xixo_12,
i had a mishap while running combofix. while it was running avg started a scheduled scan. i am almost certain i had scheduled scanning disabled. i hate scheduled scanning. i feel awful.
i used the ERDNT.exe restore point that was just created before combofix started. it appears that no harm was done. i continued with your instructions right from the beginning (january 6 post).
i have for you:
1. combofix log
2. status of jotti scans
3. rsit logs
the computer is slow for typing at times.
thank you.
ComboFix 10-01-04.01 - Owner 01/07/2010 0:06.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.227 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FILE ::
"c:\documents and settings\All Users\Start Menu\Programs\Startup\AntiVirus Plus.lnk"
"c:\documents and settings\Owner\Start Menu\Programs\Startup\AntiVirus Plus.lnk"
"c:\documents and settings\Owner\Start Menu\Programs\Startup\LimeWire On Startup.lnk"
"c:\windows\pss\AntiVirus Plus.lnkCommon Startup"
"c:\windows\pss\AntiVirus Plus.lnkStartup"
"c:\windows\pss\LimeWire On Startup.lnkStartup"
"c:\windows\system32\drivers\aiasjkmatnl.sys"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Kazaa
c:\program files\Kazaa\bdcore.dll
c:\program files\Kazaa\bdupd.dll
c:\program files\Kazaa\broadband.gif
c:\program files\Kazaa\Db\bb.db
c:\program files\Kazaa\Db\data256.dbb
c:\program files\Kazaa\Db\np.tmp
c:\program files\Kazaa\Help\arrow.gif
c:\program files\Kazaa\Help\arrow_sml.gif
c:\program files\Kazaa\Help\background.gif
c:\program files\Kazaa\Help\h_mykazaa.gif
c:\program files\Kazaa\Help\h_myMedia.gif
c:\program files\Kazaa\Help\h_myplaylists.gif
c:\program files\Kazaa\Help\mykazaa.css
c:\program files\Kazaa\Help\mykazaa.htm
c:\program files\Kazaa\Help\mymedia.htm
c:\program files\Kazaa\Help\myplaylists.htm
c:\program files\Kazaa\Help\spacer.gif
c:\program files\Kazaa\kazaa.exe
c:\program files\Kazaa\Kazaa.url
c:\program files\Kazaa\libfn.dll
c:\program files\Kazaa\linksfolder.ico
c:\program files\Kazaa\My Shared Folder\Alternative Rock.kpl
c:\program files\Kazaa\My Shared Folder\Electronica.kpl
c:\program files\Kazaa\My Shared Folder\Folk.kpl
c:\program files\Kazaa\My Shared Folder\Funk.kpl
c:\program files\Kazaa\My Shared Folder\Hip-Hop.kpl
c:\program files\Kazaa\My Shared Folder\Jazz.kpl
c:\program files\Kazaa\My Shared Folder\Pop Rock.kpl
c:\program files\Kazaa\My Shared Folder\R&B.kpl
c:\program files\Kazaa\My Shared Folder\Reggae.kpl
c:\program files\Kazaa\My Shared Folder\World Beat.kpl
c:\program files\Kazaa\Promotions\Earn Money.url
c:\program files\Kazaa\Promotions\Get Access with Tiscali.url
c:\program files\Kazaa\Promotions\Love and Dating.url
c:\program files\Kazaa\Promotions\Netflix.url
c:\program files\Kazaa\Promotions\readme.lnk
c:\program files\Kazaa\Search\kazaa.css
c:\program files\Kazaa\Search\KazaaAd.htm
c:\program files\Kazaa\Search\spacer.gif
c:\program files\Kazaa\Search\WebSearch.htm
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_mykazaa.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_mykazaa_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_mykazaa_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_mykazaa_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_search.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_search_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_search_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_search_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_shop.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_shop_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_shop_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_shop_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_start.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_start_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_start_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_start_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_tell.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_tell_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_tell_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_tell_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_theatre.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_theatre_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_theatre_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_theatre_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_traffic.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_traffic_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_traffic_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mainbar_traffic_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_addtoplay.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_addtoplay_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_addtoplay_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_addtoplay_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_next.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_next_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_next_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_next_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_pause.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_pause_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_pause_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_pause_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_play.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_play_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_play_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_play_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_prev.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_prev_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_prev_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_prev_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_slider.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_sliderThumb.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_sliderThumb_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_stop.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_stop_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_stop_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_stop_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_volume.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_volume_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_volume_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mediabar_volume_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_delete.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_delete_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_delete_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_delete_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_folders.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_folders_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_folders_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_folders_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_importfold.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_importfold_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_importfold_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_importfold_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_moreinfo.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_moreinfo_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_moreinfo_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_moreinfo_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_share.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_share_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_share_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\mykazaabar_share_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_download.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_download_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_download_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_download_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_messageuser.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_messageuser_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_messageuser_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_messageuser_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_newsearch.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_newsearch_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_newsearch_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_newsearch_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_searchuser.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_searchuser_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_searchuser_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_searchuser_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_showsearch.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_showsearch_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_showsearch_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\searchbar_showsearch_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\skin.xml
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_back.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_back_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_back_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_back_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_fwd.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_fwd_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_fwd_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_fwd_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_home.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_home_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_home_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_home_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_refresh.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_refresh_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_refresh_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_refresh_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_stop.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_stop_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_stop_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\startbar_stop_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\theatrebar_fullscreen.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\theatrebar_fullscreen_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\theatrebar_fullscreen_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\theatrebar_fullscreen_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_cancel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_cancel_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_cancel_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_cancel_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_pause.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_pause_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_pause_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_pause_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_resume.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_resume_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_resume_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\trafficbar_resume_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\window_btm.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\window_btmLeft.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\window_btmright.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\window_left.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\window_right.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\window_top.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\window_topleft.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\window_topright.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_close.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_close_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_close_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_close_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_maximise.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_maximise_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_maximise_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_maximise_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_minimise.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_minimise_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_minimise_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_minimise_sel.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_restore.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_restore_dis.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_restore_over.bmp
