OTS logfile created on: 1/25/2010 4:52:20 AM - Run 1
OTS by OldTimer - Version 3.1.19.5 Folder = C:\Documents and Settings\Tom\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
767.00 Mb Total Physical Memory | 417.00 Mb Available Physical Memory | 54.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30.39 Gb Total Space | 15.32 Gb Free Space | 50.42% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 41.31 Gb Total Space | 41.21 Gb Free Space | 99.74% Space Free | Partition Type: NTFS
Drive H: | 40.08 Gb Total Space | 40.00 Gb Free Space | 99.81% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Computer Name: TOM1
Current User Name: Tom
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Tom\Desktop\OTS.exe -> [2010/01/25 04:48:29 | 00,631,296 | ---- | M] (OldTimer Tools)
avgtray.exe -> C:\Program Files\AVG\AVG9\avgtray.exe -> [2009/12/31 09:36:18 | 02,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgrsx.exe -> C:\Program Files\AVG\AVG9\avgrsx.exe -> [2009/12/11 14:05:17 | 00,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgnsx.exe -> C:\Program Files\AVG\AVG9\avgnsx.exe -> [2009/12/11 14:05:16 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgchsvx.exe -> C:\Program Files\AVG\AVG9\avgchsvx.exe -> [2009/11/22 16:19:00 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgcsrvx.exe -> C:\Program Files\AVG\AVG9\avgcsrvx.exe -> [2009/11/22 16:18:58 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgemc.exe -> C:\Program Files\AVG\AVG9\avgemc.exe -> [2009/11/22 16:18:50 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2009/11/22 16:18:48 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.)
jqs.exe -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.)
googletoolbarnotifier.exe -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2009/04/02 13:03:13 | 00,039,408 | ---- | M] (Google Inc.)
wscntfy.exe -> C:\WINDOWS\system32\wscntfy.exe -> [2008/04/13 17:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
hpqsrmon.exe -> C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe -> [2008/03/13 09:34:28 | 00,081,920 | ---- | M] (Hewlett-Packard)
crosshair.exe -> C:\Program Files\CrossHair\CrossHair.exe -> [2006/07/23 17:06:56 | 00,094,208 | ---- | M] ()
kodakccs.exe -> C:\WINDOWS\system32\drivers\KodakCCS.exe -> [2004/05/24 12:35:52 | 00,322,104 | ---- | M] (Eastman Kodak Company)
nvsvc32.exe -> C:\WINDOWS\system32\nvsvc32.exe -> [2003/07/28 15:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation)
wkcalrem.exe -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe -> [2001/08/07 16:06:54 | 00,024,633 | ---- | M] (Microsoft® Corporation)
[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Tom\Desktop\OTS.exe -> [2010/01/25 04:48:29 | 00,631,296 | ---- | M] (OldTimer Tools)
[Win32 Services - Safe List]
(getPlusHelper) getPlus(R) Helper [On_Demand | Stopped] -> C:\Program Files\NOS\bin\getPlus_Helper.dll -> [2009/12/17 16:36:24 | 00,067,360 | ---- | M] (NOS Microsystems Ltd.)
(avg9emc) AVG Free E-mail Scanner [Auto | Running] -> C:\Program Files\AVG\AVG9\avgemc.exe -> [2009/11/22 16:18:50 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.)
(avg9wd) AVG Free WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG9\avgwdsvc.exe -> [2009/11/22 16:18:48 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.)
(gupdate) Google Update Service (gupdate) [Auto | Stopped] -> C:\Program Files\Google\Update\GoogleUpdate.exe -> [2009/10/30 10:45:30 | 00,133,104 | ---- | M] (Google Inc.)
(gusvc) Google Software Updater [Auto | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/10/30 10:44:06 | 00,194,032 | ---- | M] (Google)
(JavaQuickStarterService) Java Quick Starter [Auto | Running] -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.)
(hpqcxs08) hpqcxs08 [On_Demand | Stopped] -> C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -> [2009/05/21 20:21:18 | 00,248,832 | ---- | M] (Hewlett-Packard Co.)
(GoToAssist) GoToAssist [On_Demand | Stopped] -> C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -> [2009/04/05 22:39:45 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.)
(Pml Driver HPZ12) Pml Driver HPZ12 [Auto | Running] -> C:\WINDOWS\system32\HPZipm12.dll -> [2008/07/18 13:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard)
(Net Driver HPZ12) Net Driver HPZ12 [Auto | Running] -> C:\WINDOWS\system32\HPZinw12.dll -> [2008/07/18 13:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard)
(hpqddsvc) HP CUE DeviceDiscovery Service [On_Demand | Stopped] -> C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -> [2008/03/25 21:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.)
(IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation)
(KodakCCS) Kodak Camera Connection Software [Auto | Running] -> C:\WINDOWS\system32\drivers\KodakCCS.exe -> [2004/05/24 12:35:52 | 00,322,104 | ---- | M] (Eastman Kodak Company)
(NVSvc) NVIDIA Driver Helper Service [Auto | Running] -> C:\WINDOWS\system32\nvsvc32.exe -> [2003/07/28 15:19:00 | 00,077,824 | ---- | M] (NVIDIA Corporation)
[Driver Services - Safe List]
(MBAMSwissArmy) MBAMSwissArmy [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation)
(Wpsnuio) WPS NDIS Usermode I/O Protocol [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\wpsnuio.sys -> [2010/01/02 16:16:41 | 00,013,696 | ---- | M] (Skyhook Wireless)
(AvgTdiX) AVG Free8 Network Redirector [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgtdix.sys -> [2009/11/22 16:19:24 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\avgldx86.sys -> [2009/11/22 16:19:24 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> C:\WINDOWS\System32\Drivers\avgmfx86.sys -> [2009/11/22 16:19:24 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.)
