My PC continuously restarts

View previous topic View next topic Go down

My PC continuously restarts

Post by parinker on Mon 23 Aug 2010, 2:13 am

i have an older pc with one of the first versions of windows xp. It continuously reboots. Someone else in my family has been using it and the anti virus protection has lapsed and not sure for how long so this could be almost anything causing it. You did an incredible job helping me with my lap top hoping you can resolve this issue.

parinker

Newbie Surfer
Newbie Surfer

Posts : 29
Joined : 2010-08-10
Operating System : windows 7

View user profile

Back to top Go down

Re: My PC continuously restarts

Post by Sneakyone on Mon 23 Aug 2010, 12:42 pm

Hi, Welcome to GeekPolice.net!

Could you please go into Safe Mode with Networking and run this:

To get into Safe Mode with Networking please restart your computer and rapidly tap F8 until it asks what mode you want to boot into, please choose Safe Mode with Networking, then download and run the following:

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Note: in the event that OTL fails to run, please use alternate download links to try again:

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: My PC continuously restarts

Post by parinker on Tue 24 Aug 2010, 9:13 am

OTL logfile created on: 08/23/2010 5:45:45 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Pat Rinker\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy

767.00 Mb Total Physical Memory | 578.00 Mb Available Physical Memory | 75.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.50 Gb Total Space | 24.37 Gb Free Space | 35.07% Space Free | Partition Type: NTFS
Drive D: | 6.82 Gb Total Space | 5.67 Gb Free Space | 83.08% Space Free | Partition Type: FAT32
Drive E: | 111.58 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAT
Current User Name: Pat Rinker
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/23 12:48:17 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pat Rinker\Desktop\OTL.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/25 10:00:46 | 000,574,808 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe


========== Modules (SafeList) ==========

MOD - [2010/08/23 12:48:17 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pat Rinker\Desktop\OTL.exe
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\PestPatrol\ppRemoteService.exe -- (PestPatrol Remote)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe -- (navapsvc)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/13 20:20:40 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- C:\Program Files\MyWebSearch\bar\3.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2009/08/24 02:07:07 | 001,097,096 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/04/20 04:16:08 | 000,070,944 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2009/02/11 19:12:38 | 000,167,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\TRENDnet\TEW-421PC_TEW-423PI\WLSVC.exe -- (WLSVC)
SRV - [2009/01/07 13:40:56 | 000,348,752 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2008/11/27 21:04:24 | 000,354,560 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/04 15:51:32 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/02/09 23:10:51 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/10/25 16:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/09/25 10:00:46 | 000,574,808 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2007/02/09 21:39:08 | 000,407,072 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2005/06/24 22:37:50 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\szkg.sys -- (szkg)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\Artec48.sys -- (SampleScanner)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX)
DRV - [2009/04/20 04:16:09 | 000,039,200 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2009/04/20 04:16:03 | 000,033,056 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2009/04/20 04:15:54 | 000,051,488 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2009/03/30 07:35:40 | 000,159,600 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2008/12/10 12:36:04 | 000,064,392 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2008/04/13 14:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 14:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 14:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/02/10 14:09:38 | 000,392,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008/02/10 14:09:38 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/02/10 14:09:27 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008/01/23 16:02:02 | 000,020,480 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\WLNdis50.sys -- (WLNdis50)
DRV - [2006/11/02 02:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/05/08 17:17:10 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2005/04/11 14:26:04 | 000,121,472 | R--- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mr97310c.sys -- (mr97310c)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/08/04 01:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/06/08 12:36:28 | 000,013,105 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.SYS -- (L8042Kbd)
DRV - [2004/06/08 12:36:20 | 000,014,975 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbKbd.sys -- (LUsbKbd)
DRV - [2004/06/08 12:35:26 | 000,038,081 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2004/06/08 12:35:18 | 000,054,817 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2004/06/08 12:35:08 | 000,071,533 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2004/06/08 12:34:48 | 000,024,637 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2002/09/20 15:15:42 | 000,472,396 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2002/08/29 00:59:12 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2002/05/14 22:27:00 | 000,016,007 | R--- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FA31XND5.SYS -- (FA31X)
DRV - [2001/08/17 17:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 17:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 17:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 17:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 17:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 16:52:24 | 000,038,144 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\hpt3xx.sys -- (hpt3xx)
DRV - [2001/08/17 16:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 16:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 16:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 16:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 16:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 16:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 16:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 16:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 16:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 16:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 13:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001/08/17 13:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001/08/17 13:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 13:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001/08/17 13:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001/08/17 13:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001/08/17 13:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001/08/17 13:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001/08/17 13:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001/08/17 12:50:28 | 000,077,824 | ---- | M] (S3 Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3sav4m.sys -- (S3SAVAGE4M)
DRV - [2001/08/17 12:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 12:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 12:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 12:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2001/08/17 12:12:32 | 000,016,074 | ---- | M] (NETGEAR Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FA312nd5.sys -- (FA312)
DRV - [2001/08/17 08:50:26 | 000,731,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4.sys -- (nv4)
DRV - [2001/08/17 08:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM)
DRV - [1997/12/22 20:02:46 | 000,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "411BDSM Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?hl=en"
FF - prefs.js..extensions.enabledItems: {0d2b1800-ef08-4e82-9be9-07e5044b5da2}:2.1.0.17
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:3.6.2.119
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=GAM1&o=15491&locale=en_US&apn_uid=37FCBE58-CA56-42FA-8434-225D4C4BBB2D&apn_ptnrs=HE&apn_sauid=&apn_dtid=&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?hl=en"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZLfox000&fl=0&ptb=BrW_Sw1LyEvZhFeLv2r55Q&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="


FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\firefox\ [2010/01/13 20:20:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/11 20:11:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/11 20:11:52 | 000,000,000 | ---D | M]

[2008/08/27 19:15:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Extensions
[2010/08/23 11:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions
[2009/06/29 20:40:11 | 000,000,000 | ---D | M] (411BDSM Toolbar) -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\{0d2b1800-ef08-4e82-9be9-07e5044b5da2}
[2010/08/22 11:43:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/22 11:43:45 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2010/08/22 11:43:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/07/24 20:08:15 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/08/22 11:43:41 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/08/22 12:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\toolbar@ask.com
[2009/06/28 08:15:12 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\searchplugins\conduit.xml
[2010/01/13 17:37:43 | 000,009,941 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\searchplugins\mywebsearch.xml
[2010/02/21 22:27:40 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\searchplugins\sweetim.xml
[2010/08/23 11:17:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/08 11:32:33 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Program Files\Mozilla Firefox\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2008/09/08 11:32:33 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2008/09/24 19:07:24 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npgcplug.dll

O1 HOSTS File: ([2001/08/18 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Viewpoint Toolbar BHO) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.9.0\ViewBarBHO.dll (Viewpoint Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Viewpoint Toolbar) - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll (Viewpoint Corporation)
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - HKLM..\Run: [InstantAccess] C:\Program Files\TextBridge Pro 8.0\Bin\InstantAccess.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [readericon10] C:\Program Files\Multimedia Card Reader\readericon10.exe ()
O4 - HKLM..\Run: [RegisterDropHandler] C:\Program Files\TextBridge Pro 8.0\Bin\RegisterDropHandler.exe ()
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [Microsoft NetMeeting] C:\Program Files\NetMeeting\conf.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKCU..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - HKLM..\RunServices: [RegisterDropHandler] C:\Program Files\TextBridge Pro 8.0\Bin\RegisterDropHandler.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-421PC_TEW-423PI\WlanCU.exe ()
O4 - Startup: C:\Documents and Settings\Pat Rinker\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - Reg Error: Value error. File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Common Files\PC Tools\LSP\PCTLsp.dll (PC Tools Research Pty Ltd.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([free] http in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [You must be registered and logged in to see this link.] (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [You must be registered and logged in to see this link.] (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} [You must be registered and logged in to see this link.] (MSN Chat Control 4.5)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: Yahoo! Chat [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Pat Rinker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pat Rinker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/09/26 12:21:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/23 13:10:34 | 000,001,383 | R--- | M] () - E:\autorun.apm -- [ CDFS ]
O32 - AutoRun File - [2002/12/10 14:00:30 | 001,122,304 | R--- | M] (Indigo Rose Corporation) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/05/22 12:28:48 | 000,032,038 | R--- | M] () - E:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2009/04/23 13:10:36 | 000,000,029 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{18939505-3b3b-11df-8bb4-0014bf5858ff}\Shell - "" = AutoRun
O33 - MountPoints2\{18939505-3b3b-11df-8bb4-0014bf5858ff}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{18939505-3b3b-11df-8bb4-0014bf5858ff}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe -- [2002/12/10 14:00:30 | 001,122,304 | R--- | M] (Indigo Rose Corporation)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Billminder.lnk - C:\QUICKENW\billmind.exe - (Intuit Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk - C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\KEM.exe - (Logitech Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PowerReg Scheduler.exe - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk - C:\QUICKENW\bagent.exe - (Intuit Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Startup.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Pat Rinker^Start Menu^Programs^Startup^FriendFinder Messenger.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Pat Rinker^Start Menu^Programs^Startup^HotSync Manager.lnk - C:\Palm\HOTSYNC.EXE - (Palm, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^Pat Rinker^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpReg: SystemBoot - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: AVG7_CC - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Eyeball Chat - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: SmileboxTray - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: WildTangent CDA - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: WT GameChannel - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: _SystemBoot - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: _Windows - hkey= - key= - Reg Error: Value error. File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft AB)
SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootMin: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: aawservice - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft AB)
SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - Service
SafeBootNet: nm.sys - Driver
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootNet: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices


parinker

Newbie Surfer
Newbie Surfer

Posts : 29
Joined : 2010-08-10
Operating System : windows 7

View user profile

Back to top Go down

Re: My PC continuously restarts

Post by parinker on Tue 24 Aug 2010, 9:16 am

There's more

ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {097860E3-73B2-4efa-9F92-A9DDAD6ADACF} -
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 9.0
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {270C7F22-6D59-4041-B865-76C48D190D91} - Yahoo! Search Settings Update
ActiveX: {2757B1D6-0367-4663-877C-93ECC5C01BF6} - Q324929
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {2D5974C5-5185-4f5b-80B6-28015ACDD74C} - q319182
ActiveX: {2eac6a2d-57a8-44d4-96f7-e32bab40ca5f} - Windows Update
ActiveX: {325F893E-F95F-4076-AAD7-1337EDD99971} -
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA851-CC51-11CF-AAFA-00AA00B6015C} - rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\wpie4x86.inf,PerUserStub
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {44FF4890-9180-4e40-BA93-E444CC8661DF} -
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {526EC2F4-C09A-4300-8E43-A55ACBB34B71} -
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {61733D96-1149-40BA-A9F7-83C9ACB75199} - Q312461
ActiveX: {61E6EAE5-7821-4AC1-9BBD-AED032A8E273} - Q323759
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {716E024F-7F74-47F3-B93B-9FF7F3CBF94C} - Q313675
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8FD9D712-A285-4834-9F46-705AD5146A6B} - NoIETour
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {A909984B-4FE5-43f8-BBB1-6C00652217D8} -
ActiveX: {A938365F-7142-4417-BEDB-CCAE9F2FE83A} -
ActiveX: {B003AADE-0580-4c47-955B-1F539DA9BFFE} -
ActiveX: {B260B385-C436-420a-B635-61889A330D8E} -
ActiveX: {B2A58FE8-7797-4a6b-AC8E-45B6115BF724} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {B9191F79-5613-4C76-AA2A-398534BB8999} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C0C31EA8-106B-4c1f-AB2D-B5FEFD693511} -
ActiveX: {C34F4917-ED43-439f-9023-97B0024A2B3B} - Q810847
ActiveX: {C46C1FA0-3BDE-44ef-BA90-AB729FB8BE27} -
ActiveX: {C5B4E4F0-A329-403a-B0E3-8751D279714C} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {D7B44F3E-77D3-44C5-8E03-4222D9A18B7B} - Q321232
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {DBB3C81D-3C91-4a1e-BDDF-905B61C7CEDF} - Security Update for the Microsoft VM
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E81659DF-28E1-4C60-B4B9-00A4BC5FA76D} - Q316059
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {E9C78C11-6C3A-4012-9D97-D571CC9B32EF} - Q312369_XP_5079
ActiveX: {ECD292A0-0347-4244-8C24-5DBCE990FB40} - Hotfix for Microsoft .NET Framework 3.0 (KB932471)
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: {f5de1b93-9d38-416b-b09e-aa85a8e84309} - Q818529
ActiveX: {F9C174E3-3E87-40bc-AA94-B8974F2B9222} - Q813489
ActiveX: {FF4DD9CD-F25E-425a-8B5C-A2D062781FBB} - Q328970
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{19FB76C6-DBEF-44B5-A053-ECDF5F855A07} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: aux1 - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSACM.LHACM - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\Dvc.dll (Adaptec)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MP43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.TR20 - C:\WINDOWS\System32\tr2032.dll (The Duck Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.VDOM - C:\WINDOWS\System32\vdowave.drv (VDOnet LTD..)
Drivers32: vidc.vivo - C:\WINDOWS\System32\ivvideo.dll (Vivo Software)
Drivers32: wave2 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave3 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 30 Days ==========

