:04 | 000,834,448 | ---- | M] (Authentium, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Css-Dvp.sys -- (CSS DVP)
DRV - [2007/04/11 16:33:14 | 000,028,688 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007/04/11 16:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/04/11 16:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/04/11 16:32:30 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007/01/20 03:11:07 | 000,031,644 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006/12/12 15:25:30 | 000,011,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Spotmau WinCares 2007\FolderProtectDriver.sys -- (FolderProtectDriver)
DRV - [2006/12/11 21:02:24 | 000,016,768 | ---- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys -- (BS_I2cIo)
DRV - [2006/11/02 17:31:20 | 000,003,584 | R--- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\shwMirror.sys -- (shwMirror)
DRV - [2006/01/04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/03/16 02:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)
DRV - [2004/06/26 13:22:00 | 000,006,016 | ---- | M] (RDV Soft) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)
DRV - [2004/06/26 13:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2004/04/10 09:42:36 | 000,002,944 | ---- | M] (cansoft@livewiredev.com) [Kernel | System | Running] -- C:\WINDOWS\system32\mbmiodrvr.sys -- (mbmiodrvr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=667323"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..extensions.enabledItems: avg@igeared:4.002.023.004
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/03/14 11:41:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/03/26 22:11:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/04/04 18:11:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/04/04 18:11:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/04 16:16:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/15 08:52:54 | 000,000,000 | ---D | M]