c:\program files\Kazaa\Skins\Love & Romance - by AmericanSingles.com\windowbar_restore_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_mykazaa.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_mykazaa_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_mykazaa_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_mykazaa_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_search.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_search_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_search_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_search_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_shop.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_shop_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_shop_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_shop_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_start.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_start_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_start_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_start_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_theatre.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_theatre_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_theatre_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_theatre_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_traffic.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_traffic_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_traffic_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mainbar_traffic_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_addtoplay.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_addtoplay_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_addtoplay_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_addtoplay_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_next.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_next_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_next_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_next_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_pause.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_pause_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_pause_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_pause_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_play.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_play_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_play_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_play_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_prev.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_prev_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_prev_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_prev_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_slider.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_sliderThumb.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_sliderThumb_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_stop.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_stop_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_stop_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_stop_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_tell.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_tell_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_tell_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_tell_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_volume.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_volume_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_volume_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mediabar_volume_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_delete.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_delete_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_delete_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_delete_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_folders.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_folders_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_folders_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_folders_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_importfold.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_importfold_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_importfold_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_importfold_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_moreinfo.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_moreinfo_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_moreinfo_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_moreinfo_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_share.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_share_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_share_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\mykazaabar_share_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_closetabs.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_closetabs_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_closetabs_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_closetabs_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_download.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_download_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_download_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_download_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_messageuser.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_messageuser_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_messageuser_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_messageuser_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_newsearch.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_newsearch_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_newsearch_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_newsearch_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_searchuser.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_searchuser_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_searchuser_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_searchuser_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_showsearch.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_showsearch_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_showsearch_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\searchbar_showsearch_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\skin.xml
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_back.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_back_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_back_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_back_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_fwd.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_fwd_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_fwd_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_fwd_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_home.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_home_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_home_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_home_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_refresh.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_refresh_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_refresh_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_refresh_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_stop.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_stop_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_stop_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\startbar_stop_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\theatrebar_fullscreen.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\theatrebar_fullscreen_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\theatrebar_fullscreen_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\theatrebar_fullscreen_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_cancel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_cancel_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_cancel_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_cancel_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_pause.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_pause_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_pause_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_pause_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_resume.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_resume_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_resume_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\trafficbar_resume_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\vssver.scc
c:\program files\Kazaa\Skins\Toasted Sherbert\window_btm.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\window_btmLeft.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\window_btmright.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\window_left.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\window_right.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\window_top.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\window_topleft.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\window_topright.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_close.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_close_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_close_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_close_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_maximise.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_maximise_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_maximise_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_maximise_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_minimise.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_minimise_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_minimise_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_minimise_sel.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_restore.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_restore_dis.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_restore_over.bmp
c:\program files\Kazaa\Skins\Toasted Sherbert\windowbar_restore_sel.bmp
c:\windows\pss\AntiVirus Plus.lnkCommon Startup
c:\windows\pss\AntiVirus Plus.lnkStartup
c:\windows\pss\LimeWire On Startup.lnkStartup
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_USSCAVQMGEXRGP
-------\Service_usscavqmgexrgp
((((((((((((((((((((((((( Files Created from 2009-12-07 to 2010-01-07 )))))))))))))))))))))))))))))))
.