[2010/08/23 12:48:16 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pat Rinker\Desktop\OTL.exe
[2010/07/28 17:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\TRENDnet
[2010/07/28 11:37:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Pat Rinker\IECompatCache
[2010/02/21 22:24:46 | 005,925,992 | ---- | C] (SweetIM Technologies Lt) -- C:\Program Files\SweetImSetup.exe
[2010/01/20 13:27:14 | 014,447,864 | ---- | C] (Barnes & Noble, Inc.) -- C:\Program Files\bndr2_setup_latest.exe
[2010/01/13 17:32:27 | 002,569,704 | ---- | C] (MyWebSearch.com) -- C:\Program Files\IWONSetup2.3.50.62.SA.HP.ZLfox000.exe
[2009/12/20 07:21:26 | 032,494,896 | ---- | C] (Apple Inc.) -- C:\Program Files\QuickTimeInstaller.exe
[2009/12/19 23:03:23 | 000,207,880 | ---- | C] (Big Fish Games) -- C:\Program Files\3dmagicmahjongg_s1_l1_gF1T1L1_d726973768.exe
[2009/12/13 14:22:18 | 009,496,056 | ---- | C] (Google Inc.) -- C:\Program Files\picasa36-setup.exe
[2009/10/20 17:09:00 | 000,388,240 | ---- | C] (Yahoo! Inc.) -- C:\Program Files\msgr10us.exe
[2009/03/25 21:03:31 | 020,098,288 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ie8-setup-full.exe
[2009/03/15 21:49:48 | 000,307,704 | ---- | C] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox
[2009/03/13 21:49:31 | 001,878,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player.exe
[2009/03/03 14:55:44 | 000,438,592 | ---- | C] (Yahoo! Inc.) -- C:\Program Files\yahoo.exe
[2009/02/04 17:31:45 | 007,521,112 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 3.0.6.exe
[2009/02/02 13:52:10 | 009,934,392 | ---- | C] (Google Inc.) -- C:\Program Files\picasa3-setup.exe
[2009/01/14 07:34:49 | 015,903,600 | ---- | C] (Intuit ) -- C:\Program Files\Quicken_Home_Inventory.exe
[2009/01/14 07:29:41 | 074,961,912 | ---- | C] (Intuit Inc. ) -- C:\Program Files\Quicken_Deluxe_2009.exe
[2008/09/08 11:29:43 | 008,145,864 | ---- | C] (Mozilla) -- C:\Program Files\yahoo_firefox_setup-3.0.exe
[2008/09/04 21:43:06 | 015,452,536 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE7-WindowsXP-x86-enu.exe
[2008/07/22 06:54:44 | 013,725,112 | ---- | C] (PC Tools ) -- C:\Program Files\sdasetup.exe
[2008/07/13 12:06:24 | 000,357,936 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RealPlayer11GOLD.exe
[2008/07/07 21:02:17 | 000,094,808 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\g2m_download.exe
[2008/04/29 06:21:02 | 006,104,632 | ---- | C] (Google Inc.) -- C:\Program Files\picasaweb-current-setup.exe
[2008/03/18 06:10:32 | 007,773,470 | ---- | C] (Softinterface, Inc. ) -- C:\Program Files\CD.EXE
[2008/02/13 22:20:56 | 028,132,288 | ---- | C] (Avery ) -- C:\Program Files\Avery_Wizard_31_3.exe
[2007/11/09 23:43:29 | 000,445,624 | ---- | C] (Yahoo! Inc.) -- C:\Program Files\msgr9us.exe
[2007/11/01 08:14:10 | 002,255,816 | ---- | C] (AcezSoft Inc. ) -- C:\Program Files\mp3wav.exe
[2007/10/23 16:33:10 | 003,380,048 | ---- | C] (Lime Wire LLC) -- C:\Program Files\LimeWireWin.exe
[2007/10/23 16:21:22 | 035,378,168 | ---- | C] (Avery ) -- C:\Program Files\Avery_Wizard_Holiday.exe
[2007/10/23 14:40:01 | 281,837,392 | ---- | C] (Pacific Gold Coast Corp.) -- C:\Program Files\LEADTOOLSMain.exe
[2005/10/17 21:25:03 | 062,651,176 | ---- | C] (Macromedia ) -- C:\Program Files\Dreamweaver8-en.exe
[2005/06/29 23:05:51 | 001,353,360 | ---- | C] (Gteko Ltd.) -- C:\Program Files\NetSet.exe
[2005/03/12 13:56:14 | 020,798,256 | ---- | C] (Netopsystems AG ) -- C:\Program Files\AdbeRdr70_enu_full.exe
[2005/03/12 13:51:28 | 006,811,904 | ---- | C] (Adobe Systems, Inc. ) -- C:\Program Files\psa2011se_us.exe
[2004/09/12 07:25:37 | 002,893,952 | ---- | C] (Microsoft Corporation) -- C:\Program Files\PPView97.exe
[2004/08/15 06:54:22 | 005,244,336 | ---- | C] (Microsoft Corporation) -- C:\Program Files\SetupDl.exe
[2004/05/28 20:16:33 | 001,290,240 | ---- | C] (mIRC Co. Ltd.) -- C:\Program Files\mirc614.exe
[2003/10/18 14:46:22 | 036,775,008 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dx90update_redist.exe
[2003/10/18 14:33:28 | 042,057,332 | ---- | C] (Logitech, Inc. ) -- C:\Program Files\is730enu.exe
[2003/10/18 08:11:18 | 007,128,959 | ---- | C] (Logitech ) -- C:\Program Files\ldm.exe
[2003/10/01 22:00:14 | 008,516,568 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RealOnePlayerV2GOLD.exe
[2003/09/28 15:47:15 | 004,453,126 | ---- | C] (Avery Dennsion Corporation) -- C:\Program Files\wiz02e.exe
[2003/03/31 16:18:05 | 028,756,477 | ---- | C] (Prentice Hall ) -- C:\Program Files\phim_update.exe
[2003/02/11 16:48:11 | 004,870,527 | ---- | C] (Ezonics Corp. ) -- C:\Program Files\EZVideo Chat 1206.exe
[2003/01/10 20:00:33 | 002,884,680 | ---- | C] (Microsoft Corporation ) -- C:\Program Files\dpfunpack.exe
[2002/12/28 07:57:24 | 013,440,584 | ---- | C] (AOL LLC.) -- C:\Program Files\Install_AIM.exe
[2002/02/19 16:45:33 | 000,581,296 | ---- | C] (Microsoft Corporation) -- C:\Program Files\oxpauiu.exe
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Pat Rinker\My Documents\*.tmp files -> C:\Documents and Settings\Pat Rinker\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Pat Rinker\Desktop\*.tmp files -> C:\Documents and Settings\Pat Rinker\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/23 17:44:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/23 17:44:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/23 17:43:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/23 17:43:01 | 012,058,624 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\ntuser.dat
[2010/08/23 17:43:01 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Pat Rinker\ntuser.ini
[2010/08/23 17:42:00 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010/08/23 17:37:49 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/08/23 17:37:31 | 000,000,496 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/08/23 13:01:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/23 12:48:17 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pat Rinker\Desktop\OTL.exe
[2010/08/18 19:38:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/08/18 17:14:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/18 17:13:58 | 000,000,356 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/12 03:11:50 | 001,779,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/12 03:09:04 | 000,506,144 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/12 03:09:04 | 000,444,818 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/12 03:09:04 | 000,072,568 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/11 21:47:30 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/07/28 17:38:43 | 000,001,716 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk
[2010/07/28 17:38:43 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Wireless Configuration Utility.lnk
[2010/07/27 02:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Pat Rinker\My Documents\*.tmp files -> C:\Documents and Settings\Pat Rinker\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Pat Rinker\Desktop\*.tmp files -> C:\Documents and Settings\Pat Rinker\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/11 18:48:20 | 000,010,490 | ---- | C] () -- C:\WINDOWS\_000007_.tmp.dll
[2010/07/28 17:38:43 | 000,001,716 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk
[2010/07/28 17:38:43 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Wireless Configuration Utility.lnk
[2010/07/28 17:38:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
[2010/01/20 12:42:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2010/01/11 17:51:49 | 000,529,288 | ---- | C] () -- C:\Program Files\smartdraw_XK_FDT2D_setup.exe
[2010/01/09 20:27:35 | 000,087,781 | ---- | C] () -- C:\Program Files\springside pic.jpg
[2009/12/16 10:40:08 | 000,139,287 | ---- | C] () -- C:\Program Files\SC License.pdf
[2009/08/24 18:38:31 | 010,333,367 | ---- | C] () -- C:\Program Files\Berberus-Mass-Image-Resizer-1.5-Win.zip
[2009/06/20 21:27:32 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2009/06/20 21:27:01 | 000,004,254 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2009/03/17 17:38:15 | 149,353,184 | ---- | C] () -- C:\Program Files\OOo_3.0.1_Win32Intel_install_wJRE_en-US.exe
[2009/03/13 21:51:16 | 000,017,408 | -HS- | C] () -- C:\Program Files\Thumbs.db
[2009/01/25 00:07:46 | 000,561,384 | ---- | C] () -- C:\Program Files\stb_installer.exe
[2009/01/14 07:36:18 | 013,112,552 | ---- | C] () -- C:\Program Files\Quicken_WillMaker_Plus_2009.exe
[2008/08/18 09:09:42 | 001,277,680 | ---- | C] () -- C:\Program Files\CouponPrinter.exe
[2008/07/04 23:58:12 | 049,384,056 | ---- | C] () -- C:\Program Files\avg_free_stf_all_8_100a1323.exe
[2008/06/17 16:15:29 | 000,878,760 | ---- | C] () -- C:\Program Files\Support-LogMeInRescue.exe
[2008/06/17 15:00:04 | 007,024,640 | ---- | C] () -- C:\Program Files\winzip112.msi
[2008/05/26 10:33:08 | 047,787,248 | ---- | C] () -- C:\Program Files\avg_free_stf_en_8_100a1295.exe
[2008/04/02 16:13:57 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/04/02 16:12:06 | 000,000,084 | ---- | C] () -- C:\WINDOWS\EPSPRX595.ini
[2008/03/19 10:41:23 | 013,287,492 | ---- | C] () -- C:\Program Files\slideshowzilla_setup.exe
[2008/03/19 10:26:07 | 016,546,616 | ---- | C] () -- C:\Program Files\setup_fssmpro.exe
[2008/03/18 06:25:26 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SW_Win2146X32.DLL
[2008/03/18 06:13:49 | 000,002,585 | ---- | C] () -- C:\WINDOWS\CD_SearchHistory.INI