[2010/04/04 16:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Mozilla\Extensions
[2010/04/14 21:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\paul\Application Data\Mozilla\Firefox\Profiles\wf4fo45m.default\extensions
[2010/04/04 17:31:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\paul\Application Data\Mozilla\Firefox\Profiles\wf4fo45m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/14 21:26:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/07/26 21:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
[2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2008/07/27 21:13:26 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npgcplug.dll
[2008/07/27 21:13:26 | 000,200,704 | ---- | M] (Ancestry.com) -- C:\Program Files\Mozilla Firefox\plugins\npImgCtl.dll
[2008/07/27 21:13:26 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2008/07/27 21:13:26 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[2010/01/24 22:59:22 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/11 16:56:34 | 000,002,191 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2010/01/24 22:59:22 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/24 22:59:22 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/24 22:59:22 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/11/13 05:50:44 | 000,614,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.] #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 ads.active.com
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.] #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 data2.activshopper.com #[Trackware.ActivShopper]
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 127.0.0.1 ads.ad2games.com
O1 - Hosts: 127.0.0.1 content.ad20.net
O1 - Hosts: 16153 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\4.1.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\4.1.0.32\ipsbho.dll (Symantec Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.1.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\4.1.0.32\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [USBDetector] C:\USBStorage\USBDetector.exe (ali)
O4 - HKLM..\Run: [WinVNC] C:\Program Files\UltraVNC\WinVNC.exe (UltraVNC)
O4 - HKCU..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe (ParetoLogic)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe (Uniblue Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\iavlsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\iavlsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\iavlsp.dll ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} [You must be registered and logged in to see this link.] (SolitaireRush Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} [You must be registered and logged in to see this link.] (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} [You must be registered and logged in to see this link.] (H2hPool Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.73.246 68.87.71.230
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2008/07/27 19:45:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/08/09 03:10:22 | 000,001,868 | ---- | M] () - N:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/13 22:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/04/13 22:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2010/04/13 22:05:55 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/04/13 22:05:54 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/13 22:05:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/13 22:05:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/13 21:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\My Documents\Downloads
[2010/04/12 19:18:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Malwarebytes
[2010/04/12 19:18:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/12 19:18:25 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/12 19:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/12 19:18:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/04/12 18:35:03 | 000,362,032 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\symtdi.sys
[2010/04/12 18:35:03 | 000,340,016 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\symtdiv.sys
[2010/04/12 18:35:03 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\symds.sys
[2010/04/12 18:35:03 | 000,172,592 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\symefa.sys
[2010/04/12 18:35:03 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtspx.sys
[2010/04/12 18:35:02 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\cchpx86.sys
[2010/04/12 18:35:02 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtsp.sys
[2010/04/12 18:35:02 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0401000.020\ironx86.sys
[2010/04/12 18:34:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0401000.020
[2010/04/11 21:55:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Tracing
[2010/04/11 21:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Local Settings\Application Data\Adobe
[2010/04/11 20:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Local Settings\Application Data\Temp
[2010/04/05 16:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\SUPERAntiSpyware.com
[2010/04/05 15:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\DriverCure
[2010/04/05 15:37:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Tific
[2010/04/04 18:11:17 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010/04/04 18:11:07 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/04/04 18:11:07 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/04/04 18:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/04/04 18:10:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2010/04/04 18:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/04/04 18:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Suite
[2010/04/04 18:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/04/04 18:10:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/04/04 18:10:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\My Documents\Symantec
[2010/04/04 17:48:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\MyFamily.com
[2010/04/04 17:46:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[2010/04/04 17:46:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/04/04 17:19:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\paul\PrivacIE
[2010/04/04 17:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Local Settings\Application Data\Google
[2010/04/04 17:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Google
[2010/04/04 17:18:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Sun
[2010/04/04 17:05:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\paul\IECompatCache
[2010/04/04 16:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Windows Search
[2010/04/04 16:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Uniblue
[2010/04/04 16:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Local Settings\Application Data\AVG Security Toolbar
[2010/04/04 16:16:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Local Settings\Application Data\Mozilla
[2010/04/04 16:16:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Mozilla
[2010/04/04 16:14:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Adobe
[2010/04/04 16:14:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\HP
[2010/04/04 16:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Local Settings\Application Data\Identities
[2010/04/04 16:13:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Logitech
[2010/04/04 16:13:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Windows Desktop Search
[2010/04/04 16:13:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\paul\My Documents\My Videos
[2010/04/04 16:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Identities
[2010/04/04 16:12:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\paul\My Documents\My Pictures
[2010/04/04 16:12:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\paul\My Documents\My Music
[2010/04/04 16:12:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\paul\IETldCache
[2010/04/04 16:12:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Local Settings\Application Data\Microsoft
[2010/04/04 16:12:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\paul\Application Data\Microsoft
[2010/04/04 16:12:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\paul\SendTo
[2010/04/04 16:12:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\paul\Recent
[2010/04/04 16:12:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\paul\Application Data
[2010/04/04 16:12:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\paul\Start Menu
[2010/04/04 16:12:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\paul\My Documents
[2010/04/04 16:12:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\paul\Favorites
[2010/04/04 16:12:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\paul\Cookies
[2010/04/04 16:12:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\paul\PrintHood
[2010/04/04 16:12:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\paul\NetHood
[2010/04/04 16:12:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\paul\Local Settings
[2010/04/04 16:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Application Data\Macromedia
[2010/04/04 16:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\paul\Desktop
[2010/04/04 16:12:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\paul\Templates
[2010/04/01 00:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/30 23:33:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/03/20 08:37:21 | 000,067,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SYSINFO.OCX
[2010/03/20 08:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Macro Recorder
[2010/03/17 21:48:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010/03/17 21:48:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/03/17 21:48:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2010/03/17 21:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2010/02/12 22:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\freeonlinetvbar
[2009/12/15 13:02:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/15 13:02:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/15 13:02:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/09/30 16:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009/06/17 15:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/06/05 21:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2009/04/01 12:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2009/02/12 04:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2008/07/28 11:36:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2008/07/28 11:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\iolo
[2008/07/26 22:03:02 | 000,857,088 | ---- | C] (SRO Software) -- C:\Program Files\abc-cal.exe
[2008/07/26 21:39:14 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2008/07/26 21:39:14 | 000,062,464 | ---- | C] (Prof Abimbola A. Olowofoyeku (the African Chief)) -- C:\Program Files\bcuninst.exe
[2008/07/26 21:39:14 | 000,015,872 | ---- | C] (SRO Software) -- C:\Program Files\WIPEDATA.exe
[2008/07/26 21:39:14 | 000,014,848 | ---- | C] (SRO Software) -- C:\Program Files\bcregclr.exe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/15 13:33:00 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{83FCA04C-F890-4EBB-9504-0BCE04B3875A}.job
[2010/04/15 13:32:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-2025429265-725345543-1003UA.job
