Logfile of random's system information tool 1.04 (written by random/random)
Run by Randall Magowan at 2008-10-10 09:20:31
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 32 GB (81%) free of 40 GB
Total RAM: 1535 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:53 AM, on 10/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
F:\MozyHome\mozybackup.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
F:\WinPatrol\WinPatrol.exe
C:\WINDOWS\system32\ctfmon.exe
F:\MozyHome\mozystat.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Randall Magowan\Desktop\RSIT.exe
F:\Program Files\HijackThis\Randall Magowan.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8118;https=127.0.0.1:8118
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: SearchPerks! Perk Counter - {2787EA8E-8D87-48af-88AD-B30246C917AB} - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SearchPerks! Perk Counter - {2787EA8E-8D87-48af-88AD-B30246C917AB} - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll
O4 - HKCU\..\Run: [WinPatrol System Monitor] F:\WinPatrol\WinPatrol.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: MozyHome Status.lnk = F:\MozyHome\mozystat.exe
O4 - Global Startup: Privoxy.lnk = F:\Program Files\Privoxy\privoxy.exe
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.3.24.3\gears.dll
O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.3.24.3\gears.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.https
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://www.pcpitstop.com/betapit/PCPitStop.CABO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - F:\Program Files\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MozyHome Backup Service (mozybackup) - Unknown owner - F:\MozyHome\mozybackup.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 5664 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTask.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{BE91D356-EB1B-49BB-AEC0-30B9DBA04509}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-09-24 756840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2787EA8E-8D87-48af-88AD-B30246C917AB}]
SearchPerks! Perk Counter - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll [2008-09-30 514096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-09-03 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-12-14 392240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2787EA8E-8D87-48af-88AD-B30246C917AB} - SearchPerks! Perk Counter - C:\Program Files\SearchPerks! Perk Counter\Bmbho.dll [2008-09-30 514096]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol System Monitor"=F:\WinPatrol\WinPatrol.exe [2007-12-14 271936]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
MozyHome Status.lnk - F:\MozyHome\mozystat.exe
Privoxy.lnk - F:\Program Files\Privoxy\privoxy.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
F:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=F:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
:\WINDOWS\system32\srrst
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows NT\Accessories\wordpad.exe"="C:\Program Files\Windows NT\Accessories\wordpad.exe:*:Disabled:wordpad.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2008-10-10 09:20:31 ----D---- C:\rsit
2008-10-09 10:20:19 ----D---- C:\Program Files\SearchPerks! Perk Counter
2008-10-07 11:52:26 ----HD---- C:\$AVG8.VAULT$
2008-09-13 14:59:15 ----D---- C:\Documents and Settings\Randall Magowan\Application Data\MiniLyrics
2008-09-13 08:11:42 ----D---- C:\Documents and Settings\Randall Magowan\Application Data\Amazon
2008-09-13 05:59:10 ----A---- C:\WINDOWS\iTouch.ini
2008-09-13 05:56:57 ----D---- C:\Program Files\Common Files\Logitech
2008-09-13 05:56:57 ----A---- C:\WINDOWS\system32\MSVCI70.DLL
======List of files/folders modified in the last 1 months======
2008-10-10 09:20:51 ----D---- C:\WINDOWS\Temp
2008-10-10 09:20:51 ----D---- C:\WINDOWS\Prefetch
2008-10-10 09:12:11 ----AC---- C:\WINDOWS\lexstat.ini
2008-10-10 08:43:18 ----SD---- C:\WINDOWS\Tasks
2008-10-10 08:40:28 ----D---- C:\WINDOWS\system32\NtmsData
2008-10-10 08:40:24 ----D---- C:\WINDOWS\system32\drivers
2008-10-10 08:39:17 ----AC---- C:\WINDOWS\SchedLgU.Txt
2008-10-10 08:38:06 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-10 08:23:01 ----D---- C:\WINDOWS\system32
2008-10-10 08:23:01 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-09 10:20:24 ----SHD---- C:\WINDOWS\Installer
2008-10-09 10:20:24 ----D---- C:\Config.Msi
2008-10-09 10:20:20 ----SD---- C:\Documents and Settings\Randall Magowan\Application Data\Microsoft
2008-10-09 10:20:19 ----RD---- C:\Program Files
2008-10-08 07:37:33 ----AC---- C:\WINDOWS\dellstat.ini
2008-10-08 07:25:37 ----D---- C:\Documents and Settings\Randall Magowan\Application Data\OpenOffice.org2
2008-10-06 05:46:29 ----D---- C:\WINDOWS\Help
2008-10-05 14:30:18 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-05 13:59:44 ----D---- C:\Documents and Settings
2008-10-05 11:01:07 ----D---- C:\WINDOWS
2008-10-04 10:02:58 ----RSD---- C:\WINDOWS\assembly
2008-10-04 10:02:23 ----D---- C:\WINDOWS\WinSxS
2008-10-04 10:01:52 ----D---- C:\Program Files\Paint.NET
2008-10-03 07:21:43 ----D---- C:\Program Files\IEPro
2008-10-02 15:54:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-02 15:54:15 ----D---- C:\Program Files\Windows Live