[2008/03/18 06:13:40 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\beconvlib.dll
[2008/03/18 06:13:39 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\bprgcomm.dll
[2008/03/18 06:13:39 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2008/03/18 06:13:39 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx14_ic.ini
[2008/03/18 06:13:38 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SII_PDF.dll
[2008/03/18 06:13:38 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2008/02/26 17:10:07 | 000,000,002 | -HS- | C] () -- C:\Documents and Settings\Pat Rinker\Application Data\evf
[2008/02/26 17:05:32 | 008,394,802 | ---- | C] () -- C:\Program Files\ZillaTubeSetup.exe
[2007/12/10 20:00:51 | 000,238,512 | ---- | C] () -- C:\Program Files\SmileboxInstaller.exe
[2007/11/17 12:16:55 | 000,001,182 | ---- | C] () -- C:\WINDOWS\Mpcwty01.ini
[2007/11/12 17:28:09 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Tetris.ini
[2007/11/12 17:23:36 | 003,365,915 | ---- | C] () -- C:\Program Files\freeTetris.exe
[2007/10/24 17:00:15 | 007,068,957 | ---- | C] () -- C:\Program Files\cpg272mst.exe
[2007/10/24 16:07:33 | 007,068,504 | ---- | C] () -- C:\Program Files\cpg272pro.exe
[2007/10/02 16:59:27 | 005,636,464 | ---- | C] () -- C:\Program Files\cpg272std.exe
[2007/09/10 10:56:43 | 003,044,468 | ---- | C] () -- C:\Program Files\cpg272.exe
[2007/02/18 20:38:57 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/12/29 09:49:42 | 000,000,026 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2006/12/29 09:47:00 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Pt.dll
[2006/10/22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/09/24 12:53:37 | 000,000,004 | ---- | C] () -- C:\WINDOWS\uccspecb.sys
[2006/06/08 21:04:06 | 000,000,023 | ---- | C] () -- C:\WINDOWS\kodakpcd.Pat Rinker.ini
[2006/06/07 05:48:35 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Pat Rinker\Application Data\ntl.ini
[2006/06/07 05:47:37 | 000,001,861 | ---- | C] () -- C:\Documents and Settings\Pat Rinker\Application Data\ntl.nws
[2006/01/16 10:35:34 | 000,001,392 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/10/17 20:39:12 | 001,936,031 | ---- | C] () -- C:\Program Files\Dreamweaver_MX_crack.zip
[2005/07/20 21:54:11 | 000,496,240 | ---- | C] () -- C:\Program Files\msgr7us.exe
[2005/07/20 21:53:29 | 000,496,240 | ---- | C] () -- C:\Program Files\Yahoo! Messenger.lnk
[2005/07/10 21:05:26 | 001,799,661 | ---- | C] () -- C:\Program Files\ntfree.zip
[2005/07/07 20:22:49 | 001,860,343 | ---- | C] () -- C:\Program Files\ntbpro.zip
[2005/07/06 15:33:19 | 002,410,802 | ---- | C] () -- C:\Program Files\CoffeeFreeZipInstaller.exe
[2005/06/25 05:46:48 | 000,000,035 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2005/06/20 16:51:53 | 013,750,503 | ---- | C] () -- C:\Program Files\CoffeeHTML2005.exe
[2005/05/16 19:55:20 | 004,277,840 | ---- | C] () -- C:\Program Files\icq5_setup.exe
[2005/04/10 19:18:06 | 006,234,476 | ---- | C] () -- C:\Program Files\wordweb.exe
[2005/04/08 16:03:46 | 000,000,734 | ---- | C] () -- C:\Program Files\hbexport.qif
[2005/03/12 13:51:07 | 000,494,704 | ---- | C] () -- C:\Program Files\ytb01_efgsip.exe
[2005/03/12 13:51:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Pat Rinker\Application Data\dm.ini
[2005/03/12 13:50:58 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\Pat Rinker\Application Data\AdobeDLM.log
[2005/01/03 20:12:45 | 006,918,776 | ---- | C] () -- C:\Program Files\smartdraw_trial_1303.exe
[2004/09/22 21:46:26 | 000,061,952 | ---- | C] () -- C:\WINDOWS\System32\rmmerge2.DLL
[2004/09/22 21:46:26 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\rmevents.DLL
[2004/08/23 21:47:28 | 003,144,082 | ---- | C] () -- C:\Program Files\gcn_setup2.8.1.exe
[2004/08/02 18:24:06 | 000,000,033 | ---- | C] () -- C:\WINDOWS\LVMMail.INI
[2004/04/23 22:00:42 | 006,024,188 | ---- | C] () -- C:\Program Files\yahoo_scrabble1-1_tm1-1.exe
[2004/02/13 19:51:04 | 000,000,048 | ---- | C] () -- C:\WINDOWS\PerWin.ini
[2004/01/17 10:53:34 | 005,184,456 | ---- | C] () -- C:\Program Files\PuzzleInlayDeluxe.exe
[2003/12/06 14:08:15 | 000,029,633 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2003/11/15 21:35:10 | 002,266,608 | ---- | C] () -- C:\Program Files\ec22.exe
[2003/11/13 05:13:47 | 000,000,867 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2003/11/12 21:53:49 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/10/18 21:30:58 | 006,333,450 | ---- | C] () -- C:\Program Files\yahoo_mahjongtowers2_tm1-1.exe
[2003/10/18 15:53:46 | 003,978,384 | ---- | C] () -- C:\Program Files\icqpro2003a.exe
[2003/10/18 15:02:00 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2003/05/02 15:19:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2003/05/02 15:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2003/03/07 16:19:57 | 000,000,249 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2003/03/07 14:33:02 | 000,000,028 | ---- | C] () -- C:\WINDOWS\qfnonl.ini
[2003/03/07 14:29:44 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2003/03/07 14:29:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2003/03/07 14:29:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2003/01/17 19:07:24 | 000,000,235 | R--- | C] () -- C:\WINDOWS\System32\Arsetup.ini
[2003/01/17 19:07:23 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\Arsetup.dll
[2003/01/11 17:42:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\netscape.INI
[2003/01/07 11:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/12/25 18:25:33 | 003,806,711 | ---- | C] () -- C:\Program Files\solsuite.exe
[2002/11/16 18:42:56 | 000,004,645 | ---- | C] () -- C:\WINDOWS\Solitaire.ini
[2002/11/16 12:50:28 | 002,923,823 | ---- | C] () -- C:\Program Files\solplus.exe
[2002/09/20 15:06:38 | 000,010,628 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2002/09/06 20:01:11 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2002/05/28 20:19:20 | 000,001,347 | ---- | C] () -- C:\WINDOWS\disney.ini
[2002/04/24 07:50:05 | 000,296,448 | ---- | C] () -- C:\WINDOWS\Xenofex.ini
[2002/04/23 22:18:08 | 001,362,848 | ---- | C] () -- C:\Program Files\BladePro.zip
[2002/04/23 21:50:19 | 000,013,273 | ---- | C] () -- C:\Program Files\setuplog.txt
[2002/04/23 21:18:35 | 000,000,398 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2002/04/02 08:54:38 | 000,000,095 | ---- | C] () -- C:\WINDOWS\tb96.ini
[2002/03/23 19:13:04 | 000,000,192 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2002/03/23 19:13:04 | 000,000,096 | ---- | C] () -- C:\WINDOWS\Tb98.ini
[2002/03/23 19:12:54 | 000,046,512 | ---- | C] () -- C:\WINDOWS\System32\EPSN.DLL
[2002/03/23 19:12:54 | 000,012,126 | ---- | C] () -- C:\WINDOWS\System32\PIXPCZ.DLL
[2002/03/23 19:12:54 | 000,011,934 | ---- | C] () -- C:\WINDOWS\System32\PIXPNR.DLL
[2002/02/21 11:25:52 | 001,022,976 | ---- | C] () -- C:\WINDOWS\System32\SierraNW.dll
[2002/02/21 11:25:06 | 000,000,333 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2002/01/30 10:00:11 | 000,059,992 | ---- | C] () -- C:\Program Files\msnaddin.exe
[2002/01/14 15:45:29 | 000,000,039 | ---- | C] () -- C:\WINDOWS\VIDEOWAV.INI
[2001/12/17 14:14:16 | 000,287,232 | R--- | C] () -- C:\WINDOWS\System32\PPRO200.DLL
[2001/12/17 14:14:16 | 000,000,406 | ---- | C] () -- C:\WINDOWS\SA4_WKSP.INI
[2001/12/17 14:14:16 | 000,000,045 | ---- | C] () -- C:\WINDOWS\SA4_DRAW.INI
[2001/12/17 14:14:14 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2001/11/18 18:08:02 | 000,204,288 | ---- | C] () -- C:\WINDOWS\System32\LSXConfig.dll
[2001/11/18 18:01:35 | 000,000,078 | ---- | C] () -- C:\WINDOWS\psuite.ini
[2001/11/16 19:32:56 | 000,000,081 | ---- | C] () -- C:\WINDOWS\importclient.INI
[2001/11/16 19:25:46 | 000,000,751 | ---- | C] () -- C:\WINDOWS\Bti.ini
[2001/11/16 19:25:45 | 000,116,640 | ---- | C] () -- C:\WINDOWS\System32\Ptsaci40.dll
[2001/10/31 14:07:43 | 000,000,172 | ---- | C] () -- C:\WINDOWS\INTUIT.INI
[2001/10/31 13:27:48 | 000,001,909 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2001/10/29 14:09:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2001/10/28 21:09:59 | 000,000,085 | ---- | C] () -- C:\WINDOWS\vstudio.INI
[2001/10/28 21:09:13 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Pat Rinker\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2001/10/28 20:58:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsrex.INI
[2001/10/28 20:58:19 | 000,000,901 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2001/10/28 20:58:19 | 000,000,050 | ---- | C] () -- C:\WINDOWS\vidwiz.ini
[2001/10/28 16:16:53 | 000,000,560 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2001/10/12 10:58:20 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr310exd.dll
[2001/10/12 10:57:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\mr310exv.dll
[2001/10/05 08:55:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2001/09/26 13:01:06 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2001/09/26 12:30:58 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2001/07/13 07:04:00 | 000,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI
[2000/12/07 10:13:58 | 000,015,164 | ---- | C] () -- C:\WINDOWS\mr310twc.ini
[1999/05/31 09:41:04 | 000,002,375 | ---- | C] () -- C:\Program Files\README.TXT
[1999/05/31 02:45:58 | 004,414,132 | ---- | C] () -- C:\Program Files\aom14a.exe
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1980/01/01 03:00:00 | 000,000,451 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Custom Scans ==========