[2010/04/15 12:44:01 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/04/15 12:37:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/15 11:44:01 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/04/15 11:43:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/04/15 10:44:01 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/04/15 09:44:01 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/04/15 09:08:39 | 058,926,845 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/04/15 08:52:55 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/15 08:48:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/15 08:48:15 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/15 08:44:01 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/04/15 07:44:01 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/04/15 06:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/04/15 05:44:01 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/04/15 05:32:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-2025429265-725345543-1003Core.job
[2010/04/15 04:54:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2010/04/15 04:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/04/15 03:44:03 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/04/15 03:21:46 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/04/15 03:21:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/15 03:21:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/15 03:19:50 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\paul\NTUSER.DAT
[2010/04/15 03:19:24 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\paul\ntuser.ini
[2010/04/15 03:19:19 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\paul\Local Settings\Application Data\IconCache.db
[2010/04/15 03:04:17 | 000,675,616 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\Cat.DB
[2010/04/15 03:03:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/15 02:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/04/15 01:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/04/15 00:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/04/14 23:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/04/14 22:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/04/14 22:04:19 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/04/14 21:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/04/14 21:35:56 | 000,000,655 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/14 21:35:56 | 000,000,082 | ---- | M] () -- C:\WINDOWS\MPLAYER.INI
[2010/04/14 20:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/04/14 19:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/04/14 18:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/04/14 18:00:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2010/04/14 17:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/04/14 16:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/04/14 14:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/04/14 13:44:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/04/13 22:05:40 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/13 22:05:40 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/13 22:05:40 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/13 22:05:40 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/04/13 22:05:39 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/04/13 21:39:07 | 000,001,922 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/04/12 20:13:11 | 000,002,028 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Suite.LNK
[2010/04/12 20:00:41 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\DriverCure.job
[2010/04/12 19:18:31 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/09 21:10:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/09 00:15:00 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/04/06 16:27:27 | 004,415,471 | ---- | M] () -- C:\Documents and Settings\paul\Desktop\swiss.pmac
[2010/04/04 18:11:07 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/04/04 18:11:07 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/04/04 18:11:07 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/04/04 18:11:07 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/04/04 17:54:21 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\paul\Desktop\Norton Installation Files.lnk
[2010/04/04 17:29:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\lgfwup.ini
[2010/04/04 16:46:23 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\paul\Ÿ9Ÿ9
[2010/04/04 16:40:43 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\paul\Application Data\setup_ldm.iss
[2010/04/04 16:38:26 | 000,001,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech QuickCam.lnk
[2010/04/04 16:12:27 | 000,017,864 | ---- | M] () -- C:\Documents and Settings\paul\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/31 11:21:22 | 000,002,844 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010/03/30 21:52:42 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\isolate.ini
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/28 19:31:56 | 000,018,546 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\cJAKX65roVxQl
[2010/03/20 08:34:14 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2010/03/20 08:34:14 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2010/03/17 21:48:52 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ParetoLogic DriverCure.lnk
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/13 21:39:07 | 000,001,922 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/04/12 20:11:26 | 000,675,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\Cat.DB
[2010/04/12 19:18:31 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/12 18:35:03 | 000,007,787 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\symnetv.cat
[2010/04/12 18:35:03 | 000,007,444 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\symefa.cat
[2010/04/12 18:35:03 | 000,007,425 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\symds.cat
[2010/04/12 18:35:03 | 000,007,368 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\symnet.cat
[2010/04/12 18:35:03 | 000,003,374 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\symefa.inf
[2010/04/12 18:35:03 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\symds.inf
[2010/04/12 18:35:03 | 000,001,473 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\symnetv.inf
[2010/04/12 18:35:03 | 000,001,445 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\symnet.inf
[2010/04/12 18:35:02 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtspx.cat
[2010/04/12 18:35:02 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtsp.cat
[2010/04/12 18:35:02 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\iron.cat
[2010/04/12 18:35:02 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\cchpx86.cat
[2010/04/12 18:35:02 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\cchpx86.inf
[2010/04/12 18:35:02 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtspx.inf
[2010/04/12 18:35:02 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\srtsp.inf
[2010/04/12 18:35:02 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\iron.inf
[2010/04/12 18:34:37 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0401000.020\isolate.ini
[2010/04/06 16:27:25 | 004,415,471 | ---- | C] () -- C:\Documents and Settings\paul\Desktop\swiss.pmac
[2010/04/04 18:11:07 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/04/04 18:11:07 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/04/04 18:10:56 | 000,002,028 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Suite.LNK
[2010/04/04 17:46:57 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\paul\Desktop\Norton Installation Files.lnk
[2010/04/04 16:46:23 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\paul\Ÿ9Ÿ9
[2010/04/04 16:40:43 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\paul\Application Data\setup_ldm.iss
[2010/04/04 16:38:26 | 000,001,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech QuickCam.lnk
[2010/04/04 16:12:23 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\paul\ntuser.ini
[2010/04/04 16:12:20 | 003,145,728 | -H-- | C] () -- C:\Documents and Settings\paul\NTUSER.DAT
[2010/04/04 16:12:20 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\paul\NTUSER.DAT.LOG
[2010/03/28 18:28:46 | 000,018,546 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\cJAKX65roVxQl
[2010/03/20 08:34:14 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2010/03/20 08:34:14 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2010/03/17 21:49:02 | 000,000,446 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2010/03/17 21:48:56 | 000,000,384 | ---- | C] () -- C:\WINDOWS\tasks\DriverCure.job
[2010/03/17 21:48:55 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2010/03/17 21:48:52 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ParetoLogic DriverCure.lnk
[2010/01/12 14:18:12 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/01/06 22:33:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009/11/15 15:32:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2008/12/11 16:17:29 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2008/10/30 13:35:12 | 000,000,147 | ---- | C] () -- C:\WINDOWS\System32\09wutili.sys
[2008/08/07 22:54:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2008/08/02 23:27:05 | 000,001,683 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/07/28 19:21:42 | 000,002,844 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2008/07/28 19:01:17 | 000,000,082 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2008/07/28 11:37:21 | 000,000,432 | ---- | C] () -- C:\WINDOWS\System32\iolo.ini
[2008/07/28 11:13:44 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\iavlsp.dll
[2008/07/28 11:13:34 | 002,115,496 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll
[2008/07/28 11:12:04 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2008/07/28 09:38:36 | 000,003,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\BS_Flash.sys
[2008/07/28 09:28:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2008/07/28 07:47:44 | 000,000,094 | ---- | C] () -- C:\WINDOWS\System32\system_.ini
[2008/07/26 22:03:02 | 000,298,408 | ---- | C] () -- C:\Program Files\abccal.hlp
[2008/07/26 22:03:02 | 000,001,598 | ---- | C] () -- C:\Program Files\abcreg.txt
[2008/07/26 22:03:02 | 000,000,929 | ---- | C] () -- C:\Program Files\BC2007.DAT
[2008/07/26 22:03:02 | 000,000,848 | ---- | C] () -- C:\Program Files\abccal.cnt
[2008/07/26 21:39:14 | 000,059,477 | ---- | C] () -- C:\Program Files\bkg_sky.jpg
[2008/07/26 21:39:14 | 000,028,768 | ---- | C] () -- C:\Program Files\history.txt
[2008/07/26 21:39:14 | 000,004,201 | ---- | C] () -- C:\Program Files\holidays.bch
[2008/07/26 21:39:14 | 000,002,885 | ---- | C] () -- C:\Program Files\UNINSTAL.LOG
[2008/07/26 21:39:14 | 000,000,855 | ---- | C] () -- C:\Program Files\BCBack.z
[2008/07/26 21:39:14 | 000,000,828 | ---- | C] () -- C:\Program Files\BCBack.z.2
[2008/07/26 21:39:14 | 000,000,828 | ---- | C] () -- C:\Program Files\BCBack.z.1
[2008/07/26 21:39:14 | 000,000,246 | ---- | C] () -- C:\Program Files\bc_spkr.gif
[2008/07/26 21:39:14 | 000,000,194 | ---- | C] () -- C:\Program Files\bc_sched.gif
[2008/07/26 21:39:14 | 000,000,135 | ---- | C] () -- C:\Program Files\bc_nf-g.gif
[2008/07/26 21:39:14 | 000,000,133 | ---- | C] () -- C:\Program Files\bc_nb-g.gif
[2008/07/26 21:39:14 | 000,000,127 | ---- | C] () -- C:\Program Files\bc_nf.gif
[2008/07/26 21:39:14 | 000,000,085 | ---- | C] () -- C:\Program Files\bc_spac.gif
[2008/07/26 21:39:14 | 000,000,082 | ---- | C] () -- C:\Program Files\BuyNow.html
[2008/07/26 21:39:13 | 000,001,317 | ---- | C] () -- C:\Program Files\BC2008.DAT
[2008/07/26 21:39:13 | 000,000,188 | ---- | C] () -- C:\Program Files\bc_back.gif
[2008/07/26 21:39:13 | 000,000,155 | ---- | C] () -- C:\Program Files\bc_mf.gif
[2008/07/26 21:39:13 | 000,000,152 | ---- | C] () -- C:\Program Files\bc_mb.gif
[2008/07/26 21:39:13 | 000,000,132 | ---- | C] () -- C:\Program Files\bc_nb.gif
[2007/10/12 01:11:58 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/10/11 19:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:350B3912
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FC420CE6
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E29ACA54
< End of report >