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HPZid412.sys -> [2009/08/26 22:41:08 | 00,049,920 | ---- | M] (HP)
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HPZipr12.sys -> [2009/08/26 22:41:04 | 00,016,496 | ---- | M] (HP)
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HPZius12.sys -> [2009/08/26 22:40:06 | 00,021,568 | ---- | M] (HP)
(PSI) PSI [File_System | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\psi_mf.sys -> [2009/06/17 05:20:34 | 00,012,648 | ---- | M] (Secunia)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\PxHelp20.sys -> [2008/02/13 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(Cdralw2k) Cdralw2k [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\cdralw2k.sys -> [2007/02/02 03:00:00 | 00,009,464 | ---- | M] (Sonic Solutions)
(Cdr4_xp) Cdr4_xp [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\cdr4_xp.sys -> [2007/02/02 03:00:00 | 00,009,336 | ---- | M] (Sonic Solutions)
(DcPTP) DcPTP [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\DcPtp.sys -> [2004/07/07 10:27:28 | 00,070,070 | ---- | M] (Eastman Kodak Company)
(Exportit) Exportit [Kernel | System | Stopped] -> C:\WINDOWS\system32\drivers\ExportIt.sys -> [2004/07/07 08:55:12 | 00,152,049 | ---- | M] (Eastman Kodak Company)
(DCFS2K) Kodak DCFS2K Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\DCFS2k.sys -> [2004/06/02 13:19:00 | 00,038,705 | ---- | M] (Eastman Kodak Company)
(DcFpoint) DcFpoint [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\DcFpoint.sys -> [2004/05/20 08:41:54 | 00,061,564 | ---- | M] (Eastman Kodak Company)
(DcLps) Legacy Polling Service [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\DcLps.sys -> [2004/05/20 08:39:42 | 00,008,022 | ---- | M] (Eastman Kodak Company)
(DcCam) Kodak Camera Proxy [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\DcCam.sys -> [2004/05/20 08:21:10 | 00,036,918 | ---- | M] (Eastman Kodak Company)
(snapman) Apricorn Snapshots Manager [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\snapman.sys -> [2004/04/09 21:15:23 | 00,065,856 | ---- | M] (Apricorn)
(ezgmntr) EZ GIG II Backup Archive Explorer [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\ezgmntr.sys -> [2004/03/25 19:54:38 | 00,170,080 | ---- | M] (Apricorn)
(ezgfsfilt) EZ GIG II FS Filter [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\ezgfsfilt.sys -> [2004/03/25 19:54:38 | 00,026,912 | ---- | M] (Apricorn)
(nv) nv [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2003/07/28 15:19:00 | 01,341,339 | ---- | M] (NVIDIA Corporation)
(3c1807pd) U.S. Robotics V.92 Fax Win Int [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\3c1807pd.sys -> [2003/04/03 10:59:06 | 00,329,120 | ---- | M] (U.S. Robotics Corporation)
(PQNTDrv) PQNTDrv [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\PQNTDRV.sys -> [2003/03/14 14:18:30 | 00,004,228 | ---- | M] (PowerQuest Corporation)
(BANTExt) Belarc SMBios Access [Kernel | System | Running] -> C:\WINDOWS\System32\Drivers\BANTExt.sys -> [2003/03/06 14:48:08 | 00,003,840 | ---- | M] ()
(GUSBNET) Satellite Modem 360 USB Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\gusbnet.sys -> [2002/11/17 11:57:24 | 00,039,572 | ---- | M] (Gilat Satellite Netwroks)
(GUSBFILTER) Gilat USB Adapter Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\gusbfilter.sys -> [2002/11/17 11:57:24 | 00,003,124 | ---- | M] (Gilat Satellite Netwroks)
(cdudf_xp) cdudf_xp [File_System | System | Running] -> C:\WINDOWS\system32\drivers\Cdudf_xp.sys -> [2002/08/14 00:40:22 | 00,240,128 | ---- | M] (Roxio)
(dvd_2K) dvd_2K [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\Dvd_2k.sys -> [2002/08/01 01:20:12 | 00,025,578 | ---- | M] (Roxio)
(mmc_2K) mmc_2K [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\Mmc_2k.sys -> [2002/08/01 01:20:06 | 00,030,246 | ---- | M] (Roxio)
(pwd_2k) pwd_2k [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\pwd_2K.sys -> [2002/08/01 01:19:58 | 00,132,058 | ---- | M] (Roxio)
(UdfReadr_xp) UdfReadr_xp [File_System | System | Running] -> C:\WINDOWS\system32\drivers\UdfReadr_xp.sys -> [2002/08/01 01:16:30 | 00,206,464 | ---- | M] (Roxio)
(GSSUSB) Gilat SkyBlaster USB Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\gssNic.sys -> [2002/04/29 03:40:04 | 00,161,681 | R--- | M] (Gilat Satellite Networks Ltd)
(NECEHCD) NEC PCI to USB Enhanced Host Controller [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\nehcd.sys -> [2001/11/30 00:40:50 | 00,033,911 | R--- | M] (OWC)
(FilterService) Filter Service [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\nusbd.sys -> [2001/11/30 00:40:50 | 00,032,500 | R--- | M] (OWC)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2001/08/18 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(USRpdA) U.S. Robotics 56K PCI Faxmodem Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\USRpdA.sys -> [2001/08/17 14:28:26 | 00,113,762 | ---- | M] (U.S. Robotics Corporation)
(HCF_MSFT) HCF_MSFT [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HCF_MSFT.sys -> [2001/08/17 14:28:02 | 00,907,456 | ---- | M] (Conexant)
(ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ac97intc.sys -> [2001/08/17 05:20:04 | 00,096,256 | ---- | M] (Intel Corporation)
(DM9102) DAVICOM 9102(A) PCI Fast Ethernet Based NT Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\DM9PCI5.SYS -> [2001/08/17 05:11:42 | 00,029,696 | ---- | M] (CNet Technology, Inc. )
(smwdm) smwdm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\smwdm.sys -> [2001/07/25 16:40:30 | 00,438,200 | ---- | M] (Analog Devices, Inc.)
(OMCI) OMCI [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -> [2001/05/14 19:15:40 | 00,010,368 | ---- | M] (Dell Computer Corporation)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Secondary Start Pages" -> [Binary data over 100 bytes] ->
HKEY_LOCAL_MACHINE\: Search\\"CustomSearch" -> http://red.clientapps.yahoo.com/customize/ie/defaults/cs/ymsgr6/*http://www.yahoo.com/ext/search/search.html ->
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: Main\\"SearchMigratedDefaultName" -> Google ->
HKEY_USERS\.DEFAULT\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: Main\\"SearchMigratedDefaultName" -> Google ->
HKEY_USERS\S-1-5-18\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
HKEY_USERS\S-1-5-19\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\] > -> ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: Main\\"Default_Search_URL" -> http://www.google.com/ie ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: Main\\"SearchMigratedDefaultName" -> Google ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language} ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: Main\\"Start Page" -> http://www.google.com/ ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: Search\\"Default_Search_URL" -> http://www.google.com/ie ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: Search\\"SearchAssistant" -> http://www.google.com/ie ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: SearchURL\\"" -> http://www.google.com/search?q=%s ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: "ProxyOverride" -> <local> ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\: "ProxyServer" -> http=127.0.0.1:9877 ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Tom\Application Data\Mozilla\FireFox\Profiles\1yu32dil.default\prefs.js ->
extensions.enabledItems -> {e1170235-2845-420c-acc3-42261a29dd46}:3.5.1 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3] -> [2009/10/29 14:02:15 | 00,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\Tom\Application Data\Mozilla\Extensions -> [2009/01/18 14:17:13 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\1yu32dil.default\extensions -> [2009/03/18 00:11:53 | 00,000,000 | ---D | M]
Clipmarks -> C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\1yu32dil.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46} -> [2009/01/18 14:25:34 | 00,000,000 | ---D | M]
< HOSTS File > (27 bytes and 1 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{0347C33E-8762-4905-BF09-768834316C61} [HKLM] -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [HP Print Enhancer] -> [2009/06/30 17:08:14 | 00,328,248 | ---- | M] (Hewlett-Packard Co.)
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/12/21 18:27:44 | 00,075,200 | ---- | M] (Adobe Systems Incorporated)
{3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2009/12/12 09:27:13 | 00,329,312 | ---- | M] (RealPlayer)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/12/11 14:05:16 | 01,484,056 | ---- | M] (AVG Technologies CZ, s.r.o.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [Google Toolbar Notifier BHO] -> [2009/11/19 04:18:50 | 00,764,912 | ---- | M] (Google Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [Google Dictionary Compression sdch] -> [2009/10/26 05:46:12 | 00,458,736 | ---- | M] (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/10/11 04:17:29 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/10/11 04:17:12 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} [HKLM] -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [HP Smart BHO Class] -> [2009/06/30 17:07:40 | 00,509,496 | ---- | M] (Hewlett-Packard Co.)
< Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\] > -> HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" -> C:\Program Files\Google\Gmail Notifier\gnotify.exe [C:\Program Files\Google\Gmail Notifier\gnotify.exe] -> [2005/07/15 14:48:33 | 00,479,232 | ---- | M] (Google Inc.)
"3c1807pd" -> [C:\WINDOWS\SYSTEM32\3cmlink.exe RunServices \Device\3cpipe-3c1807pd] -> File not found
"Adobe ARM" -> C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ["C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] -> [2009/12/11 15:57:56 | 00,948,672 | R--- | M] (Adobe Systems Incorporated)
"Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/12/22 01:57:28 | 00,035,760 | ---- | M] (Adobe Systems Incorporated)
"AVG9_TRAY" -> C:\Program Files\AVG\AVG9\avgtray.exe [C:\PROGRA~1\AVG\AVG9\avgtray.exe] -> [2009/12/31 09:36:18 | 02,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.)
"HPDJ Taskbar Utility" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe] -> [2004/03/04 08:46:24 | 00,172,032 | ---- | M] (HP)
"hpqSRMon" -> C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe] -> [2008/03/13 09:34:28 | 00,081,920 | ---- | M] (Hewlett-Packard)
"NvCplDaemon" -> C:\WINDOWS\System32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2003/07/28 15:19:00 | 04,841,472 | ---- | M] (NVIDIA Corporation)
"nwiz" -> C:\WINDOWS\System32\nwiz.exe [nwiz.exe /install] -> [2003/07/28 15:19:00 | 00,323,584 | ---- | M] (NVIDIA Corporation)
"USRpdA" -> [C:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA] -> File not found
"WinPatrol" -> C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot] -> [2009/10/10 14:07:08 | 00,320,832 | ---- | M] (BillP Studios)
< Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2009/04/02 13:03:13 | 00,039,408 | ---- | M] (Google Inc.)
< Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] -> [2009/04/02 13:03:13 | 00,039,408 | ---- | M] (Google Inc.)
< Run [HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\] > -> HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"CrossHair" -> C:\Program Files\CrossHair\CrossHair.exe [C:\Program Files\CrossHair\CrossHair.exe] -> [2006/07/23 17:06:56 | 00,094,208 | ---- | M] ()
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2009/04/02 13:03:13 | 00,039,408 | ---- | M] (Google Inc.)
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup ->
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe -> [2001/08/07 16:06:54 | 00,024,633 | ---- | M] (Microsoft® Corporation)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SMART-ER.lnk -> C:\Program Files\Apricorn\SMART-ER\SMART-ER.EXE -> [2001/05/01 13:17:54 | 00,286,720 | ---- | M] (Apricorn)
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Tom Startup Folder > -> C:\Documents and Settings\Tom\Start Menu\Programs\Startup ->
C:\Documents and Settings\Tom\Start Menu\Programs\Startup\Secunia PSI.lnk -> C:\Program Files\Secunia\PSI\psi.exe -> [2009/08/21 01:15:32 | 00,900,816 | ---- | M] (Secunia)
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoJITSetup" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoUpdateCheck" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoSplash" -> [0] -> File not found
< Software Policy Settings [HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004] > -> HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Policies\Microsoft\Internet Explorer ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Policies\Microsoft\Internet Explorer
\\"DisableImportExportFavorites" -> [0] -> File not found
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel
\Control Panel\\"GeneralTab" -> [0] -> File not found
\Control Panel\\"SecurityTab" -> [0] -> File not found
\Control Panel\\"PrivacyTab" -> [0] -> File not found
\Control Panel\\"ContentTab" -> [0] -> File not found
\Control Panel\\"ConnectionsTab" -> [0] -> File not found
\Control Panel\\"ProgramsTab" -> [0] -> File not found
\Control Panel\\"AdvancedTab" -> [0] -> File not found
\Control Panel\\"Advanced" -> [0] -> File not found
\Control Panel\\"Cache" -> [0] -> File not found
\Control Panel\\"History" -> [0] -> File not found
\Control Panel\\"Colors" -> [0] -> File not found
\Control Panel\\"links" -> [0] -> File not found
\Control Panel\\"Fonts" -> [0] -> File not found
\Control Panel\\"Languages" -> [0] -> File not found
\Control Panel\\"Accessibility" -> [0] -> File not found
\Control Panel\\"Connwiz Admin Lock" -> [0] -> File not found
\Control Panel\\"Connection Settings" -> [0] -> File not found
\Control Panel\\"Proxy" -> [0] -> File not found
\Control Panel\\"Autoconfig" -> [0] -> File not found
\Control Panel\\"Ratings" -> [0] -> File not found
\Control Panel\\"Certificates" -> [0] -> File not found
\Control Panel\\"Profiles" -> [0] -> File not found
\Control Panel\\"FormSuggest" -> [0] -> File not found
\Control Panel\\"FormSuggest Passwords" -> [0] -> File not found
\Control Panel\\"Messaging" -> [0] -> File not found
\Control Panel\\"CalendarContact" -> [0] -> File not found
\Control Panel\\"ResetWebSettings" -> [0] -> File not found
\Control Panel\\"Check_If_Default" -> [0] -> File not found
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
\Infodelivery\Restrictions\\"NoBrowserSaveWebComplete" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoSearchCustomization" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoAddingChannels" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoRemovingChannels" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoAddingSubscriptions" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoEditingSubscriptions" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoRemovingSubscriptions" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoChannelLogging" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoScheduledUpdates" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoSubscriptionPasswords" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoChannelUI" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoSubscriptionContent" -> [0] -> File not found
\Infodelivery\Restrictions\\"NoEditingScheduleGroups" -> [0] -> File not found
\Infodelivery\Restrictions\\"MaxSubscriptionSize" -> [0] -> File not found
\Infodelivery\Restrictions\\"MaxSubscriptionCount" -> [0] -> File not found
\Infodelivery\Restrictions\\"MinUpdateInterval" -> [0] -> File not found
\Infodelivery\Restrictions\\"UpdateExcludeBegin" -> [0] -> File not found
\Infodelivery\Restrictions\\"UpdateExcludeEnd" -> [0] -> File not found
\Infodelivery\Restrictions\\"MaxWebcrawlLevels" -> [1] -> File not found
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Persistence\0
\Persistence\0\\"DomainLimit" -> [1024] -> File not found
\Persistence\0\\"DocumentLimit" -> [128] -> File not found
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Persistence\1
\Persistence\1\\"DomainLimit" -> [10240] -> File not found
\Persistence\1\\"DocumentLimit" -> [512] -> File not found
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Persistence\2
\Persistence\2\\"DomainLimit" -> [1024] -> File not found
\Persistence\2\\"DocumentLimit" -> [128] -> File not found
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Persistence\3
\Persistence\3\\"DomainLimit" -> [1024] -> File not found
\Persistence\3\\"DocumentLimit" -> [128] -> File not found
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Persistence\4
\Persistence\4\\"DomainLimit" -> [640] -> File not found
\Persistence\4\\"DocumentLimit" -> [64] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoMSAppLogo5ChannelNotify" -> [0] -> File not found
\\"NoBandCustomize" -> [0] -> File not found
\\"NoSharedDocuments" -> [0] -> File not found
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"CDRAutoRun" -> [0] -> File not found
\\"NoLogOff" -> [0] -> File not found
\\"NoClose" -> [0] -> File not found
\\"NoSetFolders" -> [0] -> File not found
\\"NoFavoritesMenu" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"CDRAutoRun" -> [0] -> File not found
\\"NoLogOff" -> [0] -> File not found
\\"NoClose" -> [0] -> File not found
\\"NoSetFolders" -> [0] -> File not found
\\"NoFavoritesMenu" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004] > -> HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoNetHood" -> [0] -> File not found
\\"NoFavoritesMenu" -> [0] -> File not found
\\"NoChangeStartMenu" -> [0] -> File not found
\\"NoLogoff" -> [0] -> File not found
\\"NoSetTaskbar" -> [0] -> File not found
\\"NoFileMenu" -> [0] -> File not found
\\"EnforceShellExtensionSecurity" -> [0] -> File not found
\\"LinkResolveIgnoreLinkInfo" -> [0] -> File not found
\\"NoDrives" -> [0] -> File not found
\\"NoNetConnectDisconnect" -> [0] -> File not found
\\"NoDeletePrinter" -> [0] -> File not found
\\"NoAddPrinter" -> [0] -> File not found
\\"NoPrinterTabs" -> [0] -> File not found
\\"Btn_Back" -> [0] -> File not found
\\"Btn_Forward" -> [0] -> File not found
\\"Btn_Stop" -> [0] -> File not found
\\"Btn_Refresh" -> [0] -> File not found
\\"Btn_Home" -> [0] -> File not found
\\"Btn_Search" -> [0] -> File not found
\\"Btn_History" -> [0] -> File not found
\\"Btn_Favorites" -> [0] -> File not found
\\"Btn_Media" -> [0] -> File not found
\\"Btn_Folders" -> [0] -> File not found
\\"Btn_Fullscreen" -> [0] -> File not found
\\"Btn_Tools" -> [0] -> File not found
\\"Btn_MailNews" -> [0] -> File not found
\\"Btn_Size" -> [0] -> File not found
\\"Btn_Print" -> [0] -> File not found
\\"Btn_Edit" -> [0] -> File not found
\\"Btn_Discussions" -> [0] -> File not found
\\"Btn_Cut" -> [0] -> File not found
\\"Btn_Copy" -> [0] -> File not found
\\"Btn_Paste" -> [0] -> File not found
\\"Btn_Encoding" -> [0] -> File not found
\\"Btn_PrintPreview" -> [0] -> File not found
\\"NoThumbnailCache" -> [0] -> File not found
\\"RestrictRun" -> [0] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004] > -> HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"NoSecCPL" -> [0] -> File not found
\\"NoDevMgrPage" -> [0] -> File not found
\\"NoConfigPage" -> [0] -> File not found
\\"NoVirtMemPage" -> [0] -> File not found
\\"NoFileSysPage" -> [0] -> File not found
\\"NoNetSetup" -> [0] -> File not found
\\"NoNetSetupIDPage" -> [0] -> File not found
\\"NoNetSetupSecurityPage" -> [0] -> File not found
\\"NoWorkgroupContents" -> [0] -> File not found
\\"NoEntireNetwork" -> [0] -> File not found
\\"NoFileSharingControl" -> [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Search -> [http://bar.mywebsearch.com/menusearch.html?p=ZNxdm41486US] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Search -> [http://bar.mywebsearch.com/menusearch.html?p=ZNxdm41486US] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{DDE87865-83C5-48c4-8357-2F5B1AA84522}:{DDE87865-83C5-48c4-8357-2F5B1AA84522} [HKLM] -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [Button: Show or hide HP Smart Web Printing] -> [2009/06/30 17:07:40 | 00,509,496 | ---- | M] (Hewlett-Packard Co.)