2010-01-04 06:13 . 2010-01-04 06:14 -------- d-----w- C:\rsit
2009-12-30 14:59 . 2009-12-30 14:59 -------- d-----w- c:\program files\CCleaner
2009-12-25 21:13 . 2009-12-28 13:04 -------- d-----w- c:\program files\Panda Security
2009-12-25 16:36 . 2009-12-25 16:36 -------- d-----w- c:\windows\McAfee.com
2009-12-25 13:30 . 2009-12-25 13:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-25 13:27 . 2009-12-25 13:27 -------- d-----w- c:\program files\Java
2009-12-25 04:24 . 2009-12-25 04:24 -------- d-----w- c:\program files\ERUNT
2009-12-25 04:18 . 2009-12-25 04:18 -------- d-sh--w- c:\documents and settings\Owner\IECompatCache
2009-12-25 04:05 . 2009-12-25 04:05 -------- d-----w- c:\program files\Trend Micro
2009-12-24 05:06 . 2009-12-24 05:06 -------- d-sh--w- c:\documents and settings\Administrator.YOUR-W92P4BHLZG\IETldCache
2009-12-24 04:24 . 2009-12-24 04:24 -------- d-----w- C:\$AVG
2009-12-24 04:23 . 2009-12-24 04:23 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-24 04:23 . 2009-12-24 04:23 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-24 04:23 . 2009-12-24 04:23 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-24 04:23 . 2009-12-24 04:23 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-12-24 04:23 . 2010-01-07 04:28 -------- d-----w- c:\windows\system32\drivers\Avg
2009-12-24 04:22 . 2009-12-24 04:22 -------- d-----w- c:\program files\AVG
2009-12-24 04:22 . 2009-12-24 04:22 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2009-12-24 04:10 . 2009-12-24 04:10 -------- d-sh--w- c:\documents and settings\Owner\PrivacIE
2009-12-24 04:05 . 2009-12-24 04:05 -------- d-----w- c:\program files\Kerio
2009-12-23 23:42 . 2009-12-23 23:42 -------- d-sh--w- c:\documents and settings\Owner\IETldCache
2009-12-23 22:46 . 2009-10-29 07:45 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-12-23 22:46 . 2009-10-29 07:45 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-23 22:46 . 2009-10-29 07:45 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-23 22:46 . 2009-10-29 07:45 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-23 22:46 . 2009-10-29 07:45 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2009-12-23 22:46 . 2009-10-29 07:45 11069952 ------w- c:\windows\system32\dllcache\ieframe.dll
2009-12-23 22:45 . 2009-12-23 22:46 -------- d-----w- c:\windows\ie8updates
2009-12-23 22:45 . 2009-10-02 04:44 92160 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-12-23 22:43 . 2009-12-23 22:45 -------- dc-h--w- c:\windows\ie8
2009-12-23 20:17 . 2009-11-21 15:51 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2009-12-23 19:53 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2009-12-23 19:52 . 2009-09-25 05:37 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-23 19:52 . 2009-09-25 05:37 81920 ------w- c:\windows\system32\dllcache\ieencode.dll
2009-12-23 19:51 . 2009-06-10 14:13 84992 ------w- c:\windows\system32\dllcache\avifil32.dll
2009-12-23 19:51 . 2009-06-12 12:31 76288 ------w- c:\windows\system32\dllcache\telnet.exe
2009-12-23 19:50 . 2009-10-13 10:30 270336 ------w- c:\windows\system32\dllcache\oakley.dll
2009-12-23 19:50 . 2009-06-10 06:14 132096 ------w- c:\windows\system32\dllcache\wkssvc.dll
2009-12-23 19:50 . 2009-09-04 21:03 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-12-23 19:49 . 2009-07-17 19:01 58880 ------w- c:\windows\system32\dllcache\atl.dll
2009-12-23 19:49 . 2009-07-17 16:22 1435648 ------w- c:\windows\system32\dllcache\query.dll
2009-12-23 19:48 . 2009-07-29 04:37 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2009-12-23 19:48 . 2009-07-29 04:37 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2009-12-23 19:48 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-12-23 19:46 . 2009-10-12 13:38 149504 ------w- c:\windows\system32\dllcache\rastls.dll
2009-12-23 19:46 . 2009-10-12 13:38 79872 ------w- c:\windows\system32\dllcache\raschap.dll
2009-12-22 01:42 . 2009-06-22 06:44 726528 ----a-w- c:\windows\system32\dllcache\jscript.dll
2009-12-22 01:42 . 2009-08-05 09:01 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-12-22 01:41 . 2009-09-11 14:18 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-12-22 01:41 . 2009-06-25 08:25 54272 ------w- c:\windows\system32\dllcache\wdigest.dll
2009-12-22 01:41 . 2009-06-25 08:25 301568 ------w- c:\windows\system32\dllcache\kerberos.dll
2009-12-22 01:41 . 2009-06-24 11:18 92928 ------w- c:\windows\system32\dllcache\ksecdd.sys
2009-12-21 13:18 . 2009-12-21 13:35 -------- d-----w- c:\documents and settings\Owner\Application Data\ImgBurn
2009-12-21 13:15 . 2009-12-21 13:15 -------- d-----w- c:\program files\ImgBurn
2009-12-21 04:37 . 2009-12-21 04:37 -------- d-----w- c:\windows\system32\scripting
2009-12-21 04:37 . 2009-12-21 04:37 -------- d-----w- c:\windows\l2schemas
2009-12-21 04:37 . 2009-12-21 04:37 -------- d-----w- c:\windows\system32\en
2009-12-21 03:37 . 2000-07-21 15:40 2048 ------w- C:\w2ksect.bin
2009-12-21 03:07 . 2009-12-21 12:58 -------- d-----w- C:\XPSETUP
2009-12-20 13:27 . 2009-12-20 16:27 -------- d-----w- c:\windows\BDOSCAN8
2009-12-19 19:23 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-12-19 19:23 . 2001-08-18 03:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-12-19 19:23 . 2001-08-18 03:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-12-19 19:23 . 2001-08-18 03:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2009-12-19 19:23 . 2001-08-17 17:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-12-19 19:22 . 2002-08-29 06:59 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2009-12-19 19:22 . 2001-08-17 17:12 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
2009-12-19 19:22 . 2001-08-17 18:28 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys
2009-12-19 19:22 . 2001-08-18 03:36 53760 ----a-w- c:\windows\system32\dllcache\wiamsmud.dll
2009-12-19 19:22 . 2001-08-18 03:36 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-12-19 19:22 . 2001-08-17 18:28 701386 ----a-w- c:\windows\system32\dllcache\wdhaalba.sys
2009-12-19 19:22 . 2001-08-17 17:10 35871 ----a-w- c:\windows\system32\dllcache\wbfirdma.sys
2009-12-19 19:20 . 2001-08-17 19:02 230912 ----a-w- c:\windows\system32\dllcache\tosdvd03.sys
2009-12-19 19:19 . 2001-08-17 17:51 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys
2009-12-19 19:18 . 2001-08-18 03:36 386560 ----a-w- c:\windows\system32\dllcache\sgiul50.dll
2009-12-19 19:16 . 2001-08-17 18:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2009-12-19 19:15 . 2001-08-17 18:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
2009-12-19 19:14 . 2001-08-17 17:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2009-12-19 19:14 . 2001-08-17 18:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-12-19 19:14 . 2001-08-17 18:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2009-12-19 19:14 . 2001-08-17 17:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2009-12-19 19:14 . 2001-08-17 17:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2009-12-19 19:14 . 2001-08-17 17:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2009-12-19 19:14 . 2002-08-29 06:59 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2009-12-19 19:12 . 2001-08-17 18:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys
2009-12-19 19:11 . 2001-08-17 18:28 797500 ----a-w- c:\windows\system32\dllcache\ltsmt.sys
2009-12-19 19:10 . 2001-08-17 19:55 6144 ----a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-12-19 19:09 . 2008-04-14 00:09 13463552 ----a-w- c:\windows\system32\dllcache\hwxjpn.dll
2009-12-19 19:08 . 2001-08-17 17:49 322432 ----a-w- c:\windows\system32\dllcache\g400m.sys
2009-12-19 19:07 . 2001-08-17 17:19 63360 ----a-w- c:\windows\system32\dllcache\ess.sys
2009-12-19 19:06 . 2001-08-18 03:36 41046 ----a-w- c:\windows\system32\dllcache\digiisdn.dll
2009-12-19 19:05 . 2001-08-17 18:57 45696 ----a-w- c:\windows\system32\dllcache\cirrus.sys
2009-12-19 19:04 . 2001-08-17 18:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2009-12-19 19:03 . 2001-08-17 17:12 97354 ----a-w- c:\windows\system32\dllcache\aspndis3.sys
2009-12-19 18:59 . 2001-08-17 19:07 101888 ----a-w- c:\windows\system32\dllcache\adpu160m.sys
2009-12-19 18:58 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-12-19 15:36 . 2009-12-19 15:36 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\VS Revo Group
2009-12-19 15:35 . 2009-12-30 15:03 -------- d-----w- c:\program files\VS Revo Group
2009-12-19 05:28 . 2009-12-20 13:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-12-19 05:21 . 2009-12-19 05:21 -------- d-----w- c:\documents and settings\Owner\DoctorWeb
2009-12-19 02:09 . 2009-12-19 02:09 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-12-19 00:59 . 2009-12-19 00:59 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-18 18:54 . 2010-01-04 06:02 -------- d-----w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com
2009-12-18 18:54 . 2010-01-04 06:02 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-18 17:24 . 2009-12-18 17:24 -------- d-----w- c:\documents and settings\Administrator.YOUR-W92P4BHLZG\Local Settings\Application Data\Mozilla
2009-12-18 11:50 . 2010-01-04 06:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-18 11:50 . 2009-12-18 11:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-18 01:58 . 2010-01-04 05:52 -------- d-----w- c:\program files\a-squared Free
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-05 14:55 . 2002-03-18 18:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-04 06:05 . 2003-12-19 22:49 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-04 05:55 . 2003-12-19 22:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-26 13:14 . 2002-11-03 14:21 41168 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-25 13:18 . 2003-12-19 22:44 -------- d-----w- c:\program files\Lavasoft
2009-12-20 13:20 . 2008-04-29 18:45 -------- d-----w- c:\program files\HP
2009-12-19 18:47 . 2002-03-18 18:50 -------- d-----w- c:\program files\ArcSoft
2009-12-19 17:10 . 2003-02-07 22:25 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-12-19 16:31 . 2002-03-18 18:53 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-18 11:44 . 2002-03-18 18:53 -------- d-----w- c:\program files\HPSelect
2009-10-29 07:45 . 2004-01-08 19:23 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:38 . 2004-08-04 07:56 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2004-08-04 07:56 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-04 06:00 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2001-08-18 05:36 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2001-08-18 05:36 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2001-08-18 05:36 79872 ----a-w- c:\windows\system32\raschap.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="NvQTwk" [X]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"S3TRAY2"="S3tray2.exe" [2001-10-04 69632]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2001-06-15 212992]
"PS2"="c:\windows\system32\ps2.exe" [2001-07-03 81920]
"KBD"="c:\hp\KBD\KBD.EXE" [2001-07-06 61440]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2001-08-08 143360]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2001-08-08 90112]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-01-02 2033432]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-25 149280]
c:\documents and settings\Owner\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-12-24 04:23 12464 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Verizon Online Support Center.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Verizon Online Support Center.lnk
backup=c:\windows\pss\Verizon Online Support Center.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^EZNet Startup.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\EZNet Startup.lnk
backup=c:\windows\pss\EZNet Startup.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-08-06 20:03 155648 ----a-w- c:\windows\SYSTEM32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2005-08-02 14:09 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"a2free"=2 (0x2)
"McTskshd.exe"=2 (0x2)
"McDetect.exe"=2 (0x2)
"Lavasoft Ad-Aware Service"=2 (0x2)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\drivers\avgldx86.sys [12/23/2009 11:23 PM 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\SYSTEM32\drivers\avgtdix.sys [12/23/2009 11:23 PM 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [12/23/2009 11:22 PM 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [12/23/2009 11:22 PM 285392]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?]