< >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2001/09/26 05:09:12 | 000,090,112 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2001/09/26 05:09:12 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2001/09/26 05:09:12 | 000,385,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2001/08/18 08:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\bcm42rly.sys
[2001/08/18 08:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\GTNDIS5.sys
[2001/08/18 08:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2001/08/18 08:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2002/08/28 23:23:06 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2001/08/18 08:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2001/08/18 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2001/08/18 08:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2001/08/18 08:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2001/08/18 08:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/04 01:45:08 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/04 01:45:14 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/04 01:45:10 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/04 01:45:16 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/04 01:45:12 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 14:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/06/23 09:44:04 | 001,851,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2008/04/13 20:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 20:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 20:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 20:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 20:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 20:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 20:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/13 20:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 20:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 20:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 20:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 20:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 20:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2008/04/13 20:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008/04/13 20:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2001/09/26 12:21:22 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2002/04/23 21:18:34 | 000,001,118 | ---- | M] () -- C:\BDELog.txt
[2009/12/19 22:08:10 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2002/04/23 21:52:22 | 000,000,022 | ---- | M] () -- C:\cnsfbladepro[1].zip
[2001/09/26 12:21:22 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2003/01/19 09:56:50 | 000,000,185 | ---- | M] () -- C:\DAOsetup.log
[2002/02/21 18:03:24 | 000,041,512 | ---- | M] () -- C:\doves
[2010/01/20 00:23:39 | 000,000,114 | ---- | M] () -- C:\DownloadLog.txt
[2006/01/21 13:15:12 | 000,540,919 | ---- | M] () -- C:\EasyShareInstall.log
[2005/08/20 07:58:10 | 006,139,853 | ---- | M] () -- C:\en_zuma_inst.exe
[2010/04/01 05:50:29 | 000,000,090 | ---- | M] () -- C:\error.log
[2005/07/01 16:45:58 | 000,021,902 | ---- | M] () -- C:\EyeCandyLog.txt
[2001/10/05 08:38:34 | 000,000,012 | ---- | M] () -- C:\FLASH.FLG
[2002/09/05 22:29:02 | 005,327,831 | ---- | M] () -- C:\gdsol.exe
[2005/09/28 06:00:20 | 011,693,024 | ---- | M] (InstallShield Software Corporation) -- C:\GoogleEarthPlus.exe
[2001/10/05 08:39:22 | 000,000,028 | ---- | M] () -- C:\GOTOCMOS.FLG
[2004/01/23 18:31:46 | 000,000,067 | ---- | M] () -- C:\inferno.log
[2001/09/26 12:21:22 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/12/06 22:20:12 | 000,004,262 | -H-- | M] () -- C:\IPH.PH
[2008/09/15 20:43:06 | 000,022,348 | ---- | M] () -- C:\logfile
[2003/10/18 14:55:30 | 000,000,183 | ---- | M] () -- C:\LogiSetup.log
[2007/05/23 10:23:52 | 000,001,207 | ---- | M] () -- C:\lyricThing.txt
[2009/12/19 23:08:00 | 000,002,371 | ---- | M] () -- C:\MasterFoxMistressC
[2001/09/26 12:21:22 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[1993/07/23 00:00:00 | 000,210,944 | ---- | M] () -- C:\Msvcrt10.dll
[2004/09/26 12:13:28 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/06 08:46:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2008/10/14 18:11:32 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2009/09/13 10:38:37 | 000,001,024 | -H-- | M] () -- C:\ntuser.dat.LOG
[2005/11/14 19:07:08 | 001,293,631 | ---- | M] () -- C:\opfer.exe
[2010/08/23 17:44:02 | 1207,148,544 | -HS- | M] () -- C:\pagefile.sys
[2007/04/25 10:29:46 | 000,000,000 | ---- | M] () -- C:\palsound.txt
[2002/02/14 14:58:06 | 000,141,871 | ---- | M] () -- C:\pcgroovy.EXE
[2007/05/01 04:48:00 | 000,003,132 | ---- | M] () -- C:\pspbrwse.jbf
[2002/09/16 08:26:00 | 000,000,132 | ---- | M] () -- C:\Quick Tour16_9.txt
[2006/01/02 21:29:56 | 000,338,409 | ---- | M] () -- C:\QUICKENW.QIF
[2005/05/03 17:55:30 | 006,004,152 | ---- | M] () -- C:\RAY & PATS CHECKING.QDF
[2005/05/03 17:55:30 | 001,504,256 | ---- | M] () -- C:\RAY & PATS CHECKING.QEL
[2003/03/31 21:37:44 | 000,002,639 | ---- | M] () -- C:\RAY & PATS CHECKING.QPH
[2005/05/03 17:55:30 | 000,007,112 | ---- | M] () -- C:\RAY & PATS CHECKING.QSD
[1999/05/31 09:41:04 | 000,002,375 | ---- | M] () -- C:\README.TXT
[2002/01/30 13:11:32 | 001,469,148 | ---- | M] (Hasbro Interactive ) -- C:\Scrabblev2_0Patchv1_2.exe
[2008/02/19 21:54:48 | 000,000,007 | ---- | M] () -- C:\tw0001.dat
[2006/06/21 18:04:32 | 000,041,093 | ---- | M] () -- C:\VETlog.dmp
[2006/06/21 18:04:32 | 000,004,175 | ---- | M] () -- C:\VETlog.txt
[2007/05/22 10:04:58 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %PROGRAMFILES%\*. >
[2007/10/18 01:25:16 | 000,000,000 | ---D | M] -- C:\Program Files\3Dize
[2007/11/01 08:18:25 | 000,000,000 | ---D | M] -- C:\Program Files\Acez Mp3 Wav Converter
[2008/02/10 14:08:51 | 000,000,000 | ---D | M] -- C:\Program Files\Acronis
[2010/01/15 21:09:57 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/12/13 04:18:57 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2004/11/09 17:41:24 | 000,000,000 | ---D | M] -- C:\Program Files\AIM Toolbar
[2005/06/25 05:48:44 | 000,000,000 | ---D | M] -- C:\Program Files\Aladdin Systems
[2005/06/25 05:50:32 | 000,000,000 | ---D | M] -- C:\Program Files\Altova
[2008/07/13 12:16:33 | 000,000,000 | ---D | M] -- C:\Program Files\AOD
[2007/11/17 12:18:04 | 000,000,000 | ---D | M] -- C:\Program Files\AOL
[2009/12/21 01:18:54 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2008/04/02 16:17:53 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2010/08/22 12:01:38 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2009/03/18 06:42:34 | 000,000,000 | ---D | M] -- C:\Program Files\Avery Wizard 3.1
[2008/05/26 12:15:17 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2004/06/27 08:20:50 | 000,000,000 | ---D | M] -- C:\Program Files\AWS
[2002/09/06 22:43:32 | 000,000,000 | ---D | M] -- C:\Program Files\BankBook4
[2010/01/20 13:31:45 | 000,000,000 | ---D | M] -- C:\Program Files\Barnes & Noble
[2005/08/20 07:58:22 | 000,000,000 | ---D | M] -- C:\Program Files\BFG
[2008/02/09 23:23:30 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2007/11/17 12:20:59 | 000,000,000 | ---D | M] -- C:\Program Files\Broderbund
[2003/12/27 22:20:52 | 000,000,000 | ---D | M] -- C:\Program Files\Browser Mouse
[2002/05/28 20:19:54 | 000,000,000 | ---D | M] -- C:\Program Files\Buena Vista Interactive
[2006/11/17 13:05:58 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2008/09/25 00:49:41 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2005/06/20 16:53:18 | 000,000,000 | ---D | M] -- C:\Program Files\CoffeeCup Software
[2010/03/17 06:37:45 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2001/09/26 12:17:28 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/03/30 09:45:47 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2001/09/26 13:01:02 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2010/01/20 12:42:59 | 000,000,000 | ---D | M] -- C:\Program Files\Diet
[2005/10/17 20:40:56 | 000,000,000 | ---D | M] -- C:\Program Files\Dreamweaver_MX_crack
[2002/03/23 19:11:42 | 000,000,000 | ---D | M] -- C:\Program Files\ePlus48U
[2008/04/02 16:30:43 | 000,000,000 | ---D | M] -- C:\Program Files\epson
[2008/04/02 16:15:56 | 000,000,000 | ---D | M] -- C:\Program Files\EPSON Print CD
[2003/11/15 21:45:00 | 000,000,000 | ---D | M] -- C:\Program Files\Eyeball
[2009/05/17 21:03:43 | 000,000,000 | ---D | M] -- C:\Program Files\FileZilla FTP Client
[2008/03/19 10:51:36 | 000,000,000 | ---D | M] -- C:\Program Files\Flash Slideshow Maker Professional
[2007/09/05 21:13:52 | 000,000,000 | ---D | M] -- C:\Program Files\FriendFinder Messenger
[2006/03/25 12:50:32 | 000,000,000 | ---D | M] -- C:\Program Files\Fujifilm e-Systems
[2010/01/13 17:36:44 | 000,000,000 | ---D | M] -- C:\Program Files\FunWebProducts
[2004/08/23 21:48:08 | 000,000,000 | ---D | M] -- C:\Program Files\GCN
[2005/06/25 05:44:06 | 000,000,000 | ---D | M] -- C:\Program Files\GIF Movie Gear
[2009/02/02 14:06:00 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2008/05/26 12:42:01 | 000,000,000 | ---D | M] -- C:\Program Files\Grisoft
[2002/03/25 17:34:32 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2008/04/29 15:24:18 | 000,000,000 | ---D | M] -- C:\Program Files\HOJY TECH
[2002/03/25 17:38:54 | 000,000,000 | ---D | M] -- C:\Program Files\hp deskjet 950c series
[2008/03/10 10:41:46 | 000,000,000 | ---D | M] -- C:\Program Files\ICQ
[2008/06/30 07:57:26 | 000,000,000 | ---D | M] -- C:\Program Files\ICQLite
[2008/03/10 10:43:54 | 000,000,000 | ---D | M] -- C:\Program Files\ICQToolbar
[2010/07/28 17:38:38 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/08/12 03:05:21 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2001/10/31 13:28:00 | 000,000,000 | ---D | M] -- C:\Program Files\Intuit
[2007/11/22 20:47:10 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2005/04/12 15:57:40 | 000,000,000 | ---D | M] -- C:\Program Files\ItsDeductibleEX
[2002/02/13 21:06:48 | 000,000,000 | ---D | M] -- C:\Program Files\Jasc Software Inc
[2009/11/03 20:04:33 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2003/08/18 21:53:18 | 000,000,000 | ---D | M] -- C:\Program Files\JavaSoft
[2009/03/17 19:25:03 | 000,000,000 | ---D | M] -- C:\Program Files\JRE
[2009/01/27 00:31:01 | 000,000,000 | ---D | M] -- C:\Program Files\Knockernibbler
[2009/02/23 12:17:13 | 000,000,000 | ---D | M] -- C:\Program Files\Kodak
[2007/11/15 20:38:48 | 000,000,000 | ---D | M] -- C:\Program Files\LaCie
[2007/11/17 15:34:33 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2010/02/21 22:26:08 | 000,000,000 | ---D | M] -- C:\Program Files\Living Scenes Jigsaw Puzzles
[2008/08/06 17:13:23 | 000,000,000 | ---D | M] -- C:\Program Files\LivingSoft
[2008/09/25 00:39:20 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2008/07/22 17:21:40 | 000,000,000 | ---D | M] -- C:\Program Files\Lycos
[2008/02/09 23:53:29 | 000,000,000 | ---D | M] -- C:\Program Files\Macromedia
[2006/12/29 09:43:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mars
[2003/02/25 16:22:14 | 000,000,000 | ---D | M] -- C:\Program Files\MathSoft
[2008/09/06 09:10:17 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2001/11/18 18:01:32 | 000,000,000 | ---D | M] -- C:\Program Files\MGI
[2007/11/17 20:13:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2007/05/10 03:19:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2001/09/26 12:21:40 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2007/11/17 20:13:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2008/11/17 11:24:47 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2004/01/23 19:08:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2007/11/14 21:50:48 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2002/01/02 19:03:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works Suite 99
[2004/01/23 19:11:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2004/05/28 20:19:42 | 000,000,000 | ---D | M] -- C:\Program Files\mIRC
[2010/08/12 03:02:48 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/08/23 17:38:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2007/07/14 03:36:52 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2001/09/26 12:16:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2001/09/26 12:16:12 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2010/01/13 17:34:05 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Messenger
[2004/09/28 17:42:18 | 000,000,000 | ---D | M] -- C:\Program Files\MsnMusic
[2002/01/02 19:03:58 | 000,000,000 | ---D | M] -- C:\Program Files\MSWorks
[2003/10/20 17:33:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/07/14 03:38:29 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/02/24 12:24:54 | 000,000,000 | ---D | M] -- C:\Program Files\MTV Networks
[2008/08/20 16:04:17 | 000,000,000 | ---D | M] -- C:\Program Files\Multimedia Card Reader
[2008/09/25 00:42:57 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2006/04/24 18:18:50 | 000,000,000 | ---D | M] -- C:\Program Files\MySearch
[2010/01/13 17:34:02 | 000,000,000 | ---D | M] -- C:\Program Files\MyWebSearch
[2008/09/06 09:48:45 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2003/01/11 17:41:04 | 000,000,000 | ---D | M] -- C:\Program Files\Netscape
[2001/10/28 20:58:34 | 000,000,000 | ---D | M] -- C:\Program Files\NetShow Services
[2009/09/28 13:55:50 | 000,000,000 | ---D | M] -- C:\Program Files\New Folder
[2010/01/04 17:08:21 | 000,000,000 | ---D | M] -- C:\Program Files\NoteTab Light
[2005/07/10 21:05:52 | 000,000,000 | ---D | M] -- C:\Program Files\ntfree
[2010/01/04 17:07:56 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2002/02/19 16:43:00 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeUpdate
[2001/09/26 12:18:56 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/03/17 19:25:00 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2010/05/13 03:01:35 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2002/09/06 22:37:02 | 000,000,000 | ---D | M] -- C:\Program Files\Palm Pilot Downloads
[2007/11/17 12:31:00 | 000,000,000 | ---D | M] -- C:\Program Files\Paltalk Messenger
[2005/05/07 20:40:08 | 000,000,000 | ---D | M] -- C:\Program Files\PCRescue
[2007/09/05 21:16:12 | 000,000,000 | ---D | M] -- C:\Program Files\PhoTags Express
[2003/08/08 18:28:52 | 000,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2010/01/13 17:18:39 | 000,000,000 | ---D | M] -- C:\Program Files\Prepaid Legal
[2001/10/29 21:32:44 | 000,000,000 | ---D | M] -- C:\Program Files\Program Downloads
[2001/10/25 19:29:56 | 000,000,000 | ---D | M] -- C:\Program Files\Program Shortcuts
[2002/03/04 13:33:16 | 000,000,000 | ---D | M] -- C:\Program Files\ProgramFiles
[2009/01/14 09:13:29 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken Home Inventory Manager
[2010/08/11 20:11:42 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2008/04/04 22:01:51 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2007/07/14 03:29:56 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/03/03 14:57:18 | 000,000,000 | ---D | M] -- C:\Program Files\Registry Mechanic
[2005/06/25 05:44:38 | 000,000,000 | ---D | M] -- C:\Program Files\Sausage
[2002/05/08 22:09:50 | 000,000,000 | ---D | M] -- C:\Program Files\Scrippy
[2009/02/23 12:39:34 | 000,000,000 | ---D | M] -- C:\Program Files\Sierra On-Line
[2008/03/19 10:52:19 | 000,000,000 | ---D | M] -- C:\Program Files\SlideshowZilla
[2010/01/11 17:53:32 | 000,000,000 | ---D | M] -- C:\Program Files\SmartDraw 7
[2007/12/10 20:09:12 | 000,000,000 | ---D | M] -- C:\Program Files\Smilebox
[2008/03/18 06:13:36 | 000,000,000 | ---D | M] -- C:\Program Files\Softinterface, Inc
[2009/08/24 13:17:33 | 000,000,000 | ---D | M] -- C:\Program Files\Spyware Doctor
[2010/02/21 22:27:42 | 000,000,000 | ---D | M] -- C:\Program Files\SweetIM
[2003/10/12 10:50:32 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2001/10/29 15:07:52 | 000,000,000 | ---D | M] -- C:\Program Files\TenCORE Net
[2002/03/23 19:12:54 | 000,000,000 | ---D | M] -- C:\Program Files\TextBridge Pro 8.0
[2010/07/28 17:38:39 | 000,000,000 | ---D | M] -- C:\Program Files\TRENDnet
[2003/10/18 21:32:36 | 000,000,000 | ---D | M] -- C:\Program Files\TryMedia
[2008/11/27 21:04:13 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2008
[2001/09/26 12:28:06 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2002/12/28 07:59:50 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2009/07/21 22:44:26 | 000,000,000 | ---D | M] -- C:\Program Files\Visual Watermark
[2005/06/25 05:58:48 | 000,000,000 | ---D | M] -- C:\Program Files\Wattle Software
[2001/11/16 19:26:34 | 000,000,000 | ---D | M] -- C:\Program Files\Web Publish
[2003/07/29 18:27:20 | 000,000,000 | ---D | M] -- C:\Program Files\Weight Commander
[2006/06/23 15:43:32 | 000,000,000 | ---D | M] -- C:\Program Files\WinAce
[2003/01/17 18:40:06 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Installer Clean Up
[2008/11/18 04:01:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2010/01/04 17:04:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2003/10/18 15:16:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2007/02/24 11:51:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2008/09/06 08:52:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/09/06 08:52:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2001/09/26 12:27:46 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2008/02/09 23:49:36 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2001/09/26 12:21:40 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/01/04 17:18:11 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2009/02/23 12:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! Games
[2008/02/26 17:25:34 | 000,000,000 | ---D | M] -- C:\Program Files\ZillaTube
[2003/12/21 09:58:18 | 000,000,000 | ---D | M] -- C:\Program Files\Zone.com Deluxe Games