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{4528BBE0-4E08-11D5-AD55-00010333D0AD}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{E023F504-0C5A-4750-A1E7-A9046DEA8A21}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{4528BBE0-4E08-11D5-AD55-00010333D0AD}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{E023F504-0C5A-4750-A1E7-A9046DEA8A21}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\] > -> HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{DDE87865-83C5-48c4-8357-2F5B1AA84522}" [HKLM] -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [ClipBookBtn Class] -> [2009/06/30 17:07:40 | 00,509,496 | ---- | M] (Hewlett-Packard Co.)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
Extension\.bcf -> C:\Program Files\Internet Explorer\PLUGINS\NPBelv32.dll [Belarc Advisor and BelLive - Belarc's Content Personalization with Privacy] -> [2003/09/24 19:12:30 | 00,651,264 | ---- | M] (Belarc, Inc.)
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6617 domain(s) found. ->
58 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6617 domain(s) found. ->
57 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6617 domain(s) found. ->
57 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\] > -> HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 10148 domain(s) found. ->
.[msn] -> My Computer ->
64 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\] > -> HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-725345543-2000478354-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{00000161-0000-0010-8000-00AA00389B71} [HKLM] -> http://codecs.microsoft.com/codecs/i386/msaudio.cab [Reg Error: Key error.] ->
{1851174C-97BD-4217-A0CC-E908F60D5B7A} [HKLM] -> https://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB [Hewlett-Packard Online Support Services] ->
{33564D57-0000-0010-8000-00AA00389B71} [HKLM] -> http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB [Reg Error: Key error.] ->
{406B5949-7190-4245-91A9-30A17DE16AD0} [HKLM] -> http://www2.snapfish.com/SnapfishActivia.cab [Snapfish Activia] ->
{5ED80217-570B-4DA9-BF44-BE107C0EC166} [HKLM] -> http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab [Windows Live Safety Center Base Module] ->
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [Reg Error: Key error.] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] ->
{9191F686-7F0A-441D-8A98-2FE3AC1BD913} [HKLM] -> http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab [ActiveScan 2.0 Installer Class] ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F} [HKLM] -> http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38072.9108680556 [Reg Error: Key error.] ->
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->
{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [HKLM] -> http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab [Reg Error: Key error.] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [get_atlcom Class] ->
Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab [Reg Error: Key error.] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.2.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{7DDCA5DC-C912-4FBF-A5F5-059428258A40}\\DhcpNameServer -> 192.168.2.1 (CNet PRO200WL PCI Fast Ethernet Adapter) ->
IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
"Use My Stylesheet" -> Reg Error: Invalid data type.
"User Stylesheet" ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
avgrsstarter -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/11/22 16:19:05 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.)
GoToAssist -> C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll -> [2009/04/05 22:39:36 | 00,010,536 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{56F9679E-7826-4C84-81F3-532071A8BCC5}" [HKLM] -> C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [] -> [2009/05/24 22:41:34 | 00,304,128 | ---- | M] (Microsoft Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" -> C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe [C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe] -> [2008/03/20 09:36:30 | 00,550,312 | ---- | M] (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe [C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe] -> [2007/11/02 10:58:46 | 01,421,312 | ---- | M] (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hposid01.exe [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe] -> [2007/11/30 01:05:44 | 00,107,864 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe [C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe] -> [2008/03/25 21:21:20 | 00,247,128 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe] -> [2009/05/21 18:57:00 | 00,362,496 | ---- | M] (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe [C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe] -> [2009/05/21 18:57:00 | 00,237,568 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe] -> [2007/10/31 15:45:22 | 00,147,456 | ---- | M] (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe [C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe] -> [2008/03/20 09:36:38 | 03,782,048 | ---- | M] (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe [C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe] -> [2008/03/13 09:34:26 | 00,087,456 | ---- | M] (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe] -> [2008/03/25 20:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe [C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe] -> [2008/03/20 09:36:40 | 00,135,168 | ---- | M] (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe] -> [2008/03/25 20:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\Program Files\AVG\AVG9\avgemc.exe" -> C:\Program Files\AVG\AVG9\avgemc.exe [C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe] -> [2009/11/22 16:18:50 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" -> C:\Program Files\AVG\AVG9\avgnsx.exe [C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe] -> [2009/12/11 14:05:16 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" -> C:\Program Files\AVG\AVG9\avgupd.exe [C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe] -> [2009/12/11 14:04:37 | 01,007,896 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" -> C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe [C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe] -> [2008/03/20 09:36:30 | 00,550,312 | ---- | M] (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe [C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe] -> [2007/11/02 10:58:46 | 01,421,312 | ---- | M] (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hposid01.exe [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe] -> [2007/11/30 01:05:44 | 00,107,864 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe [C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe] -> [2008/03/25 21:21:20 | 00,247,128 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe] -> [2009/05/21 18:57:00 | 00,362,496 | ---- | M] (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe [C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe] -> [2009/05/21 18:57:00 | 00,237,568 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe] -> [2007/10/31 15:45:22 | 00,147,456 | ---- | M] (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe [C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe] -> [2008/03/20 09:36:38 | 03,782,048 | ---- | M] (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe [C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe] -> [2008/03/13 09:34:26 | 00,087,456 | ---- | M] (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe] -> [2008/03/25 20:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe [C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe] -> [2008/03/20 09:36:40 | 00,135,168 | ---- | M] (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe] -> [2008/03/25 20:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.)