cbitterli
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-04-14
OS OS : XP
Points Points : 24373
# Likes # Likes : 0

View user profile

Back to top Go down

Re: JS/generic

Post by cbitterli on 15th April 2010, 5:41 pm

OTL Extras logfile created on: 4/15/2010 1:29:06 PM - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\paul\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 189.92 Gb Total Space | 164.55 Gb Free Space | 86.64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7.43 Gb Total Space | 5.93 Gb Free Space | 79.80% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive N: | 18.68 Gb Total Space | 5.68 Gb Free Space | 30.42% Space Free | Partition Type: NTFS

Computer Name: CVB
Current User Name: paul
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [exe] -- "C:\Program Files\Mozilla Firefox\firefox.exe" %1 (Mozilla Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Documents and Settings\Charles\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\Charles\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\Charles\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Charles\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Documents and Settings\Charles\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Charles\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}" = ParetoLogic DriverCure
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B34EC3-6C3E-4A19-A2C5-7ADA7EB20C31}_is1" = Perfect Macro Recorder 2.00
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25771101-7948-4591-ABF3-B1ECE7A7F45F}" = HP Update
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{32A3A4F4-B792-11D6-A78A-00B0D0160190}" = Java(TM) SE Development Kit 6 Update 19
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34DAFDEC-A4B4-488A-A5CD-C91975A6F083}" = MediaRing Talk
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B755EF7-F860-4F72-9A2D-5216CB48BA7C}" = ArcSoft PhotoStudio 5.5
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis True Image Home
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}" = Paragon Drive Backup™ 9 Professional
"{4994A86B-FA4E-4909-A9D2-9D0A8B93C6C3}" = World Archives Project Keying Tool Install and Uninstall
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{55141BD4-2115-4B14-8047-D809194E30BA}" = MozyHome Remote Backup
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}" = Driver Detective
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8AD990E-355A-4413-8647-A9B168978423}_is1" = UltraVNC v1.0.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BBF6D0CD-A081-369F-B0B8-F168594CBB6B}" = Google Talk Plugin
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}" = QuickTime
"{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}" = Authentium AntiVirus SDK - 2
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}" = WinZip 14.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DBAC1413-D5AE-4c89-AE9A-B330B02DBAB0}" = eVoice Player 1.0
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6C84ED7-9CAC-423b-9E00-C9BFAFBD0593}_is1" = RadioGet 1.3.8
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"A Better Calendar for Windows" = A Better Calendar for Windows
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Almeza MultiSet Professional 6.7_is1" = Almeza MultiSet Professional 6.7
"AnVir Task Manager" = AnVir Task Manager
"AutoHotkey" = AutoHotkey 1.0.48.00
"AVG9Uninstall" = AVG Free 9.0
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"Chrome9HC" = VIA Chrome9 HC IGP Family Display
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Easy Macro Recorder_is1" = Easy Macro Recorder 3.81
"EVEREST Ultimate + Corporate Edition_is1" = EVEREST Ultimate v4.20.1241 + Corporate Edition + Debug Beta Re
"Find and Run Robot_is1" = Find+Run Robot 2.45.01
"Foxit Reader" = Foxit Reader
"Genealogica Grafica_is1" = Genealogica Grafica
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Graboid Video" = Graboid Video 1.65
"HijackThis" = HijackThis 2.0.2
"HPOCR" = OCR Software by I.R.I.S. 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InfraRecorder" = InfraRecorder
"IrfanView" = IrfanView (remove only)
"itsourtree.com - Home Edition_is1" = itsourtree.com - Home Edition 1.01
"Learn_to_Play_Bridge" = Learn to Play Bridge
"Learn_to_Play_Bridge_2" = Learn to Play Bridge 2
"Legacy 7.4" = Legacy 7.4
"LegacyChart7_is1" = Legacy Charting 7.0
"LG USB Booster_is1" = Booster 1.03
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Motherboard Monitor 5_is1" = Motherboard Monitor 5
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"N360" = Norton Security Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"PowerArchiver_is1" = PowerArchiver 2006 v9.63
"PowerISO" = PowerISO
"Recuva" = Recuva (remove only)
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"Software Informer_is1" = Software Informer 1.0 BETA
"Spotmau WinCares 2007_is1" = Spotmau WinCare 2007
"STMediaSuite" = SoundTaxi Media Suite 3.9.1
"SumatraPDF" = Sumatra PDF reader
"System Explorer_is1" = System Explorer 2.0.7
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Totalcmd" = Total Commander (Remove or Repair)
"VIA Chrome9 HC IGP Family Display" = VIA Display Driver 6.14.10.0099
"VLC media player" = VideoLAN VLC media player 0.8.6d
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinUtilities" = WinUtilities 6.2
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 5.1.1
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/5/2010 2:58:34 PM | Computer Name = CVB | Source = Windows Search Service | ID = 3013
Description = The entry DVD SUITE\POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 4/5/2010 2:58:34 PM | Computer Name = CVB | Source = Windows Search Service | ID = 3013
Description = The entry DVD SUITE\POWERDVD\READ ME.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 4/5/2010 2:58:34 PM | Computer Name = CVB | Source = Windows Search Service | ID = 3013
Description = The entry DVD SUITE\POWERDVD\READ ME.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)

Error - 4/5/2010 2:58:34 PM | Computer Name = CVB | Source = Windows Search Service | ID = 3013
Description = The entry DVD SUITE\POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 4/5/2010 2:58:34 PM | Computer Name = CVB | Source = Windows Search Service | ID = 3013
Description = The entry DVD SUITE\POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 4/5/2010 2:58:35 PM | Computer Name = CVB | Source = Windows Search Service | ID = 3013
Description = The entry DVD SUITE\POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 4/5/2010 2:58:35 PM | Computer Name = CVB | Source = Windows Search Service | ID = 3013
Description = The entry DVD SUITE\POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 4/5/2010 2:58:35 PM | Computer Name = CVB | Source = Windows Search Service | ID = 3013
Description = The entry DVD SUITE\POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 4/5/2010 2:58:35 PM | Computer Name = CVB | Source = Windows Search Service | ID = 3013
Description = The entry DVD SUITE\POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)

Error - 4/10/2010 9:19:05 AM | Computer Name = CVB | Source = Application Error | ID = 1000
Description = Faulting application hpqtra08.exe, version 110.0.180.0, faulting module
hpqusg.dll, version 100.0.170.0, fault address 0x00026418.

[ System Events ]
Error - 4/12/2010 8:14:35 PM | Computer Name = CVB | Source = Service Control Manager | ID = 7022
Description = The dvpapi service hung on starting.

Error - 4/12/2010 8:14:35 PM | Computer Name = CVB | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/12/2010 8:14:35 PM | Computer Name = CVB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCIIde ViaIde xfilt

Error - 4/12/2010 10:28:37 PM | Computer Name = CVB | Source = Service Control Manager | ID = 7022
Description = The dvpapi service hung on starting.

Error - 4/12/2010 10:28:38 PM | Computer Name = CVB | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/12/2010 10:28:38 PM | Computer Name = CVB | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
PCIIde ViaIde xfilt

Error - 4/12/2010 10:34:51 PM | Computer Name = CVB | Source = Service Control Manager | ID = 7022
Description = The dvpapi service hung on starting.

Error - 4/12/2010 10:34:51 PM | Computer Name = CVB | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/15/2010 3:23:51 AM | Computer Name = CVB | Source = Service Control Manager | ID = 7022
Description = The dvpapi service hung on starting.

Error - 4/15/2010 3:23:51 AM | Computer Name = CVB | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.


< End of report >

cbitterli
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-04-14
OS OS : XP
Points Points : 24373
# Likes # Likes : 0

View user profile

Back to top Go down

Re: JS/generic

Post by Belahzur on 15th April 2010, 7:49 pm

....Oh no. Sad tearing


  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: JS/generic

Post by cbitterli on 16th April 2010, 2:17 am

ComboFix 10-04-14.04 - paul 04/15/2010 16:44:53.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2942.1762 [GMT -4:00]
Running from: c:\documents and settings\paul\My Documents\Downloads\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton Security Suite *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\driver
c:\windows\system32\azip32.dll
c:\windows\system32\VB6KO.DLL
c:\windows\Tasks\At1.job
c:\windows\Tasks\At10.job
c:\windows\Tasks\At11.job
c:\windows\Tasks\At12.job
c:\windows\Tasks\At13.job
c:\windows\Tasks\At14.job
c:\windows\Tasks\At15.job
c:\windows\Tasks\At16.job
c:\windows\Tasks\At17.job
c:\windows\Tasks\At18.job
c:\windows\Tasks\At19.job
c:\windows\Tasks\At2.job
c:\windows\Tasks\At20.job
c:\windows\Tasks\At21.job
c:\windows\Tasks\At22.job
c:\windows\Tasks\At23.job
c:\windows\Tasks\At24.job
c:\windows\Tasks\At3.job
c:\windows\Tasks\At4.job
c:\windows\Tasks\At5.job
c:\windows\Tasks\At6.job
c:\windows\Tasks\At7.job
c:\windows\Tasks\At8.job
c:\windows\Tasks\At9.job
N:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-03-15 to 2010-04-15 )))))))))))))))))))))))))))))))
.