< %appdata%\*.* >
[2010/01/20 12:45:38 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\AdobeDLM.log
[2001/09/26 05:10:30 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\desktop.ini
[2005/03/28 16:43:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\dm.ini
[2008/02/26 17:10:07 | 000,000,002 | -HS- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\evf
[2003/03/10 10:30:08 | 000,125,840 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\GDIPFONTCACHEV1.DAT
[2007/09/08 21:54:58 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\ntl.ini
[2007/09/08 21:54:07 | 000,001,861 | ---- | M] () -- C:\Documents and Settings\Pat Rinker\Application Data\ntl.nws


< MD5 for: AGP440.SYS >
[2004/09/26 11:48:28 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/06 08:36:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/09/26 11:48:28 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/09/06 08:36:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 02:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004/08/04 02:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2003/11/15 22:52:42 | 012,091,533 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004/09/26 11:48:28 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/06 08:36:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2003/11/15 22:52:42 | 012,091,533 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2004/09/26 11:48:28 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/09/06 08:36:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2003/11/15 22:52:42 | 012,091,533 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:disk.sys
[2004/09/26 11:48:28 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/09/06 08:36:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2003/11/15 22:52:42 | 012,091,533 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:disk.sys
[2004/09/26 11:48:28 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys
[2008/09/06 08:36:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 01:59:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 03:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 03:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 03:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2003/11/15 22:52:42 | 012,091,533 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:usbstor.sys
[2004/09/26 11:48:28 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2008/09/06 08:36:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2003/11/15 22:52:42 | 012,091,533 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:usbstor.sys
[2004/09/26 11:48:28 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:usbstor.sys
[2008/09/06 08:36:49 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/04 02:08:46 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2004/08/04 02:08:46 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\USBSTOR.SYS
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-23 03:08:53

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\MasterFoxMistressC:SummaryInformation
@Alternate Data Stream - 568 bytes -> C:\WINDOWS\system32:,|pctlsp.log
@Alternate Data Stream - 426 bytes -> C:\WINDOWS\system32:,|pctlsp.log
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 142 bytes -> C:\WINDOWS\system32:,|pctlsp.log
@Alternate Data Stream - 142 bytes -> C:\WINDOWS\system32:,|pctlsp.log
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B7E8561
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
< End of report >

parinker

Newbie Surfer
Newbie Surfer

Posts : 29
Joined : 2010-08-10
Operating System : windows 7

View user profile

Back to top Go down

Re: My PC continuously restarts

Post by Sneakyone on Tue 24 Aug 2010, 9:32 am

Hi.

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console


Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: My PC continuously restarts

Post by parinker on Tue 24 Aug 2010, 8:37 pm

ComboFix 10-08-23.01 - Pat Rinker 08/23/2010 18:55:28.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.767.223 [GMT -4:00]
Running from: c:\documents and settings\Pat Rinker\Desktop\commy.exe
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Pat Rinker\System
c:\documents and settings\Pat Rinker\System\win_qs7.jqx
c:\progra~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
c:\progra~1\TEXTBR~1.0\Bin\REGIST~1.EXE
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn.html
c:\program files\INSTALL.LOG
c:\program files\MySearch
c:\program files\MySearch\bar\History\search
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\3.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\3.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\3.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\3.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\3.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\3.bin\F3HTmlmu.dll
c:\program files\MyWebSearch\bar\3.bin\F3HTtpct.dll
c:\program files\MyWebSearch\bar\3.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\3.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\3.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\3.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\3.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\3.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\3.bin\F3SCrctr.dll
c:\program files\MyWebSearch\bar\3.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\3.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\3.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\3.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\3.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\3.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\3.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\3.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\3.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\3.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\3.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\3.bin\M3MSg.dll
c:\program files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL
c:\program files\MyWebSearch\bar\3.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\3.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\3.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\3.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\3.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\3.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\3.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\000632C6.bin
c:\program files\MyWebSearch\bar\Cache\000642EE.bin
c:\program files\MyWebSearch\bar\Cache\02D9366D
c:\program files\MyWebSearch\bar\Cache\02D94049
c:\program files\MyWebSearch\bar\Cache\02D953EC.bin
c:\program files\MyWebSearch\bar\Cache\02D95790.bin
c:\program files\MyWebSearch\bar\Cache\02D95A75.bin
c:\program files\MyWebSearch\bar\Cache\02D96948.bin
c:\program files\MyWebSearch\bar\Cache\02D9732E.bin
c:\program files\MyWebSearch\bar\Cache\03923D72.bin
c:\program files\MyWebSearch\bar\Cache\03923E62.bin
c:\program files\MyWebSearch\bar\Cache\03923F2A.bin
c:\program files\MyWebSearch\bar\Cache\03924043.bin
c:\program files\MyWebSearch\bar\Cache\0888A80A
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\firefox\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\firefox\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Message\COMMON\8_step1.gif
c:\program files\MyWebSearch\bar\Message\COMMON\ask_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.htm
c:\program files\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg
c:\program files\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg
c:\program files\MyWebSearch\bar\Message\COMMON\blubtn2d.png
c:\program files\MyWebSearch\bar\Message\COMMON\blubtn2r.png
c:\program files\MyWebSearch\bar\Message\COMMON\blubtn3d.png
c:\program files\MyWebSearch\bar\Message\COMMON\blubtn3r.png
c:\program files\MyWebSearch\bar\Message\COMMON\center.htm
c:\program files\MyWebSearch\bar\Message\COMMON\index.htm
c:\program files\MyWebSearch\bar\Message\COMMON\logo_ZJ.png
c:\program files\MyWebSearch\bar\Message\COMMON\logo_ZR.png
c:\program files\MyWebSearch\bar\Message\COMMON\mid_dots.gif
c:\program files\MyWebSearch\bar\Message\COMMON\mws_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\protect.htm
c:\program files\MyWebSearch\bar\Message\COMMON\reb_bg.png
c:\program files\MyWebSearch\bar\Message\COMMON\rebbtnbg.png
c:\program files\MyWebSearch\bar\Message\COMMON\rebbtnn1.png
c:\program files\MyWebSearch\bar\Message\COMMON\rebbtnn2.png
c:\program files\MyWebSearch\bar\Message\COMMON\rebbtny1.png
c:\program files\MyWebSearch\bar\Message\COMMON\rebbtny2.png
c:\program files\MyWebSearch\bar\Message\COMMON\rebclose.png
c:\program files\MyWebSearch\bar\Message\COMMON\rebut.htm
c:\program files\MyWebSearch\bar\Message\COMMON\rebut2.htm
c:\program files\MyWebSearch\bar\Message\COMMON\rebut3.htm
c:\program files\MyWebSearch\bar\Message\COMMON\rebut3b.htm
c:\program files\MyWebSearch\bar\Message\COMMON\repmidsm.png
c:\program files\MyWebSearch\bar\Message\COMMON\shield.png
c:\program files\MyWebSearch\bar\Message\COMMON\shocked.gif
c:\program files\MyWebSearch\bar\Message\COMMON\stop.gif
c:\program files\MyWebSearch\bar\Message\COMMON\systray.htm
c:\program files\MyWebSearch\bar\Message\COMMON\systrayp.htm
c:\program files\MyWebSearch\bar\Message\COMMON\tp_grad.gif
c:\program files\MyWebSearch\bar\Message\COMMON\warn.gif
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\_000007_.tmp.dll
c:\windows\Connection Wizard\Status\fastso.ber
c:\windows\Connection Wizard\Status\packed1.sbr
c:\windows\Connection Wizard\Status\packed2.sbr
c:\windows\Connection Wizard\Status\packed3.sbr
c:\windows\Connection Wizard\Status\sacri1.ggg
c:\windows\Connection Wizard\Status\sacri2.ggg
c:\windows\Connection Wizard\Status\sacri3.ggg
c:\windows\Connection Wizard\Status\sysonce.tst
c:\windows\Connection Wizard\Status\voner1.von
c:\windows\Connection Wizard\Status\voner2.von
c:\windows\Connection Wizard\Status\voner3.von
c:\windows\Downloaded Program Files\f3initialsetup1.0.0.8-2.inf
c:\windows\gendel32.exe
c:\windows\patch.exe
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\adcmmmmq.hjg
c:\windows\system32\encapi32.dll
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\Ijl11.dll
c:\windows\system32\model.dat
c:\windows\system32\seppelmx.smx
c:\windows\system32\Thumbs.db
c:\windows\system32\xcvfpokd.tqa
c:\windows\WinSecurity
c:\windows\WinSecurity\sysonce.tst

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService


((((((((((((((((((((((((( Files Created from 2010-07-23 to 2010-08-23 )))))))))))))))))))))))))))))))
.