"C:\Program Files\NinjaTrader 6.5\bin\NinjaTrader.exe" -> C:\Program Files\NinjaTrader 6.5\bin\NinjaTrader.exe [C:\Program Files\NinjaTrader 6.5\bin\NinjaTrader.exe:*:Enabled:NinjaTrader application] -> [2009/12/09 06:25:04 | 00,143,360 | ---- | M] (NinjaTrader)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [System32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/03/22 21:00:42 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
[Files/Folders - Created Within 90 Days]
OTS.exe -> C:\Documents and Settings\Tom\Desktop\OTS.exe -> [2010/01/25 04:48:27 | 00,631,296 | ---- | C] (OldTimer Tools)
_OTM -> C:\_OTM -> [2010/01/24 15:08:38 | 00,000,000 | ---D | C]
nview -> C:\WINDOWS\nview -> [2010/01/24 08:25:46 | 00,000,000 | ---D | C]
setup.exe -> C:\Documents and Settings\Tom\Desktop\setup.exe -> [2010/01/24 08:01:34 | 00,228,424 | ---- | C] (NinjaTrader, LLC)
TFC.exe -> C:\Documents and Settings\Tom\Desktop\TFC.exe -> [2010/01/23 16:11:57 | 00,439,808 | ---- | C] (OldTimer Tools)
RECYCLER -> C:\RECYCLER -> [2010/01/23 09:09:07 | 00,000,000 | -HSD | C]
cmdcons -> C:\cmdcons -> [2010/01/22 12:13:07 | 00,000,000 | RHSD | C]
SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/01/22 12:12:00 | 00,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/01/22 12:12:00 | 00,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/01/22 12:12:00 | 00,136,704 | ---- | C] (SteelWerX)
NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/01/22 12:12:00 | 00,031,232 | ---- | C] (NirSoft)
Qoobox -> C:\Qoobox -> [2010/01/22 12:10:37 | 00,000,000 | ---D | C]
Panda Security -> C:\Program Files\Panda Security -> [2010/01/14 22:31:38 | 00,000,000 | ---D | C]
Recent -> C:\Documents and Settings\Tom\Recent -> [2010/01/13 18:55:30 | 00,000,000 | RH-D | C]
Spybot - Search & Destroy -> C:\Program Files\Spybot - Search & Destroy -> [2010/01/03 23:32:57 | 00,000,000 | ---D | C]
Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy -> [2010/01/03 23:32:57 | 00,000,000 | ---D | C]
Skyhook Wireless -> C:\Program Files\Skyhook Wireless -> [2010/01/02 16:16:41 | 00,000,000 | ---D | C]
spmsg.dll -> C:\WINDOWS\System32\spmsg.dll -> [2009/12/19 13:17:36 | 00,017,272 | ---- | C] (Microsoft Corporation)
ie8 -> C:\WINDOWS\ie8 -> [2009/12/19 12:20:35 | 00,000,000 | -H-D | C]
aclayers.dll -> C:\WINDOWS\System32\dllcache\aclayers.dll -> [2009/12/19 12:06:06 | 00,471,552 | ---- | C] (Microsoft Corporation)
vlc -> C:\Documents and Settings\Tom\Application Data\vlc -> [2009/12/19 11:58:48 | 00,000,000 | ---D | C]
WinZip -> C:\Documents and Settings\All Users\Application Data\WinZip -> [2009/12/19 11:50:58 | 00,000,000 | ---D | C]
Secunia -> C:\Program Files\Secunia -> [2009/12/19 11:41:05 | 00,000,000 | ---D | C]
Malware -> C:\Documents and Settings\Tom\My Documents\Malware -> [2009/12/19 08:01:02 | 00,000,000 | ---D | C]
CrossHair -> C:\Program Files\CrossHair -> [2009/12/17 12:13:43 | 00,000,000 | ---D | C]
DELL -> C:\Documents and Settings\Tom\Desktop\DELL -> [2009/12/15 21:45:01 | 00,000,000 | ---D | C]
MSECache -> C:\Program Files\MSECache -> [2009/12/14 21:43:19 | 00,000,000 | ---D | C]
WinPatrol -> C:\Documents and Settings\Tom\Application Data\WinPatrol -> [2009/12/12 11:54:09 | 00,000,000 | ---D | C]
BillP Studios -> C:\Program Files\BillP Studios -> [2009/12/12 11:53:52 | 00,000,000 | ---D | C]
QuickTime -> C:\Program Files\QuickTime -> [2009/12/12 10:56:23 | 00,000,000 | ---D | C]
Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer -> [2009/12/12 10:56:22 | 00,000,000 | ---D | C]
Apple -> C:\Program Files\Common Files\Apple -> [2009/12/12 09:38:53 | 00,000,000 | ---D | C]
Apple -> C:\Documents and Settings\Tom\Local Settings\Application Data\Apple -> [2009/12/12 09:38:38 | 00,000,000 | ---D | C]
Apple Software Update -> C:\Program Files\Apple Software Update -> [2009/12/12 09:38:33 | 00,000,000 | ---D | C]
Apple -> C:\Documents and Settings\All Users\Application Data\Apple -> [2009/12/12 09:38:32 | 00,000,000 | ---D | C]
Apple Computer -> C:\Documents and Settings\Tom\Local Settings\Application Data\Apple Computer -> [2009/12/12 09:37:42 | 00,000,000 | ---D | C]
xing shared -> C:\Program Files\Common Files\xing shared -> [2009/12/12 09:26:31 | 00,000,000 | ---D | C]
javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2009/12/12 09:18:34 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.)
javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2009/12/12 09:18:34 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.)
java.exe -> C:\WINDOWS\System32\java.exe -> [2009/12/12 09:18:34 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.)
ERDNT -> C:\WINDOWS\ERDNT -> [2009/12/11 14:58:48 | 00,000,000 | ---D | C]
ERUNT -> C:\Program Files\ERUNT -> [2009/12/11 14:57:20 | 00,000,000 | ---D | C]
Malwarebytes -> C:\Documents and Settings\Tom\Application Data\Malwarebytes -> [2009/12/11 14:16:01 | 00,000,000 | ---D | C]
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2009/12/11 14:15:55 | 00,038,224 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2009/12/11 14:15:53 | 00,000,000 | ---D | C]
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2009/12/11 14:15:52 | 00,019,160 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2009/12/11 14:15:52 | 00,000,000 | ---D | C]
CCleaner -> C:\Program Files\CCleaner -> [2009/12/10 17:38:54 | 00,000,000 | ---D | C]
NinjaTrader 6.5 -> C:\Program Files\NinjaTrader 6.5 -> [2009/12/10 09:02:58 | 00,000,000 | ---D | C]
Malware -> C:\Documents and Settings\Tom\Desktop\Malware -> [2009/12/09 16:50:29 | 00,000,000 | ---D | C]
rsit -> C:\rsit -> [2009/12/07 20:17:37 | 00,000,000 | ---D | C]
Tom2 Docs -> C:\Documents and Settings\Tom\My Documents\Tom2 Docs -> [2009/12/06 20:04:24 | 00,000,000 | ---D | C]
HP Product Assistant -> C:\Documents and Settings\All Users\Application Data\HP Product Assistant -> [2009/12/06 10:11:07 | 00,000,000 | ---D | C]
New Folder -> C:\New Folder -> [2009/11/26 12:53:57 | 00,000,000 | ---D | C]
MemTurbo 4 -> C:\Program Files\MemTurbo 4 -> [2009/11/26 08:48:19 | 00,000,000 | ---D | C]
$AVG -> C:\$AVG -> [2009/11/22 16:19:49 | 00,000,000 | ---D | C]
avg9 -> C:\Documents and Settings\All Users\Application Data\avg9 -> [2009/11/22 16:18:43 | 00,000,000 | ---D | C]
Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2009/11/22 16:12:28 | 00,000,000 | --SD | M]
Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2009/11/22 16:12:27 | 00,000,000 | --SD | M]
Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2009/11/22 12:55:50 | 00,000,000 | ---D | M]
Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2009/11/22 12:55:50 | 00,000,000 | ---D | M]
My Videos -> C:\Documents and Settings\Tom\My Documents\My Videos -> [2009/11/10 23:49:19 | 00,000,000 | R--D | C]
QuickTimeVR.qtx -> C:\WINDOWS\System32\QuickTimeVR.qtx -> [2009/11/10 23:08:24 | 00,094,208 | ---- | C] (Apple Inc.)
QuickTime.qts -> C:\WINDOWS\System32\QuickTime.qts -> [2009/11/10 23:08:24 | 00,069,632 | ---- | C] (Apple Inc.)
rmoc3260.dll -> C:\WINDOWS\System32\rmoc3260.dll -> [2009/11/10 08:27:10 | 00,185,920 | ---- | C] (RealNetworks, Inc.)
pndx5016.dll -> C:\WINDOWS\System32\pndx5016.dll -> [2009/11/10 08:26:54 | 00,006,656 | ---- | C] (RealNetworks, Inc.)
pndx5032.dll -> C:\WINDOWS\System32\pndx5032.dll -> [2009/11/10 08:26:54 | 00,005,632 | ---- | C] (RealNetworks, Inc.)
Real -> C:\Documents and Settings\All Users\Application Data\Real -> [2009/11/10 08:25:29 | 00,000,000 | ---D | C]
Temp -> C:\Documents and Settings\Tom\Local Settings\Application Data\Temp -> [2009/10/31 11:59:44 | 00,000,000 | ---D | C]
Google -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google -> [2009/10/30 10:50:00 | 00,000,000 | ---D | M]
Google -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Google -> [2009/10/30 10:45:49 | 00,000,000 | ---D | M]
ie7 -> C:\WINDOWS\ie7 -> [2009/10/30 10:29:31 | 00,000,000 | -H-D | C]
omNovia -> C:\Program Files\omNovia -> [2009/10/29 06:40:26 | 00,000,000 | ---D | C]
HPAppData -> C:\Documents and Settings\NetworkService\Application Data\HPAppData -> [2009/04/23 22:29:07 | 00,000,000 | ---D | M]
Adobe -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe -> [2009/04/15 22:03:17 | 00,000,000 | ---D | M]
HPAppData -> C:\Documents and Settings\LocalService\Application Data\HPAppData -> [2009/02/14 12:24:38 | 00,000,000 | ---D | M]
Skyhook Wireless -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Skyhook Wireless -> [2009/01/28 20:10:30 | 00,000,000 | ---D | M]
Adobe -> C:\Documents and Settings\LocalService\Application Data\Adobe -> [2008/03/22 08:49:18 | 00,000,000 | ---D | M]
Google -> C:\Documents and Settings\LocalService\Application Data\Google -> [2008/03/22 08:49:06 | 00,000,000 | ---D | M]
Help -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Help -> [2006/03/21 09:49:14 | 00,000,000 | ---D | M]
Help -> C:\Documents and Settings\LocalService\Application Data\Help -> [2006/03/21 09:49:14 | 00,000,000 | ---D | M]
[Files/Folders - Modified Within 90 Days]
OTS.exe -> C:\Documents and Settings\Tom\Desktop\OTS.exe -> [2010/01/25 04:48:29 | 00,631,296 | ---- | M] (OldTimer Tools)
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/01/25 04:42:20 | 00,002,206 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2010/01/25 04:42:17 | 00,000,876 | ---- | M] ()
Google Software Updater.job -> C:\WINDOWS\tasks\Google Software Updater.job -> [2010/01/25 04:40:59 | 00,000,868 | ---- | M] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/01/25 04:40:36 | 00,000,006 | -H-- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/01/25 04:40:24 | 00,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/01/25 04:40:18 | 80,433,9712 | -HS- | M] ()
ntuser.dat -> C:\Documents and Settings\Tom\ntuser.dat -> [2010/01/25 00:24:56 | 09,707,520 | ---- | M] ()
ntuser.ini -> C:\Documents and Settings\Tom\ntuser.ini -> [2010/01/25 00:24:56 | 00,000,178 | -HS- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2010/01/24 23:56:00 | 00,000,880 | ---- | M] ()
SystemLook.exe -> C:\Documents and Settings\Tom\Desktop\SystemLook.exe -> [2010/01/24 11:25:43 | 00,100,908 | ---- | M] ()
incavi.avm -> C:\WINDOWS\System32\drivers\Avg\incavi.avm -> [2010/01/24 09:41:29 | 54,617,974 | ---- | M] ()
setup.exe -> C:\Documents and Settings\Tom\Desktop\setup.exe -> [2010/01/24 08:01:34 | 00,228,424 | ---- | M] (NinjaTrader, LLC)
TFC.exe -> C:\Documents and Settings\Tom\Desktop\TFC.exe -> [2010/01/23 16:11:57 | 00,439,808 | ---- | M] (OldTimer Tools)
system.ini -> C:\WINDOWS\system.ini -> [2010/01/23 08:58:48 | 00,000,227 | ---- | M] ()
hosts -> C:\WINDOWS\System32\drivers\etc\hosts -> [2010/01/23 08:58:36 | 00,000,027 | ---- | M] ()
ComboFix.exe -> C:\Documents and Settings\Tom\Desktop\ComboFix.exe -> [2010/01/23 08:45:07 | 03,834,324 | R--- | M] ()
GDIPFONTCACHEV1.DAT -> C:\Documents and Settings\Tom\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2010/01/23 08:44:08 | 00,077,136 | ---- | M] ()
boot.ini -> C:\boot.ini -> [2010/01/22 12:13:16 | 00,000,281 | RHS- | M] ()
RSIT.exe -> C:\Documents and Settings\Tom\Desktop\RSIT.exe -> [2010/01/21 15:13:37 | 00,781,909 | ---- | M] ()
microavi.avg -> C:\WINDOWS\System32\drivers\Avg\microavi.avg -> [2010/01/20 09:29:12 | 00,142,495 | ---- | M] ()
Yahoo! Mail.url -> C:\Documents and Settings\Tom\Desktop\Yahoo! Mail.url -> [2010/01/18 23:29:20 | 00,000,276 | ---- | M] ()
Yahoo! Finance.url -> C:\Documents and Settings\Tom\Desktop\Yahoo! Finance.url -> [2010/01/15 20:15:21 | 00,003,460 | ---- | M] ()
Gmail.url -> C:\Documents and Settings\Tom\Desktop\Gmail.url -> [2010/01/13 20:40:40 | 00,000,619 | ---- | M] ()
ntuser.bak -> C:\Documents and Settings\Tom\ntuser.bak -> [2010/01/13 18:37:58 | 09,699,328 | ---- | M] ()
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2010/01/12 23:34:03 | 00,272,576 | ---- | M] ()
IconCache.db -> C:\Documents and Settings\Tom\Local Settings\Application Data\IconCache.db -> [2010/01/11 06:01:59 | 02,691,650 | -H-- | M] ()
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation)
wpsnuio.sys -> C:\WINDOWS\System32\drivers\wpsnuio.sys -> [2010/01/02 16:16:41 | 00,013,696 | ---- | M] (Skyhook Wireless)
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/01/02 16:02:26 | 00,690,416 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/01/02 16:02:26 | 00,180,428 | ---- | M] ()
PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2010/01/02 16:02:26 | 00,005,322 | ---- | M] ()
urlmon.dll -> C:\WINDOWS\System32\dllcache\urlmon.dll -> [2009/12/21 12:14:05 | 01,208,832 | ---- | M] (Microsoft Corporation)
wininet.dll -> C:\WINDOWS\System32\dllcache\wininet.dll -> [2009/12/21 12:14:05 | 00,916,480 | ---- | M] (Microsoft Corporation)
mshtml.dll -> C:\WINDOWS\System32\dllcache\mshtml.dll -> [2009/12/21 12:14:04 | 05,942,784 | ---- | M] (Microsoft Corporation)
occache.dll -> C:\WINDOWS\System32\dllcache\occache.dll -> [2009/12/21 12:14:04 | 00,206,848 | ---- | M] (Microsoft Corporation)
iertutil.dll -> C:\WINDOWS\System32\dllcache\iertutil.dll -> [2009/12/21 12:14:03 | 01,985,536 | ---- | M] (Microsoft Corporation)
inetcpl.cpl -> C:\WINDOWS\System32\inetcpl.cpl -> [2009/12/21 12:14:03 | 01,469,440 | ---- | M] (Microsoft Corporation)
inetcpl.cpl -> C:\WINDOWS\System32\dllcache\inetcpl.cpl -> [2009/12/21 12:14:03 | 01,469,440 | ---- | M] (Microsoft Corporation)
msfeeds.dll -> C:\WINDOWS\System32\msfeeds.dll -> [2009/12/21 12:14:03 | 00,594,432 | ---- | M] (Microsoft Corporation)
msfeeds.dll -> C:\WINDOWS\System32\dllcache\msfeeds.dll -> [2009/12/21 12:14:03 | 00,594,432 | ---- | M] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\iepeers.dll -> [2009/12/21 12:14:03 | 00,184,320 | ---- | M] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\dllcache\iepeers.dll -> [2009/12/21 12:14:03 | 00,184,320 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\WINDOWS\System32\msfeedsbs.dll -> [2009/12/21 12:14:03 | 00,055,296 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\WINDOWS\System32\dllcache\msfeedsbs.dll -> [2009/12/21 12:14:03 | 00,055,296 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\WINDOWS\System32\jsproxy.dll -> [2009/12/21 12:14:03 | 00,025,600 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\WINDOWS\System32\dllcache\jsproxy.dll -> [2009/12/21 12:14:03 | 00,025,600 | ---- | M] (Microsoft Corporation)
ieframe.dll -> C:\WINDOWS\System32\dllcache\ieframe.dll -> [2009/12/21 12:14:02 | 11,070,464 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\WINDOWS\System32\iedkcs32.dll -> [2009/12/21 12:14:01 | 00,387,584 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\WINDOWS\System32\dllcache\iedkcs32.dll -> [2009/12/21 12:14:01 | 00,387,584 | ---- | M] (Microsoft Corporation)
ie4uinit.exe -> C:\WINDOWS\System32\ie4uinit.exe -> [2009/12/21 06:19:18 | 00,173,056 | ---- | M] (Microsoft Corporation)
ie4uinit.exe -> C:\WINDOWS\System32\dllcache\ie4uinit.exe -> [2009/12/21 06:19:18 | 00,173,056 | ---- | M] (Microsoft Corporation)
nscompat.tlb -> C:\WINDOWS\System32\nscompat.tlb -> [2009/12/19 13:17:08 | 00,023,392 | ---- | M] ()
amcompat.tlb -> C:\WINDOWS\System32\amcompat.tlb -> [2009/12/19 13:17:08 | 00,016,832 | ---- | M] ()
vlc-1.0.3-win32.exe -> C:\Documents and Settings\Tom\My Documents\vlc-1.0.3-win32.exe -> [2009/12/19 12:58:59 | 18,030,130 | ---- | M] ()
win.ini -> C:\WINDOWS\win.ini -> [2009/12/19 11:50:58 | 00,000,619 | ---- | M] ()
Secunia PSI.lnk -> C:\Documents and Settings\Tom\Start Menu\Programs\Startup\Secunia PSI.lnk -> [2009/12/19 11:41:58 | 00,000,752 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Tom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/12/15 22:10:21 | 00,039,424 | ---- | M] ()
Happy_Holidays2009[1].docx -> C:\Documents and Settings\Tom\My Documents\Happy_Holidays2009[1].docx -> [2009/12/14 21:49:08 | 00,013,037 | ---- | M] ()
cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2009/12/12 09:31:41 | 00,001,033 | ---- | M] ()
rmoc3260.dll -> C:\WINDOWS\System32\rmoc3260.dll -> [2009/12/12 09:27:00 | 00,185,920 | ---- | M] (RealNetworks, Inc.)