2010-04-15 16:39 . 2010-04-04 05:00 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\NAVENG.SYS
2010-04-15 16:39 . 2010-04-04 05:00 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\EECTRL.SYS
2010-04-15 16:39 . 2010-04-04 05:00 2747440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\CCERASER.DLL
2010-04-15 16:39 . 2010-04-04 05:00 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\ECMSVR32.DLL
2010-04-15 16:39 . 2010-04-04 05:00 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\NAVENG32.DLL
2010-04-15 16:39 . 2010-04-04 05:00 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\NAVEX32A.DLL
2010-04-15 16:39 . 2010-04-04 05:00 1324720 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\NAVEX15.SYS
2010-04-15 16:39 . 2010-04-04 05:00 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100415.003\ERASER.SYS
2010-04-14 02:06 . 2010-04-14 02:06 -------- d-----w- c:\program files\Sun
2010-04-12 23:18 . 2010-04-12 23:18 -------- d-----w- c:\documents and settings\paul\Application Data\Malwarebytes
2010-04-12 23:18 . 2010-03-30 04:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-12 23:18 . 2010-04-12 23:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-12 23:18 . 2010-04-12 23:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-12 23:18 . 2010-03-30 04:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-12 19:33 . 2009-11-17 00:51 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100409.001\Scxpx86.dll
2010-04-12 19:33 . 2009-11-17 00:51 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100409.001\IDSxpx86.dll
2010-04-12 19:33 . 2009-11-17 00:51 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100409.001\IDSvix86.sys
2010-04-12 19:33 . 2009-11-17 00:51 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100409.001\IDSviA64.sys
2010-04-12 19:33 . 2009-11-17 00:51 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100409.001\IDSXpx86.sys
2010-04-12 01:55 . 2010-04-15 12:49 -------- d-----w- c:\documents and settings\paul\Tracing
2010-04-12 01:10 . 2010-04-12 01:12 -------- d-----w- c:\documents and settings\paul\Local Settings\Application Data\Adobe
2010-04-12 00:37 . 2010-04-12 00:39 -------- d-----w- c:\documents and settings\paul\Local Settings\Application Data\Temp
2010-04-09 12:35 . 2010-04-09 12:35 4255072 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll
2010-04-05 21:28 . 2009-11-17 00:51 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100402.001\Scxpx86.dll
2010-04-05 21:28 . 2009-11-17 00:51 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100402.001\IDSxpx86.dll
2010-04-05 21:28 . 2009-11-17 00:51 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100402.001\IDSviA64.sys
2010-04-05 21:28 . 2009-11-17 00:51 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100402.001\IDSvix86.sys
2010-04-05 21:28 . 2009-11-17 00:51 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100402.001\IDSXpx86.sys
2010-04-05 20:01 . 2010-04-05 20:01 52224 ----a-w- c:\documents and settings\paul\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-05 20:01 . 2010-04-05 20:01 117760 ----a-w- c:\documents and settings\paul\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-05 20:00 . 2010-04-05 20:00 -------- d-----w- c:\documents and settings\paul\Application Data\SUPERAntiSpyware.com
2010-04-05 19:53 . 2010-04-05 20:47 -------- d-----w- c:\documents and settings\paul\Application Data\DriverCure
2010-04-05 19:37 . 2010-04-05 19:37 -------- d-----w- c:\documents and settings\paul\Application Data\Tific
2010-04-04 22:11 . 2010-03-25 23:29 786800 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
2010-04-04 22:11 . 2009-11-17 00:51 164216 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
2010-04-04 22:11 . 2009-05-18 22:17 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-04-04 22:11 . 2008-04-17 21:12 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-04-04 22:11 . 2010-04-04 22:11 -------- d-----w- c:\program files\Symantec
2010-04-04 22:11 . 2010-04-04 22:11 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-04-04 22:11 . 2010-04-04 22:11 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-04-04 22:10 . 2009-11-17 00:51 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\BinHub\scxpx86.dll
2010-04-04 21:19 . 2010-04-04 21:19 -------- d-sh--w- c:\documents and settings\paul\PrivacIE
2010-04-04 21:18 . 2010-04-04 21:49 -------- d-----w- c:\documents and settings\paul\Local Settings\Application Data\Google
2010-04-04 21:05 . 2010-04-04 21:05 -------- d-sh--w- c:\documents and settings\paul\IECompatCache
2010-04-04 20:47 . 2010-04-04 20:47 -------- d-----w- c:\documents and settings\paul\Application Data\Windows Search
2010-04-04 20:25 . 2010-04-04 20:25 -------- d-----w- c:\documents and settings\paul\Application Data\Uniblue
2010-04-04 20:17 . 2010-04-04 20:17 -------- d-----w- c:\documents and settings\paul\Local Settings\Application Data\AVG Security Toolbar
2010-04-04 20:16 . 2010-04-04 20:16 -------- d-----w- c:\documents and settings\paul\Local Settings\Application Data\Mozilla
2010-04-04 20:14 . 2010-04-04 20:14 -------- d-----w- c:\documents and settings\paul\Application Data\HP
2010-04-04 20:13 . 2010-04-04 20:13 -------- d-----w- c:\documents and settings\paul\Local Settings\Application Data\Identities
2010-04-04 20:13 . 2010-04-04 20:13 -------- d-----w- c:\documents and settings\paul\Application Data\Logitech
2010-04-04 20:13 . 2010-04-04 20:13 -------- d-----w- c:\documents and settings\paul\Application Data\Windows Desktop Search
2010-04-01 13:39 . 2010-04-01 13:39 4076824 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgui.exe
2010-04-01 13:39 . 2010-04-01 13:39 598296 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgsrmx.dll
2010-04-01 13:39 . 2010-04-01 13:39 556824 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgchjwx.dll
2010-04-01 13:39 . 2010-04-01 13:39 459544 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcclix.dll
2010-04-01 13:39 . 2010-04-01 13:39 313112 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avglogx.dll
2010-04-01 13:39 . 2010-04-01 13:39 2059544 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtray.exe
2010-04-01 13:39 . 2010-04-01 13:39 1598744 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgssie.dll
2010-04-01 13:39 . 2010-04-01 13:39 1515224 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgwd.dll
2010-04-01 13:39 . 2010-04-01 13:39 1274136 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2010-04-01 13:39 . 2010-04-01 13:39 1086744 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgchsvx.exe
2010-04-01 13:39 . 2010-04-01 13:39 301336 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgchclx.dll
2010-04-01 13:38 . 2010-04-01 13:38 1685784 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll
2010-04-01 13:38 . 2010-04-01 13:38 1035032 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe
2010-03-31 03:33 . 2010-03-31 03:33 -------- d--h--w- c:\windows\PIF
2010-03-28 23:35 . 2010-03-28 23:35 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-24 20:38 . 2010-03-24 20:38 536112 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100324.001\BHDrvx86.sys
2010-03-24 20:38 . 2010-03-24 20:38 201616 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100324.001\BHRules.dll
2010-03-24 20:38 . 2010-03-24 20:38 1407888 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100324.001\BHEngine.dll
2010-03-24 20:38 . 2010-03-24 20:38 678960 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100324.001\BHDrvx64.sys
2010-03-24 20:38 . 2010-03-24 20:38 611216 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100324.001\bbRGen.dll
2010-03-24 08:04 . 2010-03-24 18:17 952768 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\7651\AdobeARM.exe
2010-03-24 08:04 . 2010-03-24 18:17 70584 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\7651\AdobeExtractFiles.dll
2010-03-24 08:04 . 2010-03-24 18:17 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\7651\ReaderUpdater.exe
2010-03-24 08:04 . 2010-03-24 18:17 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\7651\AcrobatUpdater.exe
2010-03-20 12:37 . 2010-03-20 12:37 -------- d-----w- c:\program files\Easy Macro Recorder
2010-03-19 02:33 . 2010-03-19 02:33 -------- d-----w- c:\documents and settings\Charles\Application Data\Apple Computer
2010-03-18 04:33 . 2010-03-18 04:33 125952 ----a-w- c:\documents and settings\All Users\Application Data\ParetoLogic\UUS2\Temp\Update.exe
2010-03-18 01:49 . 2010-03-18 01:52 -------- d-----w- c:\documents and settings\Charles\Application Data\DriverCure
2010-03-18 01:48 . 2010-03-18 01:48 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure
2010-03-18 01:48 . 2010-03-18 01:48 -------- d-----w- c:\program files\Common Files\ParetoLogic
2010-03-18 01:48 . 2010-03-18 01:48 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2010-03-18 01:48 . 2010-03-18 01:48 -------- d-----w- c:\program files\ParetoLogic