2010-08-22 15:43 . 2010-07-21 21:30 421888 ----a-w- c:\documents and settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
2010-08-18 15:46 . 2010-08-18 15:46 2944904 ----a-w- c:\documents and settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
2010-07-28 21:38 . 2010-07-28 21:38 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-07-28 21:38 . 2008-01-23 20:02 20480 ----a-w- c:\windows\system32\drivers\WLNdis50.sys
2010-07-28 21:38 . 2010-07-28 21:38 -------- d-----w- c:\program files\TRENDnet
2010-07-28 21:38 . 2007-11-21 03:54 308096 ----a-w- c:\windows\system32\drivers\rtl8185.sys
2010-07-28 15:37 . 2010-07-28 15:37 -------- d-sh--w- c:\documents and settings\Pat Rinker\IECompatCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-22 16:01 . 2010-01-04 05:07 -------- d-----w- c:\program files\Ask.com
2010-08-12 00:11 . 2006-01-15 14:53 -------- d-----w- c:\program files\QuickTime
2010-07-28 21:47 . 2009-03-14 01:51 17408 --sha-w- c:\program files\Thumbs.db
2010-07-28 21:38 . 2002-03-23 23:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-30 12:31 . 2001-09-26 16:03 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2004-02-06 22:05 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2001-09-26 16:03 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2001-09-26 16:03 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2001-09-26 16:02 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2003-11-16 02:48 744448 ----a-w- c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe
2010-06-14 07:41 . 2003-11-16 02:49 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-02-22 02:24 . 2010-02-22 02:24 5925992 ----a-w- c:\program files\SweetImSetup.exe
2010-01-20 17:27 . 2010-01-20 17:27 14447864 ----a-w- c:\program files\bndr2_setup_latest.exe
2010-01-13 21:32 . 2010-01-13 21:32 2569704 ----a-w- c:\program files\IWONSetup2.3.50.62.SA.HP.ZLfox000.exe
2010-01-11 21:51 . 2010-01-11 21:51 529288 ----a-w- c:\program files\smartdraw_XK_FDT2D_setup.exe
2010-01-10 00:27 . 2010-01-10 00:27 87781 ----a-w- c:\program files\springside pic.jpg
2009-12-20 11:24 . 2009-12-20 11:21 32494896 ----a-w- c:\program files\QuickTimeInstaller.exe
2009-12-20 03:03 . 2009-12-20 03:03 207880 ----a-w- c:\program files\3dmagicmahjongg_s1_l1_gF1T1L1_d726973768.exe
2009-12-16 14:40 . 2009-12-16 14:40 139287 ----a-w- c:\program files\SC License.pdf
2009-12-13 18:22 . 2009-12-13 18:22 9496056 ----a-w- c:\program files\picasa36-setup.exe
2009-11-16 19:37 . 2009-10-20 21:09 388240 ----a-w- c:\program files\msgr10us.exe
2009-10-19 15:22 . 2007-11-10 03:43 445624 ----a-w- c:\program files\msgr9us.exe
2009-08-24 22:39 . 2009-08-24 22:38 10333367 ----a-w- c:\program files\Berberus-Mass-Image-Resizer-1.5-Win.zip
2009-03-26 01:06 . 2009-03-26 01:03 20098288 ----a-w- c:\program files\ie8-setup-full.exe
2009-03-17 22:33 . 2009-03-17 21:38 149353184 ----a-w- c:\program files\OOo_3.0.1_Win32Intel_install_wJRE_en-US.exe
2009-03-16 01:49 . 2009-03-16 01:49 307704 ----a-w- c:\program files\Mozilla Firefox.lnk
2009-03-14 01:54 . 2009-03-14 01:49 1878888 ----a-w- c:\program files\install_flash_player.exe
2009-03-03 18:55 . 2009-03-03 18:55 438592 ----a-w- c:\program files\yahoo.exe
2009-02-04 21:33 . 2009-02-04 21:31 7521112 ----a-w- c:\program files\Firefox Setup 3.0.6.exe
2009-02-02 17:52 . 2009-02-02 17:52 9934392 ----a-w- c:\program files\picasa3-setup.exe
2009-01-25 04:07 . 2009-01-25 04:07 561384 ----a-w- c:\program files\stb_installer.exe
2009-01-14 11:37 . 2009-01-14 11:36 13112552 ----a-w- c:\program files\Quicken_WillMaker_Plus_2009.exe
2009-01-14 11:36 . 2009-01-14 11:34 15903600 ----a-w- c:\program files\Quicken_Home_Inventory.exe
2009-01-14 11:34 . 2009-01-14 11:29 74961912 ----a-w- c:\program files\Quicken_Deluxe_2009.exe
2008-12-07 02:06 . 2002-12-28 11:57 13440584 ----a-w- c:\program files\Install_AIM.exe
2008-09-08 15:29 . 2008-09-08 15:29 8145864 ----a-w- c:\program files\yahoo_firefox_setup-3.0.exe
2008-09-05 01:43 . 2008-09-05 01:43 15452536 ----a-w- c:\program files\IE7-WindowsXP-x86-enu.exe
2008-08-18 13:09 . 2008-08-18 13:09 1277680 ----a-w- c:\program files\CouponPrinter.exe
2008-07-22 10:54 . 2008-07-22 10:54 13725112 ----a-w- c:\program files\sdasetup.exe
2008-07-13 16:06 . 2008-07-13 16:06 357936 ----a-w- c:\program files\RealPlayer11GOLD.exe
2008-07-08 01:01 . 2008-07-08 01:02 94808 ----a-w- c:\program files\g2m_download.exe
2008-07-05 04:03 . 2008-07-05 03:58 49384056 ----a-w- c:\program files\avg_free_stf_all_8_100a1323.exe
2008-06-17 20:15 . 2008-06-17 20:15 878760 ----a-w- c:\program files\Support-LogMeInRescue.exe
2008-06-17 19:00 . 2008-06-17 19:00 7024640 ----a-w- c:\program files\winzip112.msi
2008-05-26 15:29 . 2008-05-26 14:33 47787248 ----a-w- c:\program files\avg_free_stf_en_8_100a1295.exe
2008-04-29 10:21 . 2008-04-29 10:21 6104632 ----a-w- c:\program files\picasaweb-current-setup.exe
2008-03-19 14:42 . 2008-03-19 14:41 13287492 ----a-w- c:\program files\slideshowzilla_setup.exe
2008-03-19 14:26 . 2008-03-19 14:26 16546616 ----a-w- c:\program files\setup_fssmpro.exe
2008-03-18 10:10 . 2008-03-18 10:10 7773470 ----a-w- c:\program files\CD.EXE
2008-02-26 21:06 . 2008-02-26 21:05 8394802 ----a-w- c:\program files\ZillaTubeSetup.exe
2008-02-14 02:21 . 2008-02-14 02:20 28132288 ----a-w- c:\program files\Avery_Wizard_31_3.exe
2007-12-11 00:00 . 2007-12-11 00:00 238512 ----a-w- c:\program files\SmileboxInstaller.exe
2007-11-12 21:24 . 2007-11-12 21:23 3365915 ----a-w- c:\program files\freeTetris.exe
2007-11-01 11:56 . 2007-11-01 12:14 2255816 ----a-w- c:\program files\mp3wav.exe
2007-10-24 21:00 . 2007-10-24 21:00 7068957 ----a-w- c:\program files\cpg272mst.exe
2007-10-24 20:07 . 2007-10-24 20:07 7068504 ----a-w- c:\program files\cpg272pro.exe
2007-10-23 20:33 . 2007-10-23 20:33 3380048 ----a-w- c:\program files\LimeWireWin.exe
2007-10-23 20:23 . 2007-10-23 20:21 35378168 ----a-w- c:\program files\Avery_Wizard_Holiday.exe
2007-10-23 19:14 . 2007-10-23 18:40 281837392 ----a-w- c:\program files\LEADTOOLSMain.exe
2007-10-02 20:58 . 2007-10-02 20:59 5636464 ----a-w- c:\program files\cpg272std.exe
2007-09-10 14:55 . 2007-09-10 14:56 3044468 ----a-w- c:\program files\cpg272.exe
2005-10-18 01:25 . 2005-10-18 01:25 62651176 ----a-w- c:\program files\Dreamweaver8-en.exe
2005-10-18 00:38 . 2005-10-18 00:39 1936031 ----a-w- c:\program files\Dreamweaver_MX_crack.zip
2005-07-21 01:53 . 2005-07-21 01:54 496240 ----a-w- c:\program files\msgr7us.exe
2005-07-21 01:53 . 2005-07-21 01:53 496240 ----a-w- c:\program files\Yahoo! Messenger.lnk
2005-07-11 01:05 . 2005-07-11 01:05 1799661 ----a-w- c:\program files\ntfree.zip
2005-07-08 00:22 . 2005-07-08 00:22 1860343 ----a-w- c:\program files\ntbpro.zip
2005-07-06 19:33 . 2005-07-06 19:33 2410802 ----a-w- c:\program files\CoffeeFreeZipInstaller.exe
2005-06-30 19:37 . 2005-06-30 03:05 1353360 ----a-w- c:\program files\NetSet.exe
2005-06-20 20:51 . 2005-06-20 20:51 13750503 ----a-w- c:\program files\CoffeeHTML2005.exe
2005-06-03 09:50 . 2005-04-08 20:03 734 ----a-w- c:\program files\hbexport.qif
2005-05-16 23:55 . 2005-05-16 23:55 4277840 ----a-w- c:\program files\icq5_setup.exe
2005-04-10 23:18 . 2005-04-10 23:18 6234476 ----a-w- c:\program files\wordweb.exe
2005-03-12 18:09 . 2005-03-12 17:56 20798256 ----a-w- c:\program files\AdbeRdr70_enu_full.exe
2005-03-12 17:56 . 2005-03-12 17:51 6811904 ----a-w- c:\program files\psa2011se_us.exe
2005-03-12 17:51 . 2005-03-12 17:51 494704 ----a-w- c:\program files\ytb01_efgsip.exe
2005-02-10 08:35 . 2004-08-15 10:54 5244336 ----a-w- c:\program files\SetupDl.exe
2005-01-04 00:12 . 2005-01-04 00:12 6918776 ----a-w- c:\program files\smartdraw_trial_1303.exe
2004-08-24 01:47 . 2004-08-24 01:47 3144082 ----a-w- c:\program files\gcn_setup2.8.1.exe
2004-05-29 00:16 . 2004-05-29 00:16 1290240 ----a-w- c:\program files\mirc614.exe
2004-04-24 02:00 . 2004-04-24 02:00 6024188 ----a-w- c:\program files\yahoo_scrabble1-1_tm1-1.exe
2004-01-17 14:53 . 2004-01-17 14:53 5184456 ----a-w- c:\program files\PuzzleInlayDeluxe.exe
2003-11-16 01:35 . 2003-11-16 01:35 2266608 ----a-w- c:\program files\ec22.exe
2003-10-19 01:30 . 2003-10-19 01:30 6333450 ----a-w- c:\program files\yahoo_mahjongtowers2_tm1-1.exe
2003-10-18 19:53 . 2003-10-18 19:53 3978384 ----a-w- c:\program files\icqpro2003a.exe
2003-10-18 18:46 . 2003-10-18 18:46 36775008 ----a-w- c:\program files\dx90update_redist.exe
2003-10-18 18:33 . 2003-10-18 18:33 42057332 ----a-w- c:\program files\is730enu.exe
2003-10-18 12:11 . 2003-10-18 12:11 7128959 ----a-w- c:\program files\ldm.exe
2003-10-02 02:00 . 2003-10-02 02:00 8516568 ----a-w- c:\program files\RealOnePlayerV2GOLD.exe
2003-09-28 19:47 . 2003-09-28 19:47 4453126 ----a-w- c:\program files\wiz02e.exe
2003-05-21 02:57 . 2003-03-31 20:18 28756477 ----a-w- c:\program files\phim_update.exe
2003-02-11 20:48 . 2003-02-11 20:48 4870527 ----a-w- c:\program files\EZVideo Chat 1206.exe
2003-01-11 00:00 . 2003-01-11 00:00 2884680 ----a-w- c:\program files\dpfunpack.exe
2002-12-25 22:25 . 2002-12-25 22:25 3806711 ----a-w- c:\program files\solsuite.exe
2002-12-25 11:52 . 2002-11-16 16:50 2923823 ----a-w- c:\program files\solplus.exe
2002-04-24 02:18 . 2002-04-24 02:18 1362848 ----a-w- c:\program files\BladePro.zip
2002-04-24 01:50 . 2002-04-24 01:50 13273 ----a-w- c:\program files\setuplog.txt
2002-02-19 20:45 . 2002-02-19 20:45 581296 ----a-w- c:\program files\oxpauiu.exe
2002-01-30 14:00 . 2002-01-30 14:00 59992 ----a-w- c:\program files\msnaddin.exe
2000-04-07 09:12 . 2004-09-12 11:25 2893952 ----a-w- c:\program files\PPView97.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 19:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 21:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft NetMeeting"="c:\program files\NetMeeting\conf.exe" [2008-04-14 1032192]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"="c:\progra~1\ICQLite\ICQLite.exe" [2005-04-10 2904660]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-06-08 29696]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"LogitechImageStudioTray"="c:\program files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]
"LogitechGalleryRepair"="c:\program files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]
"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-07 196608]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-02-10 1165680]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-02-10 1945960]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-02-10 149024]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-05 185896]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"readericon10"="c:\program files\Multimedia Card Reader\readericon10.exe" [2007-05-03 131072]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"ICQ Lite"="c:\program files\ICQLite\ICQLite.exe" [2005-04-10 2904660]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-02-01 111928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"!CleanupNetMeetingDispDriver"="msconf.dll" [2008-04-14 69632]