2008-10-02 15:52:36 ----D---- C:\WINDOWS\system32\DirectX
2008-09-24 12:30:27 ----HD---- C:\WINDOWS\inf
2008-09-24 10:19:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-09-24 07:30:41 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-22 09:42:50 ----D---- C:\WINDOWS\Debug
2008-09-21 08:51:21 ----D---- C:\Program Files\OpenOffice.org 2.4
2008-09-21 08:44:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-13 05:57:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-13 05:56:57 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-13 05:56:57 ----D---- C:\Program Files\Common Files
2008-09-12 10:55:55 ----D---- C:\temp
2008-09-12 06:59:55 ----D---- C:\Program Files\Common Files\InstallShield
2008-09-11 14:04:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-11 13:29:48 ----D---- C:\WINDOWS\system32\config
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-09-03 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-09-03 26824]
R1 mozyFilter;mozyFilter; C:\WINDOWS\system32\DRIVERS\mozy.sys [2008-07-14 53752]
R1 SASDIFSV;SASDIFSV; \??\F:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\F:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 ALIEHCD;ALi PCI to USB Enhanced Host Controller; C:\WINDOWS\System32\Drivers\ALIEHCI.sys [2003-09-15 109024]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-09-03 76040]
R3 aliroothub;USB 2.0 Root Hub; C:\WINDOWS\system32\DRIVERS\AliRtHub.sys [2003-09-09 2944]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
R3 P1110VID;Creative WebCam NX; C:\WINDOWS\system32\DRIVERS\P1110Vid.sys [2006-04-06 68608]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2006-08-10 204672]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-01-13 70001]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtApm;NT Apm/Legacy Interface Driver; C:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-08-17 9344]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SABProcEnum;SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys []
S3 SASENUM;SASENUM; \??\F:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2008-05-14 81272]
S4 cmdHlp;COMODO Firewall Pro Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2008-05-14 23672]
S4 Inspect;COMODO Firewall Pro Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2008-05-14 75384]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-03 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-03 231704]
R2 mozybackup;MozyHome Backup Service; F:\MozyHome\mozybackup.exe [2008-07-14 87344]
R2 UPHClean;User Profile Hive Cleanup; C:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2006-04-18 311296]
S3 aawservice;Lavasoft Ad-Aware Service; F:\Program Files\Ad-Aware\aawservice.exe [2008-09-18 611664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2008-04-13 33280]
S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2008-04-13 8704]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S4 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-07-24 39936]
S4 gupdate1c8d91d3f168f82;Google Update Service (gupdate1c8d91d3f168f82); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-03 136120]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 Shavlik Scheduler;Shavlik Remote Scheduler Service; C:\WINDOWS\ProPatches\Scheduler\stSchedEx.exe [2007-04-25 759408]
S4 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-10-10 09:20:55
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
AC3Filter (remove only)-->D:\Program Files\AC3Filter\uninstall.exe
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Media Player-->MsiExec.exe /I{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}
Advanced Disk Cleaner-->MsiExec.exe /X{6C2EDF63-C83B-4AAD-AC26-1784660F618B}
Advanced WindowsCare Personal-->"F:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe"
ALi USB2.0 Driver-->C:\WINDOWS\system32\UnUSB20.EXE RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8E1DCD15-C9F1-49CE-807B-198C8241EB6B}\Setup.exe" -uninst
Amazon MP3 Downloader 1.0.3-->D:\Program Files\Amazon\MP3 Downloader\Uninstall.exe
Ashampoo Burning Studio 6 FREE-->"E:\Program Files\Ashampoo Burning Studio 6\unins000.exe"
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.3.5 (Unicode)-->"D:\Program Files\Audacity\Audacity 1.3 Beta (Unicode)\unins000.exe"
AusLogics Disk Defrag-->"F:\Program Files\Auslogics\AusLogics Disk Defrag\AusLogics Disk Defrag\unins000.exe"
AusLogics Registry Defrag-->"F:\Program Files\Auslogics\AusLogics Registry Defrag\unins000.exe"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
CCleaner (remove only)-->"F:\Program Files\CCleaner\uninst.exe"
CodeStuff Starter-->"F:\Program Files\CodeStuff\Starter\unStarter.exe"
DivX Codec-->E:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DVD Decrypter (Remove Only)-->"E:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"E:\Program Files\DVD Shrink\unins000.exe"
Express Burn-->C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe
Express Rip-->C:\Program Files\NCH Swift Sound\ExpressRip\uninst.exe
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Free Audio Editor 2008 v3.8-->"D:\Program Files\Free Audio Editor\unins000.exe"
Free WMA to MP3 Converter 1.16-->"D:\Program Files\Free WMA to MP3 Converter\unins000.exe"
GMail Drive Shell Extension-->rundll32.exe C:\WINDOWS\system32\ShellExt\GMailFS.dll,Uninstall C:\WINDOWS\system32\ShellExt\GMailFS.inf
Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
Google Gears-->MsiExec.exe /I{8A7F9328-7B91-3E20-80BF-85F35C8B0C0E}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\Professional\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\Professional\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly
Google Update-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Documents and Settings\Randall Magowan\Desktop\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
IE7Pro-->C:\Program Files\IEPro\uninst.exe
InfraRecorder-->D:\Program Files\InfraRecorder\uninstall.exe
IrfanView (remove only)-->I:\Program Files\IrfanView\iv_uninstall.exe
IsoBuster 2.0-->"E:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LADSPA_plugins-win-0.4.15-->"D:\Program Files\Audacity\Plug-Ins\unins000.exe"
Lexmark 1200 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXCZUN5C.EXE -dLexmark 1200 Series
Logitech iTouch Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\Setup.exe" -l0x9 UNINSTALL
Medi@Show-->C:\WINDOWS\IsUninst.exe -fe:\Uninst.isu
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Base Smart Card Cryptographic Service Provider Package-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Reader Text-to-Speech for English-->MsiExec.exe /X{E0E400F5-422B-4540-A14F-B0739D71FEE7}
Microsoft Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x9
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Microsoft WorldWide Telescope-->MsiExec.exe /I{F9C80FE8-DB25-4EE5-AE6D-4332FB0E8B83}
MozyHome 1.8.10.0-->"F:\MozyHome\uninstall\unins000.exe"
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
nCleaner second 2.3.4.0-->F:\Program Files\nCleaner\uninstall.exe
NoAd HOSTS file (remove only)-->"C:\Program Files\NoAd HOSTS file\uninst.exe"
OLYMPUS CAMEDIA Master 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\setup.exe" CAMEDIA Master 4.2
OpenOffice.org 2.4-->MsiExec.exe /I{2CD2C0DB-81C3-416B-9FA6-589B9235359B}
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Recordpad-->C:\Program Files\NCH Swift Sound\Recordpad\uninst.exe
SearchPerks! Perk Counter-->MsiExec.exe /X{0980C810-4CEF-465A-8064-1EC4DC6572D2}
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
SpyStopper Pro-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\SpyStopper Pro\UnInst.log" "/APPNAME=SpyStopper Pro"
SpywareBlaster 4.1-->"F:\Program Files\SpywareBlaster\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Switch Sound File Converter-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Unlocker 1.8.7-->F:\Program Files\Unlocker\uninst.exe
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
User Profile Hive Cleanup Service-->MsiExec.exe /I{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}
VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VIA Vinyl Audio Codecs Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -y-f"C:\PROGRA~1\VIAudioi\SBASetup\Uninst.isu"
VST Bridge 1.1-->"D:\Program Files\Audacity\Plug-Ins\VST Bridge\unins000.exe"
WavePad Sound Editor-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Winamp-->"D:\Program Files\Winamp\UninstWA.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Photo Gallery-->MsiExec.exe /X{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
Windows Live Writer-->MsiExec.exe /X{9176251A-4CC1-4DDB-B343-B487195EB397}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Support Tools-->MsiExec.exe /I{8398B542-3CC4-44D9-83DF-696CCE70124B}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPatrol 2007-->F:\WINPAT~1\Setup.exe /remove /q0
XP Codec Pack-->D:\Program Files\XP Codec Pack\Uninstall.exe
=====HijackThis Backups=====
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Shavlik File Transfer Service (FTService) - Unknown owner - C:\Documents and Settings\Randall Magowan\Local Settings\Temp\NetChk\5.9.0.145\FTService.exe (file missing)
O24 - Desktop Component 0: (no name) - (no file)
O23 - Service: NetChk Patch Service (NetChkPatch) - Unknown owner - C:\Documents and Settings\Randall Magowan\Local Settings\Temp\NetChk\5.9.0.145\HfNetChkProService.exe (file missing)
O24 - Desktop Component 0: (no name) - (no file)
O24 - Desktop Component 0: (no name) - (no file)
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O20 - Winlogon Notify: !SASWinLogon - F:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O24 - Desktop Component 0: (no name) - (no file)
======Hosts File======
127.0.0.1 localhost #this is not an ad server this is your PC
127.0.0.1
http://www.doubleclick.net127.0.0.1 ad.preferences.com
127.0.0.1 ads.doubleclick.com
127.0.0.1 ads.infospace.com
127.0.0.1 ads.msn.com
127.0.0.1 ads.switchboard.com
127.0.0.1 ads.doubleclick.net
127.0.0.1 ad2.doubleclick.net
127.0.0.1 ad3.doubleclick.net
======Security center information======
AV: AVG Anti-Virus Free (disabled)
FW: COMODO Firewall Pro
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"DEVMGR_SHOW_NONPRESENT_DEVICES"=1
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;F:\Program Files\Support Tools\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=2c02
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
-----------------EOF-----------------