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-15 07:22 . 2009-02-04 03:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-04-14 02:06 . 2008-07-27 01:45 -------- d-----w- c:\program files\Common Files\Java
2010-04-14 02:05 . 2008-11-24 21:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-14 02:05 . 2008-07-27 01:49 -------- d-----w- c:\program files\Java
2010-04-12 20:44 . 2010-04-04 22:10 1122672 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\OCS\hsplayer.dll
2010-04-06 07:23 . 2008-07-28 15:35 -------- d-----w- c:\program files\UltraVNC
2010-04-04 22:11 . 2010-04-04 22:11 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-04-04 22:11 . 2010-04-04 22:11 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-04-04 22:11 . 2008-07-27 01:41 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-04 22:10 . 2010-04-04 22:10 -------- d-----w- c:\program files\Norton Security Suite
2010-04-04 22:10 . 2010-04-04 22:10 -------- d-----w- c:\program files\Windows Sidebar
2010-04-04 22:10 . 2010-04-04 21:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-04-04 22:10 . 2010-04-04 22:10 -------- d-----w- c:\program files\NortonInstaller
2010-04-04 22:10 . 2010-04-04 22:10 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-04-04 21:48 . 2010-04-04 21:48 -------- d-----w- c:\documents and settings\paul\Application Data\MyFamily.com
2010-04-04 21:29 . 2008-07-27 01:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-04 20:12 . 2010-04-04 20:12 17864 ----a-w- c:\documents and settings\paul\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-04 01:52 . 2008-10-28 19:20 1 ----a-w- c:\documents and settings\Charles\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-31 01:54 . 2008-07-28 23:00 -------- d-----w- c:\program files\Family Tree Maker 16
2010-03-30 01:58 . 2009-12-15 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-03-24 07:02 . 2010-04-04 22:10 897784 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CLT\cltLMSx.dll
2010-03-20 12:37 . 2009-10-15 17:34 -------- d-----w- c:\documents and settings\Charles\Application Data\Easy Macro Recorder
2010-03-20 12:34 . 2008-07-28 15:32 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2010-03-14 13:57 . 2009-12-15 17:07 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-14 13:57 . 2010-03-14 13:57 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-14 13:57 . 2009-12-15 17:06 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-14 13:56 . 2009-12-15 17:06 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-10 06:15 . 2001-08-23 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:24 . 2001-08-23 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2001-08-23 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 03:14 . 2010-02-23 03:14 17632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\WSCUpdate.dll
2010-02-23 03:13 . 2010-02-23 03:13 68640 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\64\lbd.sys
2010-02-23 03:13 . 2010-02-23 03:13 303976 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\64\AAWDriverTool.exe
2010-02-23 03:13 . 2010-02-23 03:13 85352 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\AAWDriverTool.exe
2010-02-23 03:13 . 2010-02-23 03:13 64160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2010-02-23 03:13 . 2010-02-18 03:04 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-02-23 03:13 . 2010-02-23 03:13 640760 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2010-02-21 12:54 . 2009-11-27 18:16 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
2010-02-18 03:03 . 2010-02-18 03:03 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2010-02-18 03:03 . 2008-08-01 01:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-02-18 03:03 . 2008-07-27 01:51 -------- d-----w- c:\program files\Lavasoft
2010-02-16 14:08 . 2001-08-23 12:00 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2001-08-17 13:48 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2001-08-23 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2001-08-23 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-05 15:39 . 2010-02-05 15:39 251376 ----a-w- c:\documents and settings\Charles\Application Data\Mozilla\plugins\npgoogletalk.dll
2008-07-28 01:16 . 2008-07-27 01:39 15872 ----a-w- c:\program files\WIPEDATA.exe
2008-07-28 01:16 . 2008-07-27 01:39 2885 ----a-w- c:\program files\UNINSTAL.LOG
2008-07-28 01:14 . 2008-07-27 01:39 774144 ----a-w- c:\program files\RngInterstitial.dll
2008-07-28 01:11 . 2008-07-27 01:39 4201 ----a-w- c:\program files\holidays.bch
2008-07-28 01:11 . 2008-07-27 01:39 28768 ----a-w- c:\program files\history.txt
2008-07-28 01:07 . 2008-07-27 02:03 857088 ----a-w- c:\program files\abc-cal.exe
2008-07-28 01:07 . 2008-07-27 02:03 848 ----a-w- c:\program files\abccal.cnt
2008-07-28 01:07 . 2008-07-27 02:03 298408 ----a-w- c:\program files\abccal.hlp
2008-07-28 01:07 . 2008-07-27 02:03 1598 ----a-w- c:\program files\abcreg.txt
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect0]
@="{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E}"
[HKEY_CLASSES_ROOT\CLSID\{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E}]
2006-12-22 20:30 57344 ----a-w- c:\program files\Spotmau WinCares 2007\FolderProtectShellExtension.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect1]
@="{8A814C29-D3CD-4F9E-9770-DF8704503ACA}"
[HKEY_CLASSES_ROOT\CLSID\{8A814C29-D3CD-4F9E-9770-DF8704503ACA}]
2006-12-22 20:30 57344 ----a-w- c:\program files\Spotmau WinCares 2007\FolderProtectShellExtension.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy2]
@="{747E722C-CB46-4a9d-BDFE-192AAD5099B1}"
[HKEY_CLASSES_ROOT\CLSID\{747E722C-CB46-4a9d-BDFE-192AAD5099B1}]
2009-06-24 19:03 2835256 ----a-w- c:\program files\MozyHome\mozyshell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy3]
@="{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}"
[HKEY_CLASSES_ROOT\CLSID\{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}]
2009-06-24 19:03 2835256 ----a-w- c:\program files\MozyHome\mozyshell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue RegistryBooster 2"="c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2008-07-23 1927448]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-28 68856]
"DriverCure"="c:\program files\ParetoLogic\DriverCure\DriverCure.exe" [2009-08-07 3993368]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-02-16 1169776]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-02-16 1945960]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-02-16 149024]
"S3Trayp"="S3trayp.exe" [2008-07-08 204800]
"WinVNC"="c:\program files\UltraVNC\WinVNC.exe" [2006-06-18 712704]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-01-20 200704]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 17508864]
"USBDetector"="c:\usbstorage\USBDetector.exe" [2003-04-01 53248]
"CarboniteSetupLite"="c:\program files\Carbonite\CarbonitePreinstaller.exe" [2009-07-31 283792]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-15 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-09 52256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-02 524632]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-07-28 2178832]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-07-28 563984]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