c:\documents and settings\Pat Rinker\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2008-9-24 581632]
Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-421PC_TEW-423PI\WlanCU.exe [2010-7-28 368640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Billminder.lnk]
backup=c:\windows\pss\Billminder.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
backup=c:\windows\pss\MyWebSearch Email Plugin.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
backup=c:\windows\pss\PowerReg Scheduler.exeCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
backup=c:\windows\pss\Quicken Scheduled Updates.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Startup.lnk]
backup=c:\windows\pss\Quicken Startup.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Pat Rinker^Start Menu^Programs^Startup^FriendFinder Messenger.lnk]
backup=c:\windows\pss\FriendFinder Messenger.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Pat Rinker^Start Menu^Programs^Startup^HotSync Manager.lnk]
backup=c:\windows\pss\HotSync Manager.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Pat Rinker^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
backup=c:\windows\pss\MyWebSearch Email Plugin.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ SystemBoot
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eyeball Chat
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileboxTray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WildTangent CDA
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WT GameChannel
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\_SystemBoot
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\_Windows

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\[You must be registered and logged in to see this link.]
"c:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=

R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [02/24/2009 3:52 AM 51488]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [02/24/2009 3:52 AM 39200]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [03/30/2009 7:35 AM 159600]
R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control;c:\windows\system32\drivers\WLNdis50.sys [07/28/2010 5:38 PM 20480]
S2 SampleScanner;e+ 48U Scanner;c:\windows\system32\DRIVERS\Artec48.sys --> c:\windows\system32\DRIVERS\Artec48.sys [?]
S2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" --> c:\program files\Viewpoint\Common\ViewpointService.exe [?]
S2 WLSVC;WLSVC;c:\program files\TRENDnet\TEW-421PC_TEW-423PI\WLSVC.exe [07/28/2010 5:38 PM 167936]
S3 FA31X;NETGEAR FA311/FA312 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\FA31XND5.SYS [04/25/2005 8:19 PM 16007]
S3 mr97310c;CIF Dual-Mode Camera;c:\windows\system32\drivers\mr97310c.sys [12/29/2006 9:46 AM 121472]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [03/30/2009 5:20 AM 64392]
S3 S3SAVAGE4M;S3SAVAGE4M;c:\windows\system32\drivers\s3sav4m.sys [02/07/2007 3:17 PM 77824]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [07/22/2008 4:51 PM 348752]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [02/24/2009 3:52 AM 33056]
S3 ThreatFire;ThreatFire;c:\program files\Spyware Doctor\TFEngine\TFService.exe service --> c:\program files\Spyware Doctor\TFEngine\TFService.exe service [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 08:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder

2010-08-24 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-04-16 14:59]

2010-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-08-24 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-05-26 19:23]

2010-08-23 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2003-10-12 16:24]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost;*.local
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open Picture in &Microsoft PhotoDraw - c:\progra~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
Trusted Zone: aol.com\free
DPF: Microsoft XML Parser for Java - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\documents and settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\{0d2b1800-ef08-4e82-9be9-07e5044b5da2}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Pat Rinker\Application Data\Mozilla\Firefox\Profiles\pnivduke.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - plugin: c:\documents and settings\Pat Rinker\Local Settings\Application Data\Yahoo!\BrowserPlus\2.4.17\Plugins\npybrowserplus_2.4.17.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.interval - 750000
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHANS REMOVED - - - -

Toolbar-SITEguard - (no file)
HKLM-Run-RegisterDropHandler - c:\progra~1\TEXTBR~1.0\Bin\REGIST~1.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-08-23 19:55
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(808)
c:\windows\system32\relog_ap.dll
c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll

- - - - - - - > 'explorer.exe'(3384)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\progra~1\TEXTBR~1.0\Bin\TBMHOOK.dll
c:\windows\system32\ieframe.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
c:\windows\system32\devldr32.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\Logitech\SetPoint\KHALMNPR.EXE
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2010-08-23 20:02:51 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-24 00:02

Pre-Run: 26,027,847,680 bytes free
Post-Run: 26,747,363,328 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 5B3C4BBA454D35F5DBAC2ECF8C63EF7E

parinker

Newbie Surfer
Newbie Surfer

Posts : 29
Joined : 2010-08-10
Operating System : windows 7

View user profile

Back to top Go down

Re: My PC continuously restarts

Post by Sneakyone on Wed 25 Aug 2010, 1:42 pm

Hi.

Please download Malwarebytes Anti-Malware from Here.


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: My PC continuously restarts

Post by parinker on Thu 26 Aug 2010, 7:28 am

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4478

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

08/25/2010 4:20:41 PM
mbam-log-2010-08-25 (16-20-41).txt

Scan type: Quick scan
Objects scanned: 170302
Time elapsed: 14 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 42
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\All Users\Start Menu\Programs\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Pat Rinker\Desktop\SmileyCentralPFSetup2.1.60.1.ZNfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\IWONSetup2.3.50.62.SA.HP.ZLfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\silc.dat (Spyware.MarketScore) -> Quarantined and deleted successfully.

parinker

Newbie Surfer
Newbie Surfer

Posts : 29
Joined : 2010-08-10
Operating System : windows 7

View user profile

Back to top Go down

Re: My PC continuously restarts

Post by Sneakyone on Thu 26 Aug 2010, 4:00 pm

Hi.

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: My PC continuously restarts

Post by parinker on Wed 01 Sep 2010, 6:07 am

i have attempted several times to run the above. It gets part way through and reboots. I have been able to run the other scans. Not sure what i am doing wrong

parinker

Newbie Surfer
Newbie Surfer

Posts : 29
Joined : 2010-08-10
Operating System : windows 7

View user profile

Back to top Go down

Re: My PC continuously restarts

Post by Sneakyone on Thu 02 Sep 2010, 10:22 am

Hi.

Try this one:

Please go to Kaspersky website and perform an online antivirus scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.


  • I'm livin' life in the fast lane.


    Sneakyone

    Tech Officer
    Tech Officer

    Posts : 2707
    Joined : 2010-01-10
    Operating System : Windows 7 Ultimate 64-bit

    View user profile http://twitter.com/AVerySneakyone

    Back to top Go down

    My PC continuously restarts

    Post by parinker on Fri 03 Sep 2010, 8:02 am

    i am still having a problem with the pc still restarting. I have been able to get through the scans so far in regular mode. Now all of a sudden it is back to the restarting. When i try to do the scan from safe mode i can't get it to connect to the internet in spite of choosing to work in safe mode with networking. I will be away for a few days so will try whatever you suggest at that time. Thank You for your patience and you hard work.

    parinker

    Newbie Surfer
    Newbie Surfer

    Posts : 29
    Joined : 2010-08-10
    Operating System : windows 7

    View user profile

    Back to top Go down

    Re: My PC continuously restarts

    Post by Sneakyone on Sat 04 Sep 2010, 5:17 pm

    Hi.

    Download the GMER Rootkit Scanner. Unzip it to your Desktop.

    Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

    Double-click gmer.exe. The program will begin to run.

    **Caution**
    These types of scans can produce false positives. Do NOT take any action on any
    "<--- ROOKIT" entries unless advised!

    If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

    • Click NO
    • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
    • Now click the Scan button.
      Once the scan is complete, you may receive another notice about rootkit activity.
    • Click OK.
    • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
    • Save it where you can easily find it, such as your desktop.

    Post the contents of GMER.txt in your next reply.


    I'm livin' life in the fast lane.


    Sneakyone

    Tech Officer
    Tech Officer

    Posts : 2707
    Joined : 2010-01-10
    Operating System : Windows 7 Ultimate 64-bit

    View user profile http://twitter.com/AVerySneakyone

    Back to top Go down

    Re: My PC continuously restarts

    Post by Sponsored content Today at 12:43 pm


    Sponsored content


    Back to top Go down

    View previous topic View next topic Back to top


     
    Permissions in this forum:
    You cannot reply to topics in this forum