pndx5016.dll -> C:\WINDOWS\System32\pndx5016.dll -> [2009/12/12 09:26:38 | 00,006,656 | ---- | M] (RealNetworks, Inc.)
pndx5032.dll -> C:\WINDOWS\System32\pndx5032.dll -> [2009/12/12 09:26:38 | 00,005,632 | ---- | M] (RealNetworks, Inc.)
msvcp71.dll -> C:\WINDOWS\System32\msvcp71.dll -> [2009/12/12 09:25:40 | 00,499,712 | ---- | M] (Microsoft Corporation)
msvcr71.dll -> C:\WINDOWS\System32\msvcr71.dll -> [2009/12/12 09:25:40 | 00,348,160 | ---- | M] (Microsoft Corporation)
pncrt.dll -> C:\WINDOWS\System32\pncrt.dll -> [2009/12/12 09:25:39 | 00,278,528 | ---- | M] (Real Networks, Inc)
QTFont.qfn -> C:\WINDOWS\QTFont.qfn -> [2009/12/11 16:06:12 | 00,054,156 | -H-- | M] ()
_MSRSTRT.EXE -> C:\WINDOWS\_MSRSTRT.EXE -> [2009/12/10 17:52:25 | 00,002,560 | ---- | M] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2009/12/09 22:54:07 | 00,261,632 | ---- | M] ()
NtDirect.dll -> C:\WINDOWS\System32\NtDirect.dll -> [2009/12/09 06:24:54 | 00,098,304 | ---- | M] ()
hpqins05.dat -> C:\WINDOWS\hpqins05.dat -> [2009/12/06 10:12:57 | 00,077,372 | ---- | M] ()
Ÿ9Ÿ9 -> C:\Documents and Settings\Tom\Ÿ9Ÿ9 -> [2009/11/26 07:31:33 | 00,000,000 | ---- | M] ()
avgtdix.sys -> C:\WINDOWS\System32\drivers\avgtdix.sys -> [2009/11/22 16:19:24 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgldx86.sys -> C:\WINDOWS\System32\drivers\avgldx86.sys -> [2009/11/22 16:19:24 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgmfx86.sys -> C:\WINDOWS\System32\drivers\avgmfx86.sys -> [2009/11/22 16:19:24 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.)
iavichjw.avm -> C:\WINDOWS\System32\drivers\Avg\iavichjw.avm -> [2009/11/22 16:19:05 | 00,113,461 | ---- | M] ()
avgrsstx.dll -> C:\WINDOWS\System32\avgrsstx.dll -> [2009/11/22 16:19:05 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.)
sysmain.sdb -> C:\WINDOWS\System32\dllcache\sysmain.sdb -> [2009/11/21 08:51:42 | 01,206,508 | ---- | M] ()
aclayers.dll -> C:\WINDOWS\System32\dllcache\aclayers.dll -> [2009/11/21 08:51:04 | 00,471,552 | ---- | M] (Microsoft Corporation)
QuickTimeVR.qtx -> C:\WINDOWS\System32\QuickTimeVR.qtx -> [2009/11/10 23:08:24 | 00,094,208 | ---- | M] (Apple Inc.)
QuickTime.qts -> C:\WINDOWS\System32\QuickTime.qts -> [2009/11/10 23:08:24 | 00,069,632 | ---- | M] (Apple Inc.)