.
Contents of the 'Scheduled Tasks' folder
2005-08-31 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\System32\OOBE\oobebaln.exe [2001-08-18 00:12]
2005-08-31 c:\windows\Tasks\Registration reminder 3.job
- c:\windows\System32\OOBE\oobebaln.exe [2001-08-18 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/uDefault_Search_URL =
hxxp://srch-us4.hpwis.com/mSearch Bar =
hxxp://srch-us4.hpwis.com/uInternet Settings,ProxyOverride = 127.0.0.1;localhost
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\v3lhl8dy.default\
FF - prefs.js: browser.startup.homepage -
http://www.google.comFF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-01-07 00:19
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3276)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\System32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-01-07 00:28:51 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-07 05:28
ComboFix2.txt 2010-01-05 15:42
Pre-Run: 19,699,359,744 bytes free
Post-Run: 19,617,165,312 bytes free
- - End Of File - - 0675EEDCB8FDD2C0F540F735FE256601
first file was not found C:\WINDOWS\tasks\ (YOUR-W92P4BHLZG-Owner).job
scans for this file found nothing (no detection) c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
http://virusscan.jotti.org/en/scanresul ... 9b6dae7449Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2010-01-07 00:57:52
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 19 GB (56%) free of 33 GB
Total RAM: 510 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:21 AM, on 1/7/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Owner\desktop\rsit.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us4.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us4.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/Shar ... vSniff.cabO16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcafee.com/molbin/share ... insctl.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/microsoftup ... 1366806265O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 1366794203O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
http://download.eset.com/special/eos/OnlineScanner.cabO16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://download.mcafee.com/molbin/share ... cgdmgr.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-l ... cfscan.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 6133 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Registration reminder 2.job
C:\WINDOWS\tasks\Registration reminder 3.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-23 1484056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-25 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"S3TRAY2"=C:\WINDOWS\system32\S3tray2.exe [2001-10-04 69632]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2001-06-15 212992]
"PS2"=C:\WINDOWS\system32\ps2.exe [2001-07-03 81920]
"NvCplDaemon"=NvQTwk,NvCplDaemon initialize []
"KBD"=C:\HP\KBD\KBD.EXE [2001-07-06 61440]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2001-08-07 143360]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2001-08-07 90112]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-01-02 2033432]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-25 149280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-08-06 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-08-02 180269]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Verizon Online Support Center.lnk]
C:\PROGRA~1\VERIZO~1\SUPPOR~1\bin\matcli.exe [2002-08-06 204800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^EZNet Startup.lnk]
C:\WINDOWS\eznrbt.exe [2000-05-09 61952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"a2free"=2
"McTskshd.exe"=2
"McDetect.exe"=2
"Lavasoft Ad-Aware Service"=2
"wuauserv"=2
"wscsvc"=2
"JavaQuickStarterService"=2
C:\Documents and Settings\Owner\Start Menu\Programs\Startup
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-12-23 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-01-07 00:28:56 ----D---- C:\WINDOWS\temp
2010-01-07 00:28:52 ----A---- C:\ComboFix.txt
2010-01-05 10:19:18 ----A---- C:\Boot.bak
2010-01-05 10:19:08 ----RASHD---- C:\cmdcons
2010-01-05 10:17:03 ----A---- C:\WINDOWS\zip.exe
2010-01-05 10:17:03 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-01-05 10:17:03 ----A---- C:\WINDOWS\SWSC.exe
2010-01-05 10:17:03 ----A---- C:\WINDOWS\SWREG.exe
2010-01-05 10:17:03 ----A---- C:\WINDOWS\sed.exe
2010-01-05 10:17:03 ----A---- C:\WINDOWS\PEV.exe
2010-01-05 10:17:03 ----A---- C:\WINDOWS\NIRCMD.exe
2010-01-05 10:17:03 ----A---- C:\WINDOWS\MBR.exe
2010-01-05 10:17:03 ----A---- C:\WINDOWS\grep.exe
2010-01-05 10:15:01 ----D---- C:\Qoobox
2010-01-04 01:13:47 ----D---- C:\rsit
2009-12-30 09:59:18 ----D---- C:\Program Files\CCleaner
2009-12-25 16:13:47 ----D---- C:\Program Files\Panda Security
2009-12-25 11:36:25 ----D---- C:\WINDOWS\McAfee.com
2009-12-25 08:30:32 ----A---- C:\WINDOWS\system32\javaws.exe
2009-12-25 08:30:32 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-12-25 08:30:31 ----A---- C:\WINDOWS\system32\javaw.exe
2009-12-25 08:30:31 ----A---- C:\WINDOWS\system32\java.exe
2009-12-25 08:27:20 ----D---- C:\Program Files\Java
2009-12-24 23:24:26 ----D---- C:\WINDOWS\ERDNT
2009-12-24 23:24:03 ----D---- C:\Program Files\ERUNT
2009-12-24 23:05:34 ----D---- C:\Program Files\Trend Micro
2009-12-23 23:24:19 ----D---- C:\$AVG
2009-12-23 23:23:52 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-12-23 23:22:12 ----D---- C:\Program Files\AVG
2009-12-23 23:22:07 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2009-12-23 23:05:16 ----D---- C:\Program Files\Kerio