c:\documents and settings\Charles\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-3-6 692224]
MozyHome Status.lnk - c:\program files\MozyHome\mozystat.exe [2009-6-24 2876216]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-2-4 495432]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-14 13:57 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Charles\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Charles\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Charles\\Application Data\\mjusbsp\\magicJack.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675

R0 hotcore3;Hotcore helper;c:\windows\system32\drivers\hotcore3.sys [7/29/2009 2:19 PM 40496]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2/17/2010 11:04 PM 64160]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0401000.020\symds.sys [4/12/2010 6:35 PM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0401000.020\symefa.sys [4/12/2010 6:35 PM 172592]
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [7/31/2008 5:00 PM 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [7/31/2008 5:00 PM 52224]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/15/2009 1:06 PM 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12/15/2009 1:07 PM 242696]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100324.001\BHDrvx86.sys [3/24/2010 4:38 PM 536112]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [7/28/2008 7:25 PM 13696]
R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [7/28/2008 9:38 AM 16768]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0401000.020\cchpx86.sys [4/12/2010 6:35 PM 501888]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [11/23/2009 9:43 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [11/23/2009 9:43 AM 66632]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0401000.020\ironx86.sys [4/12/2010 6:35 PM 116784]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [3/14/2010 9:56 AM 916760]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3/14/2010 9:57 AM 308064]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 5:34 PM 1029456]
R2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\4.1.0.32\ccsvchst.exe [4/12/2010 6:34 PM 126392]
R2 S3LoadSv;S3LoadSv;c:\windows\system32\s3loadsv.exe [1/20/2009 4:22 PM 69632]
R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [7/28/2008 11:35 AM 6016]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [4/4/2010 9:57 PM 102448]
R3 FolderProtectDriver;FolderProtectDriver;c:\program files\Spotmau WinCares 2007\FolderProtectDriver.sys [7/28/2008 7:40 AM 11264]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100409.001\IDSXpx86.sys [4/12/2010 3:33 PM 329592]
S2 FolderProtectService;FolderProtectService;c:\program files\Spotmau WinCares 2007\FolderProtectService.exe [7/28/2008 7:40 AM 16384]
S2 gupdate1c98677c2313608;Google Update Service (gupdate1c98677c2313608);c:\program files\Google\Update\GoogleUpdate.exe [2/3/2009 11:22 PM 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3/7/2009 5:53 PM 1684736]
S3 BS_Flash;BS_Flash;c:\program files\Tseries BIOS Update\Award\BS_Flash.sys [7/28/2008 9:38 AM 3604]
S3 GPU-Z;GPU-Z;\??\c:\docume~1\Charles\LOCALS~1\Temp\GPU-Z.sys --> c:\docume~1\Charles\LOCALS~1\Temp\GPU-Z.sys [?]
S3 INIDVD;Initio USB DVD Filter Driver;c:\windows\system32\drivers\inidvd.sys [11/15/2009 3:34 PM 7936]
S3 RGService;RGService;c:\program files\RadioGet\RGService.exe [10/1/2009 11:02 PM 335872]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [11/23/2009 9:43 AM 12872]
S3 shwMirror;shwMirror;c:\windows\system32\drivers\shwMirror.sys [1/31/2009 10:39 PM 3584]
S3 STSService;STSService;c:\program files\SoundTaxi Media Suite\STSService.exe [9/29/2009 6:41 AM 335872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 08:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder

2010-04-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-02 23:35]

2010-04-15 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 03:04]

2010-04-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-04-13 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-08-07 19:36]

2010-04-15 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-27 15:21]

2010-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 03:22]

2010-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 03:22]

2010-04-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-2025429265-725345543-1003Core.job
- c:\documents and settings\Charles\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-01 02:48]

2010-04-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-2025429265-725345543-1003UA.job
- c:\documents and settings\Charles\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-01 02:48]

2010-04-14 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]

2010-04-15 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]