TI.url -> C:\Documents and Settings\Tom\Desktop\TI.url -> [2009/11/09 08:19:14 | 00,000,290 | ---- | M] ()
QTFont.for -> C:\WINDOWS\QTFont.for -> [2009/10/31 21:03:49 | 00,001,409 | ---- | M] ()
extmgr.dll -> C:\WINDOWS\System32\dllcache\extmgr.dll -> [2009/10/29 00:46:51 | 00,133,120 | ---- | M] (Microsoft Corporation)
ieudinit.exe -> C:\WINDOWS\System32\dllcache\ieudinit.exe -> [2009/10/28 07:36:11 | 00,013,824 | ---- | M] (Microsoft Corporation)
[Files - No Company Name]
hiberfil.sys -> C:\hiberfil.sys -> [2010/01/24 14:52:51 | 80,433,9712 | -HS- | C] ()
SystemLook.exe -> C:\Documents and Settings\Tom\Desktop\SystemLook.exe -> [2010/01/24 11:25:43 | 00,100,908 | ---- | C] ()
Boot.bak -> C:\Boot.bak -> [2010/01/22 12:13:16 | 00,000,211 | ---- | C] ()
cmldr -> C:\cmldr -> [2010/01/22 12:13:12 | 00,260,272 | ---- | C] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/01/22 12:12:00 | 00,261,632 | ---- | C] ()
sed.exe -> C:\WINDOWS\sed.exe -> [2010/01/22 12:12:00 | 00,098,816 | ---- | C] ()
grep.exe -> C:\WINDOWS\grep.exe -> [2010/01/22 12:12:00 | 00,080,412 | ---- | C] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/01/22 12:12:00 | 00,077,312 | ---- | C] ()
zip.exe -> C:\WINDOWS\zip.exe -> [2010/01/22 12:12:00 | 00,068,096 | ---- | C] ()
ComboFix.exe -> C:\Documents and Settings\Tom\Desktop\ComboFix.exe -> [2010/01/22 12:09:35 | 03,834,324 | R--- | C] ()
RSIT.exe -> C:\Documents and Settings\Tom\Desktop\RSIT.exe -> [2010/01/21 15:13:32 | 00,781,909 | ---- | C] ()
IconCache.db -> C:\Documents and Settings\Tom\Local Settings\Application Data\IconCache.db -> [2010/01/11 06:01:56 | 02,691,650 | -H-- | C] ()
vlc-1.0.3-win32.exe -> C:\Documents and Settings\Tom\My Documents\vlc-1.0.3-win32.exe -> [2009/12/19 12:58:00 | 18,030,130 | ---- | C] ()
Secunia PSI.lnk -> C:\Documents and Settings\Tom\Start Menu\Programs\Startup\Secunia PSI.lnk -> [2009/12/19 11:41:58 | 00,000,752 | ---- | C] ()
Happy_Holidays2009[1].docx -> C:\Documents and Settings\Tom\My Documents\Happy_Holidays2009[1].docx -> [2009/12/14 21:49:07 | 00,013,037 | ---- | C] ()
_MSRSTRT.EXE -> C:\WINDOWS\_MSRSTRT.EXE -> [2009/12/10 17:52:24 | 00,002,560 | ---- | C] ()
NtDirect.dll -> C:\WINDOWS\System32\NtDirect.dll -> [2009/12/09 06:24:54 | 00,098,304 | ---- | C] ()
hpqins05.dat -> C:\WINDOWS\hpqins05.dat -> [2009/12/06 10:05:06 | 00,077,372 | ---- | C] ()
Yahoo! Finance.url -> C:\Documents and Settings\Tom\Desktop\Yahoo! Finance.url -> [2009/12/05 12:06:33 | 00,003,460 | ---- | C] ()
TI.url -> C:\Documents and Settings\Tom\Desktop\TI.url -> [2009/11/02 07:54:23 | 00,000,290 | ---- | C] ()
QTFont.qfn -> C:\WINDOWS\QTFont.qfn -> [2009/10/31 21:03:49 | 00,054,156 | -H-- | C] ()
QTFont.for -> C:\WINDOWS\QTFont.for -> [2009/10/31 21:03:49 | 00,001,409 | ---- | C] ()
Yahoo! Mail.url -> C:\Documents and Settings\Tom\Desktop\Yahoo! Mail.url -> [2009/10/31 08:16:29 | 00,000,276 | ---- | C] ()
Gmail.url -> C:\Documents and Settings\Tom\Desktop\Gmail.url -> [2009/10/31 08:15:36 | 00,000,619 | ---- | C] ()
GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2009/10/30 10:45:44 | 00,000,880 | ---- | C] ()
GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2009/10/30 10:45:44 | 00,000,876 | ---- | C] ()
Google Software Updater.job -> C:\WINDOWS\tasks\Google Software Updater.job -> [2009/10/30 10:44:08 | 00,000,868 | ---- | C] ()
QFN.ini -> C:\WINDOWS\QFN.ini -> [2009/02/21 21:16:29 | 00,000,000 | ---- | C] ()
QDQICK.ini -> C:\WINDOWS\QDQICK.ini -> [2009/02/21 21:16:29 | 00,000,000 | ---- | C] ()
hpqEmlSz.INI -> C:\WINDOWS\hpqEmlSz.INI -> [2009/02/18 16:14:42 | 00,000,000 | ---- | C] ()
vbupdtx.ini -> C:\WINDOWS\vbupdtx.ini -> [2009/02/02 11:02:20 | 00,000,035 | ---- | C] ()
A5W.INI -> C:\WINDOWS\A5W.INI -> [2008/12/21 08:52:47 | 00,000,035 | ---- | C] ()
QUICKEN.INI -> C:\WINDOWS\QUICKEN.INI -> [2008/12/16 16:12:06 | 00,000,900 | ---- | C] ()
intuprof.ini -> C:\WINDOWS\intuprof.ini -> [2008/12/16 16:12:06 | 00,000,185 | ---- | C] ()
HPBroker.dll -> C:\WINDOWS\HPBroker.dll -> [2008/01/14 16:47:06 | 00,099,712 | ---- | C] ()
idxcntrs.ini -> C:\WINDOWS\System32\idxcntrs.ini -> [2007/09/27 10:51:02 | 00,020,698 | ---- | C] ()
gsrvctr.ini -> C:\WINDOWS\System32\gsrvctr.ini -> [2007/09/27 10:48:48 | 00,030,628 | ---- | C] ()
gthrctr.ini -> C:\WINDOWS\System32\gthrctr.ini -> [2007/09/27 10:48:28 | 00,031,698 | ---- | C] ()
TTutor7.ini -> C:\WINDOWS\TTutor7.ini -> [2007/01/23 15:03:39 | 00,000,146 | ---- | C] ()
cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2006/12/29 13:05:19 | 00,001,033 | ---- | C] ()
dellstat.ini -> C:\WINDOWS\dellstat.ini -> [2006/12/17 14:13:46 | 00,000,092 | ---- | C] ()
lexstat.ini -> C:\WINDOWS\lexstat.ini -> [2006/12/17 14:02:19 | 00,000,407 | ---- | C] ()
OGACheckControl.DLL -> C:\WINDOWS\System32\OGACheckControl.DLL -> [2006/10/13 12:30:10 | 00,668,976 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 14:58:52 | 00,030,808 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 14:53:56 | 00,026,489 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 15:39:28 | 00,029,779 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 15:39:28 | 00,026,040 | ---- | C] ()
kodakpcd.Tom.ini -> C:\WINDOWS\kodakpcd.Tom.ini -> [2005/11/29 16:03:20 | 00,000,022 | ---- | C] ()
nmocod.dll -> C:\WINDOWS\System32\nmocod.dll -> [2004/12/01 21:29:33 | 00,240,640 | ---- | C] ()
usrwiz.ini -> C:\WINDOWS\usrwiz.ini -> [2004/12/01 21:28:15 | 00,000,096 | ---- | C] ()
hpdj3740.ini -> C:\WINDOWS\hpdj3740.ini -> [2004/10/13 20:00:49 | 00,003,997 | ---- | C] ()
hpbvspst.ini -> C:\WINDOWS\hpbvspst.ini -> [2004/10/13 20:00:08 | 00,000,414 | ---- | C] ()
gssmsg.dll -> C:\WINDOWS\System32\gssmsg.dll -> [2004/04/05 12:06:16 | 00,045,056 | R--- | C] ()
psisdecd.dll -> C:\WINDOWS\System32\psisdecd.dll -> [2004/03/27 01:08:10 | 00,363,520 | ---- | C] ()
setupnt.dll -> C:\WINDOWS\System32\setupnt.dll -> [2004/03/25 19:54:39 | 00,037,888 | ---- | C] ()
MSVCRT10.DLL -> C:\WINDOWS\System32\MSVCRT10.DLL -> [2004/03/25 17:14:42 | 00,210,944 | ---- | C] ()
KPCMS.INI -> C:\WINDOWS\KPCMS.INI -> [2004/03/25 17:14:31 | 00,000,123 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2004/03/25 16:48:15 | 00,000,376 | ---- | C] ()
videoimp.ini -> C:\WINDOWS\videoimp.ini -> [2004/03/25 16:29:59 | 00,000,416 | ---- | C] ()
DEBUGSM.INI -> C:\WINDOWS\DEBUGSM.INI -> [2004/03/24 00:36:11 | 00,000,029 | ---- | C] ()
EPSON 1260_1660 Installer.ini -> C:\WINDOWS\EPSON 1260_1660 Installer.ini -> [2004/03/24 00:21:35 | 00,000,196 | ---- | C] ()
PRINTS~1.INI -> C:\WINDOWS\PRINTS~1.INI -> [2004/03/22 21:29:11 | 00,000,338 | ---- | C] ()
BANTExt.sys -> C:\WINDOWS\System32\drivers\BANTExt.sys -> [2004/03/22 21:27:28 | 00,003,840 | ---- | C] ()
xvid.dll -> C:\WINDOWS\System32\xvid.dll -> [2002/10/03 23:01:42 | 00,503,808 | ---- | C] ()
KodakOneTouch.dll -> C:\WINDOWS\System32\KodakOneTouch.dll -> [2000/09/08 17:53:50 | 00,073,839 | ---- | C] ()
sysres.dll -> C:\WINDOWS\System32\sysres.dll -> [1998/08/16 07:00:00 | 00,004,096 | ---- | C] ()
[Alternate Data Streams]
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.20100103-234638.backup:SummaryInformation
< End of report >