2009-12-23 17:52:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-23 17:51:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-23 17:51:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-23 17:51:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-23 17:50:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-23 17:50:36 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-23 17:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-23 17:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-23 17:49:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-23 17:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-23 17:49:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-23 17:48:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-23 17:48:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-23 17:48:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-12-23 17:48:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-12-23 17:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-12-23 17:47:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-23 17:45:58 ----D---- C:\WINDOWS\ie8updates
2009-12-23 17:44:33 ----D---- C:\WINDOWS\WBEM
2009-12-23 17:43:09 ----HDC---- C:\WINDOWS\ie8
2009-12-23 17:39:58 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-23 15:24:57 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-23 15:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-23 15:24:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-23 15:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-23 15:23:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-23 15:23:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-12-23 15:23:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-23 15:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-12-23 15:22:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-23 15:22:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-23 15:21:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-12-23 15:21:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-12-23 15:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-23 15:06:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-23 15:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-12-23 15:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-12-23 15:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-12-23 14:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-12-23 14:53:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-23 14:52:11 ----N---- C:\WINDOWS\system32\ieencode.dll
2009-12-21 08:18:19 ----D---- C:\Documents and Settings\Owner\Application Data\ImgBurn
2009-12-21 08:15:47 ----D---- C:\Program Files\ImgBurn
2009-12-21 00:23:13 ----D---- C:\WINDOWS\Prefetch
2009-12-21 00:03:34 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-21 00:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-12-21 00:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-12-21 00:02:11 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-21 00:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$
2009-12-21 00:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-21 00:01:03 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-12-21 00:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-21 00:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-12-21 00:00:08 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-20 23:59:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-20 23:59:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-12-20 23:59:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-20 23:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-20 23:58:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-12-20 23:58:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-20 23:58:07 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-12-20 23:57:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-12-20 23:57:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-20 23:57:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-20 23:56:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-20 23:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2009-12-20 23:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-20 23:55:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-12-20 23:55:12 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-12-20 23:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2009-12-20 23:54:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-20 23:53:47 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-20 23:53:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-20 23:53:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-20 23:52:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-12-20 23:52:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-20 23:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-20 23:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-20 23:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-20 23:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-20 23:51:32 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-12-20 23:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-20 23:37:57 ----D---- C:\WINDOWS\system32\en-us
2009-12-20 23:37:54 ----D---- C:\WINDOWS\system32\scripting
2009-12-20 23:37:51 ----D---- C:\WINDOWS\l2schemas
2009-12-20 23:37:49 ----D---- C:\WINDOWS\system32\en
2009-12-20 23:28:16 ----D---- C:\WINDOWS\network diagnostic
2009-12-20 22:40:46 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-12-20 22:07:59 ----D---- C:\XPSETUP
2009-12-20 08:27:11 ----D---- C:\WINDOWS\BDOSCAN8
2009-12-19 10:35:04 ----D---- C:\Program Files\VS Revo Group
2009-12-19 00:28:43 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-12-18 21:09:33 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2009-12-18 19:59:08 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-18 13:54:35 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-18 13:54:35 ----D---- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2009-12-18 06:50:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-18 06:50:58 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-17 20:58:55 ----D---- C:\Program Files\a-squared Free
======List of files/folders modified in the last 1 months======
2010-01-07 00:28:57 ----D---- C:\WINDOWS\system32\drivers
2010-01-07 00:28:56 ----AD---- C:\WINDOWS
2010-01-07 00:26:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-07 00:20:05 ----A---- C:\WINDOWS\system.ini
2010-01-07 00:19:31 ----A---- C:\WINDOWS\ModemLog_Lucent Win Modem.txt
2010-01-07 00:17:26 ----D---- C:\WINDOWS\system32\config
2010-01-07 00:16:04 ----RD---- C:\Program Files
2010-01-07 00:16:03 ----D---- C:\WINDOWS\pss
2010-01-07 00:11:31 ----D---- C:\WINDOWS\AppPatch
2010-01-07 00:11:31 ----AD---- C:\WINDOWS\SYSTEM32
2010-01-07 00:11:26 ----D---- C:\Program Files\Common Files
2010-01-07 00:05:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-05 10:40:57 ----SD---- C:\WINDOWS\Tasks
2010-01-05 10:28:53 ----D---- C:\WINDOWS\SYSTEM
2010-01-05 10:19:18 ----RASH---- C:\BOOT.INI
2010-01-05 09:55:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-04 01:05:11 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-01-04 01:05:11 ----D---- C:\Config.Msi
2010-01-04 01:02:08 ----SHD---- C:\WINDOWS\Installer
2010-01-04 00:55:47 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-30 09:59:43 ----D---- C:\WINDOWS\Debug
2009-12-30 09:59:39 ----D---- C:\WINDOWS\Minidump
2009-12-28 08:04:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-26 14:17:06 ----D---- C:\WINDOWS\INF
2009-12-26 13:58:12 ----A---- C:\WINDOWS\win.ini
2009-12-25 08:18:39 ----D---- C:\Program Files\Lavasoft
2009-12-24 23:14:14 ----D---- C:\Program Files\Mozilla Firefox
2009-12-23 23:46:36 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-12-23 23:45:08 ----D---- C:\WINDOWS\$hf_mig$
2009-12-23 23:21:39 ----D---- C:\WINDOWS\WinSxS
2009-12-23 18:44:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-23 18:40:34 ----D---- C:\WINDOWS\HELP
2009-12-23 18:40:34 ----D---- C:\Program Files\Internet Explorer
2009-12-23 17:50:59 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-23 17:44:23 ----D---- C:\WINDOWS\MEDIA
2009-12-23 15:24:00 ----D---- C:\Program Files\Outlook Express
2009-12-21 00:22:06 ----D---- C:\WINDOWS\system32\Setup
2009-12-21 00:22:05 ----D---- C:\WINDOWS\system32\wbem
2009-12-21 00:22:02 ----D---- C:\WINDOWS\FONTS
2009-12-21 00:20:48 ----D---- C:\WINDOWS\security
2009-12-20 23:51:45 ----D---- C:\Program Files\Messenger
2009-12-20 23:38:54 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-20 23:38:52 ----D---- C:\Program Files\Windows Media Player
2009-12-20 23:38:28 ----D---- C:\WINDOWS\ime
2009-12-20 23:37:57 ----D---- C:\WINDOWS\system32\usmt
2009-12-20 23:37:49 ----D---- C:\Program Files\MSN
2009-12-20 23:37:48 ----D---- C:\WINDOWS\system32\bits
2009-12-20 23:37:48 ----D---- C:\WINDOWS\peernet
2009-12-20 23:37:47 ----D---- C:\Program Files\Movie Maker
2009-12-20 23:32:25 ----D---- C:\WINDOWS\system32\Restore
2009-12-20 23:32:25 ----D---- C:\WINDOWS\system32\npp
2009-12-20 23:32:22 ----D---- C:\WINDOWS\msagent
2009-12-20 23:32:19 ----D---- C:\WINDOWS\srchasst
2009-12-20 23:32:18 ----D---- C:\Program Files\NetMeeting
2009-12-20 23:32:15 ----D---- C:\WINDOWS\system32\Com
2009-12-20 23:32:11 ----D---- C:\Program Files\Windows NT
2009-12-20 23:32:06 ----D---- C:\Program Files\Common Files\System
2009-12-20 23:31:25 ----D---- C:\WINDOWS\system32\oobe
2009-12-20 23:24:02 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-20 23:23:36 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-20 23:15:49 ----D---- C:\WINDOWS\ehome
2009-12-20 22:41:41 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-20 08:20:10 ----D---- C:\Program Files\HP
2009-12-20 08:17:56 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-19 13:47:38 ----D---- C:\Program Files\ArcSoft
2009-12-19 13:46:00 ----A---- C:\WINDOWS\fantasy2.ini
2009-12-19 13:45:59 ----A---- C:\WINDOWS\pstudio.ini
2009-12-19 13:45:59 ----A---- C:\WINDOWS\album.ini
2009-12-19 13:10:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-19 13:05:26 ----D---- C:\Program Files\Microsoft Office
2009-12-19 12:10:41 ----D---- C:\Program Files\Microsoft ActiveSync
2009-12-19 11:54:48 ----D---- C:\hp
2009-12-19 11:31:09 ----D---- C:\Program Files\Hewlett-Packard
2009-12-19 11:23:57 ----D---- C:\WINDOWS\twain_32
2009-12-19 00:17:30 ----D---- C:\WINDOWS\Cursors
2009-12-18 22:33:13 ----D---- C:\WINDOWS\provisioning
2009-12-18 06:44:54 ----D---- C:\Program Files\HPSelect
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-12-23 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-12-23 28424]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-12-23 360584]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2005-05-10 32256]
R1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-17 12032]
R3 catchme;catchme; \??\C:\Combo-Fix\catchme.sys []
R3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2001-08-08 158140]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2003-03-31 625537]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2001-09-16 13716]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2001-09-24 463848]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 Dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\System32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 Freedom;FREEDOM Miniport; C:\WINDOWS\System32\DRIVERS\FREEDOM.SYS []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-27 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-27 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-27 21568]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2001-08-08 12479]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2001-08-08 12031]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2001-08-08 11679]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2001-08-08 11999]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2001-08-08 19359]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2001-08-08 29215]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2001-08-08 19199]
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2001-08-08 33503]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2001-08-08 23519]
S3 mbr;mbr; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\mbr.sys []
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2001-09-27 702777]
S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]
S3 S3SavageNB;S3SavageNB; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2001-10-12 114816]
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2001-08-17 17664]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2009-12-23 906520]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-12-23 285392]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2001-09-27 57344]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-25 153376]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe []
S4 McDetect.exe;McAfee WSC Integration; c:\program files\mcafee.com\agent\mcdetect.exe []
S4 McTskshd.exe;McAfee Task Scheduler; c:\PROGRA~1\mcafee.com\agent\mctskshd.exe []
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2010-01-07 00:58:24
======Uninstall list======
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Easy Internet Sign-up-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B5DDB2C-0807-47FD-9C11-80EA761902C0}\Setup.exe" -l0x9
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 1.5 combined Win32 extensions-->C:\PROGRA~1\Python\UNWISE~1.EXE C:\PROGRA~1\Python\W32INST.LOG
Python 1.5.2 (final)-->C:\PROGRA~1\Python\UNWISE.EXE C:\PROGRA~1\Python\INSTALL.LOG
Revo Uninstaller 1.83-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
S3 Gamma-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3 Gamma'
S3 Savage4 Family Display Switch2 Utility-->S3Uninst.exe -reg 5 HKLM\SOFTWARE\S3\S3Uninst\S3Switch2
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Tcl 8.0.5 for Windows-->C:\PROGRA~1\Tcl\UNWISE.EXE C:\PROGRA~1\Tcl\INSTALL.LOG
Update for Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip Self-Extractor-->"C:\Program Files\WinZip Self-Extractor\setup.exe" /uninstall
=====HijackThis Backups=====
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart [2009-12-24]
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background [2009-12-24]
O4 - HKUS\.DEFAULT\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Owner\Application Data\AntiVirus Plus\AntiVirus Plus.70367223.dll", start 70367223 (User 'Default user') [2009-12-24]
O4 - HKUS\S-1-5-18\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Owner\Application Data\AntiVirus Plus\AntiVirus Plus.70367223.dll", start 70367223 (User 'SYSTEM') [2009-12-24]
O21 - SSODL: kawokozub - {f6e35b9e-702d-433a-bd54-cc2120e2a118} - c:\windows\system32\yuzepijo.dll (file missing) [2009-12-24]
O21 - SSODL: pivatezeh - {a2731c41-3ba2-4821-8d9f-fc8351fb8ef9} - c:\windows\system32\yuzepijo.dll (file missing) [2009-12-24]
O22 - SharedTaskScheduler: tokatiluy - {f6e35b9e-702d-433a-bd54-cc2120e2a118} - c:\windows\system32\yuzepijo.dll (file missing) [2009-12-24]
O21 - SSODL: kisugevek - {7efb1e66-a1a2-4a30-bc02-0127ee6295e9} - c:\windows\system32\yuzepijo.dll (file missing) [2009-12-24]
O22 - SharedTaskScheduler: gahurihor - {7efb1e66-a1a2-4a30-bc02-0127ee6295e9} - c:\windows\system32\yuzepijo.dll (file missing) [2009-12-24]
O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing) [2009-12-24]
O22 - SharedTaskScheduler: gahurihor - {a2731c41-3ba2-4821-8d9f-fc8351fb8ef9} - c:\windows\system32\yuzepijo.dll (file missing) [2009-12-24]
======Security center information======
AV: AVG Anti-Virus Free (disabled)
======System event log======
Computer Name: YOUR-W92P4BHLZG
Event Code: 7000
Message: The Lavasoft Ad-Aware Service service failed to start due to the following error:
The system cannot find the path specified.
Record Number: 70308
Source Name: Service Control Manager
Time Written: 20091221193126.000000-300
Event Type: error
User:
Computer Name: YOUR-W92P4BHLZG
Event Code: 7000
Message: The Lavasoft Ad-Aware Service service failed to start due to the following error:
The system cannot find the path specified.
Record Number: 70285
Source Name: Service Control Manager
Time Written: 20091221175005.000000-300
Event Type: error
User:
Computer Name: YOUR-W92P4BHLZG
Event Code: 7000
Message: The Lavasoft Ad-Aware Service service failed to start due to the following error:
The system cannot find the path specified.
Record Number: 70243
Source Name: Service Control Manager
Time Written: 20091221071042.000000-300
Event Type: error
User:
Computer Name: YOUR-W92P4BHLZG
Event Code: 7000
Message: The Lavasoft Ad-Aware Service service failed to start due to the following error:
The system cannot find the path specified.
Record Number: 70228
Source Name: Service Control Manager
Time Written: 20091221002350.000000-300
Event Type: error
User:
Computer Name: YOUR-W92P4BHLZG
Event Code: 20
Message: Printer Driver HP OfficeJet K60xi for Windows NT x86 Version-3 was added or updated. Files:- (null).
Record Number: 70227
Source Name: Print
Time Written: 20091221002337.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: YOUR-W92P4BHLZG
Event Code: 1000
Message: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Record Number: 6305
Source Name: Application Error
Time Written: 20091119104403.000000-300
Event Type: error
User:
Computer Name: YOUR-W92P4BHLZG
Event Code: 1004
Message: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Record Number: 6303
Source Name: Application Error
Time Written: 20091119104321.000000-300
Event Type: error
User:
Computer Name: YOUR-W92P4BHLZG
Event Code: 1000
Message: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Record Number: 6302
Source Name: Application Error
Time Written: 20091119104005.000000-300
Event Type: error
User:
Computer Name: YOUR-W92P4BHLZG
Event Code: 1004
Message: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Record Number: 6301
Source Name: Application Error
Time Written: 20091119103955.000000-300
Event Type: error
User:
Computer Name: YOUR-W92P4BHLZG
Event Code: 1000
Message: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Record Number: 6299
Source Name: Application Error
Time Written: 20091119103609.000000-300
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program files\PC-Doctor for Windows XP\WINDSAPI
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 11 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=0b01
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------