2010-04-15 c:\windows\Tasks\User_Feed_Synchronization-{83FCA04C-F890-4EBB-9504-0BCE04B3875A}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
LSP: c:\windows\system32\iavlsp.dll
TCP: {108593F4-B93D-4CFF-BBB7-BA69FD67837F} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\paul\Application Data\Mozilla\Firefox\Profiles\wf4fo45m.default\
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npImgCtl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCE08D86A-A41A-410A-943C-13BABB7DC474", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA9EDC9ED-603A-4F3F-BBEA-59C8853A3236", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID90D10942-D952-4863-9DD6-A2BDBBAD456E", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0ECEE744-7B69-4912-AB91-AE76D61ECB04", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF25635B2-1AB9-47B5-88D1-8877B22C86DE", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID27B7F812-4159-45B9-A389-B7A118A58DE4", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF849DF29-393B-4F8B-99D1-117A70D66FC7", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBF1E9C3D-637C-4171-BD12-28A7360B879A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDDE1C0601-7947-4D7F-A6E5-E68BF6BA1E37", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EA0DCCE-4D98-4876-9C6A-E5C563D0820A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID446462BA-2AAD-4C88-BC63-5210E2F31465", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0862E368-A40E-4E55-83EB-FBC5571BABA4", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDD2A96E3C-FFB3-4D38-9AC3-B127527BEA35", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4B05B39A-9DDC-4650-A7F8-D5B134E5FFE5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC8E2574A-7BCE-4B93-A22E-61831DFD6DB8", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID659796C0-8B5D-48D7-A4EB-7E6874E26274", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID78071AB5-E729-414E-8D02-9C1D034F82E7", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDCC3F71E1-17F3-4C5B-997D-44CA56943197", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE67D5C78-B2D4-4BA0-8D69-1C7AF4BB08B5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFC5F3D7A-D321-412C-8A5D-9AD0C8041941", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6EC5CD16-81BC-4515-9EDD-9265C906F56E", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID67CFB2C5-E491-4395-977B-CD45E4124655", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID73600569-52E6-4760-8BAB-B68202937D98", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB02EBD42-6885-401A-9389-E089F7DDC872", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDBAE5CB8C-4075-4743-B2E4-78DA8D8CDC64", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID28B07B04-DA99-4FD3-BF27-4972F2B8142B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D53448F-D12B-4102-8CE2-697DAE8D6643", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE3266A47-A141-47B8-AAA8-5F16FB4F8CCD", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB33AB7AF-76D7-4B1C-B709-5D6BF9E7B1C7", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID153B7451-0BB5-4B37-95C0-44D89E2F1F2B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID3BBE8E21-0D3D-4BAA-AC6F-C7BCEF750849", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9B5B4F2D-A7D9-4329-B0FE-92B301A8CAAD", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA5C42921-8CD0-4924-97C3-01B5B0610BC6", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID06969252-F90F-4CF2-9074-33772EB64859", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFBF37655-1236-4C0D-96C5-F94E1724841B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDC1A3F035-B68F-4B2B-9FD5-E36DAAAF26DD", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID368F3685-543E-4812-9FDE-96E097E453FC", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID43969873-56AA-4113-84CB-4AB2AEB9AA31", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDA205DD80-63D4-4E41-B785-26EC3D90B97B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID068D43E7-7551-4A2F-AE96-4A38A9AD1953", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF443E9CB-9EEC-456E-8AE7-F3102D5CD47D", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDE36A7B16-645D-4261-BFF8-3A7E69C5F7A5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID379805E3-E0E2-40DC-B51B-6DC1AE5802AA", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDF6240D69-A06D-44A1-8003-8496CCEF2C53", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID26C3113D-5A71-4F1B-A2CB-BE59E1279DDA", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID92B97F2B-7565-4CE9-9AC7-0598DFD731F8", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID2AA5E7CF-9696-42F0-B76A-8655296EADF2", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0AAACE0B-ACEF-4781-83F4-BFB52EEC995A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID0D56FF58-A39D-4E8C-A40B-2E3711251772", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID946121C2-11F1-49DD-A7E3-CF793DE827A4", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDB853303D-1BAB-43F3-9D7D-101D0DA8E7A5", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID9E578247-FE29-4F8C-8202-A24A5688CF2A", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID6D065A8F-FFC0-4A0F-B863-1D724B8C786B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4451D291-6940-42CE-9D3C-CA1D4C96549C", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID064B722D-079D-4EBB-B3CF-9FCBF64FFF5D", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID38F8AB0F-5DFB-43D9-889E-8717CC4AB59B", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID4EC68CD1-0EF1-4CB9-9EF1-3D64AB266149", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CID44F96B27-CFAD-41E1-83A1-6B28040C3BDE", "AllAccess");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-HijackThis - c:\documents and settings\paul\My Documents\Downloads\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-04-15 16:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\INIDVD]
"ImagePath"=multi:"system32\DRIVERS\inidvd.sys\00"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\4.1.0.32\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\4.1.0.32\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\INIDVD]
"ImagePath"=multi:"system32\DRIVERS\inidvd.sys\00"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b8,eb,c1,57,e9,41,2b,4c,b1,47,95,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b8,eb,c1,57,e9,41,2b,4c,b1,47,95,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(928)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'lsass.exe'(992)
c:\windows\system32\relog_ap.dll
c:\windows\system32\iavlsp.dll
.
Completion time: 2010-04-15 16:53:04
ComboFix-quarantined-files.txt 2010-04-15 20:53

Pre-Run: 176,570,015,744 bytes free
Post-Run: 176,555,646,976 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 82CC570B429EB647539F0DE0C97AEECD

cbitterli
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-04-14
OS OS : XP
Points Points : 24373
# Likes # Likes : 0

View user profile

Back to top Go down

Re: JS/generic

Post by Belahzur on 16th April 2010, 8:21 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: JS/generic

Post by cbitterli on 21st April 2010, 1:53 am

It seems as though the problem has been resolved.
I may have another problem.
As a single user, my ID appears to be corrupted. When I attempt to execute an application I
receive the following message:
This file does not have a program association with it for performing the action. Create an
association in the folder option control panel
I do not know how to do that. It does not recognize EXE files
I did create a second user ID and am able to execute all the programs that I want to use.

cbitterli
Novice
Novice

Posts Posts : 5
Joined Joined : 2010-04-14
OS OS : XP
Points Points : 24373
# Likes # Likes : 0

View user profile

Back to top Go down

Re: JS/generic

Post by Belahzur on 21st April 2010, 3:54 pm

Please download exeHelper from one of the two links.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

  • Double-click on exeHelper.com or exeHelper.scr to run the fix.
  • A black window should pop up, press any key to close once the fix is completed.
  • Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum