Hello deltalima;
1.Removed Microsoft Security Essentials
2.Notepad files posted below
o OTL.txt
o Extras.txt
2. GMER Rootkit Notepad file posted below
Thanks. Pedro.
OTL logfile created on: 27/07/10 8:56:54 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 620 620 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.43 Gb Total Space | 30.48 Gb Free Space | 42.67% Space Free | Partition Type: NTFS
Drive D: | 19.00 Gb Total Space | 10.39 Gb Free Space | 54.65% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 5.26 Gb Total Space | 4.72 Gb Free Space | 89.87% Space Free | Partition Type: NTFS
Computer Name: GM
Current User Name: Pedro
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\MemoKit\MemoKit2.exe (Software Benefits Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msi.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe File not found
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (SNMP) -- C:\WINDOWS\system32\snmp.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE (SEIKO EPSON CORPORATION)
SRV - (SQLWriter) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (SNDSrvc) -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (LPDSVC) -- C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (winachsf) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys File not found
DRV - (smserial) -- C:\WINDOWS\System32\DRIVERS\smserial.sys File not found
DRV - (HSFHWBS2) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys File not found
DRV - (HSF_DP) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys File not found
DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV - (cpuz132) -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (catchme) -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (AvgTdiX) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (tmcomm) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys ()
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMDNS) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (HidMouse) -- C:\WINDOWS\system32\drivers\HidMouse.sys (Office HID Mouse)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\R8139n51.sys (Realtek Semiconductor Corporation )
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
www.bing.com [binary data]
IE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://my.msn.com/IE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
IE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
O1 HOSTS File: ([2010/07/14 15:49:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0983.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0983.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O3 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O3 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\Epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009..\Run: [EPSON Stylus Photo RX580 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBPA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\MemoKit.lnk = C:\Program Files\MemoKit\mk.exe (Software Benefits Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0
O7 - HKU\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4}
http://download.microsoft.com/download/ ... arth3D.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}
http://cdn.scan.onecare.live.com/resour ... se6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC}
https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FFFFFFFF-CAFE-BABE-BABE-00AA0055595A} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = workgroup
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/20 20:22:09 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2010/07/13 17:11:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/13 02:00:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.SOL -- [ NTFS ]
O32 - AutoRun File - [2001/10/30 09:54:46 | 000,000,137 | ---- | M] () - D:\AUTOEXEC.DOS -- [ FAT32 ]
O32 - AutoRun File - [2005/09/20 08:18:00 | 000,000,262 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2003/11/26 13:29:56 | 000,000,401 | ---- | M] () - D:\autoexec.nai -- [ FAT32 ]
O32 - AutoRun File - [2003/10/20 08:48:28 | 000,000,449 | ---- | M] () - D:\AUTOEXEC.CAM -- [ FAT32 ]
O32 - AutoRun File - [2005/09/19 23:14:42 | 000,000,274 | ---- | M] () - D:\AUTOEXEC.TSH -- [ FAT32 ]
O32 - AutoRun File - [2005/09/17 07:06:48 | 000,000,246 | ---- | M] () - D:\AUTOEXEC.BAK -- [ FAT32 ]
O32 - AutoRun File - [2005/08/27 09:10:30 | 000,000,454 | ---- | M] () - D:\autoexec.pu_ -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/07/27 20:53:49 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2010/07/27 19:02:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner\Recent
[2010/07/26 20:47:33 | 002,289,664 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmgicd.dll
[2010/07/26 20:47:33 | 000,512,000 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmgdev.dll
[2010/07/26 20:47:33 | 000,049,152 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrem.dll
[2010/07/26 20:47:32 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2010/07/26 20:47:32 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2010/07/26 20:47:32 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2010/07/26 20:47:32 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2010/07/26 20:47:32 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2010/07/26 20:47:32 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2010/07/26 20:47:32 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2010/07/26 20:47:32 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2010/07/26 20:47:32 | 000,106,496 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxext.exe
[2010/07/26 20:47:32 | 000,036,864 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2010/07/26 20:47:31 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2010/07/26 20:47:31 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2010/07/26 20:47:31 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2010/07/26 20:47:31 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2010/07/26 20:47:31 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfrc.lrc
[2010/07/26 20:47:31 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2010/07/26 20:47:31 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2010/07/26 20:47:31 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2010/07/26 20:47:31 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2010/07/26 20:47:31 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2010/07/26 20:47:30 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2010/07/26 20:47:30 | 000,167,936 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2010/07/26 20:47:30 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2010/07/26 20:47:30 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxreng.lrc
[2010/07/26 20:47:30 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2010/07/26 20:47:30 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2010/07/26 20:47:30 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2010/07/26 20:47:30 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrarb.lrc
[2010/07/26 20:47:30 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2010/07/26 20:47:28 | 001,245,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2010/07/26 20:47:27 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2010/07/26 20:47:27 | 000,131,072 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxhk.dll
[2010/07/26 20:47:27 | 000,114,688 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe
[2010/07/26 20:47:27 | 000,086,016 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2010/07/26 20:47:25 | 000,503,808 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe
[2010/07/26 20:47:25 | 000,225,280 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxeud.dll
[2010/07/26 20:47:25 | 000,151,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdiag.exe
[2010/07/26 20:47:25 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdev.dll
[2010/07/26 20:47:25 | 000,094,208 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2010/07/26 20:47:25 | 000,045,056 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdgps.dll
[2010/07/26 20:47:24 | 000,225,280 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll
[2010/07/26 20:47:23 | 000,348,160 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll
[2010/07/26 20:47:22 | 000,118,784 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2010/07/26 20:47:21 | 000,819,259 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdd5.dll
[2010/07/26 20:47:19 | 000,164,475 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdev5.dll
[2010/07/26 20:47:18 | 000,100,924 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmdnt5.dll
[2010/07/26 20:47:17 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2010/07/26 20:47:17 | 000,037,951 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ialmrnt5.dll
[2010/07/26 20:47:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/07/26 19:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/07/26 17:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon
[2010/07/25 19:37:21 | 000,000,000 | ---D | C] -- C:\ComboFixpedro15166C
[2010/07/25 19:35:50 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/07/21 10:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Allianz
[2010/07/20 20:22:09 | 000,000,000 | ---D | C] -- C:\Autodesk
[2010/07/19 21:54:02 | 000,000,000 | ---D | C] -- C:\8c08b47e712eea24b23d675541
[2010/07/19 13:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/07/17 18:33:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\IObit
[2010/07/17 18:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/07/17 18:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010/07/16 19:57:15 | 000,164,352 | ---- | C] (PGWARE) -- C:\WINDOWS\System32\vdspopup.dll
[2010/07/16 19:56:40 | 000,189,952 | ---- | C] (Commercial Research Ltd.) -- C:\WINDOWS\System32\vdsbrw50.dll
[2010/07/16 19:56:21 | 000,218,624 | ---- | C] (Commercial Research Ltd.) -- C:\WINDOWS\System32\vdsrun50.dll
[2010/07/16 19:55:42 | 000,462,336 | ---- | C] (S.A.D.E. s.a.r.l.) -- C:\WINDOWS\System32\vdsrun40.dll
[2010/07/16 19:55:23 | 000,327,168 | ---- | C] (S.A.D.E. s.a.r.l.) -- C:\WINDOWS\System32\vdsrun30.dll
[2010/07/16 19:54:56 | 000,398,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VBRUN300.DLL
[2010/07/16 19:54:05 | 000,401,484 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrtd.dll
[2010/07/16 19:41:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Yahoo
[2010/07/16 19:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/07/16 19:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/07/16 19:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/07/16 17:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\wsInspector
[2010/07/16 17:48:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\wsInspector
[2010/07/16 17:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Startup Inspector for Windows
[2010/07/16 17:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/07/16 17:07:23 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/16 15:13:13 | 000,000,000 | ---D | C] -- C:\ComboFixpedro
[2010/07/14 16:11:06 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/14 15:14:53 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/07/14 15:14:53 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/14 15:14:52 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/07/14 15:14:52 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/07/14 15:14:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/14 14:41:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/14 05:25:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{65893B95-F47B-4483-B883-86BA181E9B54}
[2010/07/13 19:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/07/13 18:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2010/07/13 16:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Micrsofta IE problems
[2010/07/13 15:10:54 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\guwqcohl.sys
[2010/07/13 08:08:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore
[2010/07/13 02:17:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\AVG9
[2010/07/12 13:35:43 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/07/12 08:54:53 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/07/12 08:54:49 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/07/12 08:54:39 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/07/12 08:54:37 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/07/12 08:54:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/07/12 08:54:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/07/12 08:49:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/07/12 08:28:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/07/11 23:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\Rq
[2010/07/11 23:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/07/11 23:12:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
[2010/07/11 11:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/11 11:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/11 11:31:27 | 000,030,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\azwohmna.sys
[2010/07/11 11:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
[2010/07/11 11:15:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/11 11:15:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/11 11:15:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/11 11:15:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/11 02:18:29 | 008,251,911 | ---- | C] (McAfee Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\stinger1001934.exe
[2010/07/09 18:12:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Smith Barney
[2010/07/08 08:38:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Dominion
[2010/07/02 08:23:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2010/07/01 23:57:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\ElevatedDiagnostics
[2010/07/01 23:54:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[18 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/07/27 20:54:39 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\judkbn02.exe
[2010/07/27 20:53:53 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2010/07/27 20:49:40 | 000,000,982 | ---- | M] () -- C:\WINDOWS\aclockz6.dat
[2010/07/27 20:40:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/27 20:31:00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-905325559-1440688104-3847562056-1009UA.job
[2010/07/27 19:40:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/27 19:28:19 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/27 19:01:43 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\SDMsgUpdate (TE).job
[2010/07/27 19:01:30 | 000,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/07/27 19:01:20 | 000,012,710 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/27 19:00:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/27 19:00:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/27 19:00:00 | 1601,753,088 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/27 18:54:20 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/07/27 09:02:49 | 062,629,516 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/07/27 02:31:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-905325559-1440688104-3847562056-1009Core.job
[2010/07/27 02:00:00 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2010/07/26 19:45:22 | 016,777,216 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.dat
[2010/07/26 19:45:22 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.ini
[2010/07/26 17:21:15 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Vz In-Home Agent.lnk
[2010/07/25 19:37:21 | 000,000,354 | ---- | M] () -- C:\Start_.cmd
[2010/07/25 14:50:30 | 000,005,342 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\mainhst.zgh
[2010/07/24 22:51:35 | 000,000,657 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\MemoKit.lnk
[2010/07/23 22:20:17 | 000,001,496 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Welcome, Pedro! LinkedIn.url
[2010/07/22 19:09:05 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\CCleaner.lnk
[2010/07/21 21:52:45 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Microsoft Office Excel 2003.lnk
[2010/07/20 17:52:40 | 000,000,063 | ---- | M] () -- C:\Custom.dic
[2010/07/19 21:50:04 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Microsoft Office Word 2003.lnk
[2010/07/19 19:49:30 | 001,822,554 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\untitled.bmp
[2010/07/19 17:31:13 | 000,000,325 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MalWare Removal • View topic - Win32-Alureon.H may be the issue.url
[2010/07/19 14:42:46 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2010/07/17 18:18:38 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Defraggler.lnk
[2010/07/17 10:30:06 | 000,000,529 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Compaq Presario SR1400 Desktop PC series - Download drivers and software - HP Business Support Center.url
[2010/07/17 09:01:16 | 000,001,496 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Welcome, Pedro! LinkedIn.url
[2010/07/16 19:35:35 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Startup Inspector for Windows.lnk
[2010/07/16 15:32:30 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/16 13:56:07 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\System Restore (2).lnk
[2010/07/14 18:55:01 | 000,002,601 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Global.sw2
[2010/07/14 15:49:56 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/14 13:38:55 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/14 12:11:57 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/13 17:11:13 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/07/13 15:10:54 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\guwqcohl.sys
[2010/07/13 02:00:43 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.SOL
[2010/07/13 02:00:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/13 00:30:13 | 000,175,184 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Roguefix_3.001.bat
[2010/07/12 09:52:17 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to stinger1001934.exe.lnk
[2010/07/12 09:51:33 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware (2).lnk
[2010/07/12 08:54:55 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/07/12 08:54:55 | 000,001,515 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/07/12 08:54:52 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/07/12 08:54:40 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/07/12 08:54:39 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/07/12 08:54:37 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/07/11 22:56:46 | 000,000,241 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Add or Remove Programs.lnk
[2010/07/11 22:55:10 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser (4).lnk
[2010/07/11 22:55:01 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook (2).lnk
[2010/07/11 21:16:42 | 002,647,232 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\IconCache.db
[2010/07/11 20:22:02 | 000,000,211 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Google
diez.pa@gmail.com HPvs17P3413.url
[2010/07/11 19:52:54 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\sjhiprx.sys
[2010/07/11 18:02:06 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[2010/07/11 13:58:40 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\hwpaun.sys
[2010/07/11 13:30:55 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\kxpkio.sys
[2010/07/11 11:36:16 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\qewopbfa.sys
[2010/07/11 11:31:27 | 000,030,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\azwohmna.sys
[2010/07/11 11:15:29 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/11 02:18:46 | 008,251,911 | ---- | M] (McAfee Inc.) -- C:\Documents and Settings\Compaq_Owner\Desktop\stinger1001934.exe
[2010/07/09 17:02:44 | 001,196,423 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\From Shapiro Buson to Turnkey.pdf
[2010/07/08 22:12:49 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/05 20:35:42 | 001,563,456 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Sounds By Four.PSF
[18 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/07/27 20:54:37 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\judkbn02.exe
[2010/07/27 19:08:54 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/26 20:47:30 | 000,068,110 | ---- | C] () -- C:\WINDOWS\System32\igfxhhun.lhp
[2010/07/26 20:47:30 | 000,064,509 | ---- | C] () -- C:\WINDOWS\System32\igfxhtrk.lhp
[2010/07/26 20:47:30 | 000,063,265 | ---- | C] () -- C:\WINDOWS\System32\igfxhsve.lhp
[2010/07/26 20:47:30 | 000,062,804 | ---- | C] () -- C:\WINDOWS\System32\igfxhtha.lhp
[2010/07/26 20:47:30 | 000,062,453 | ---- | C] () -- C:\WINDOWS\System32\igfxhptg.lhp
[2010/07/26 20:47:30 | 000,061,826 | ---- | C] () -- C:\WINDOWS\System32\igfxhell.lhp
[2010/07/26 20:47:30 | 000,061,410 | ---- | C] () -- C:\WINDOWS\System32\igfxhrus.lhp
[2010/07/26 20:47:30 | 000,060,612 | ---- | C] () -- C:\WINDOWS\System32\igfxhcsy.lhp
[2010/07/26 20:47:29 | 000,066,112 | ---- | C] () -- C:\WINDOWS\System32\igfxhkor.lhp
[2010/07/26 20:47:29 | 000,063,210 | ---- | C] () -- C:\WINDOWS\System32\igfxhplk.lhp
[2010/07/26 20:47:29 | 000,062,769 | ---- | C] () -- C:\WINDOWS\System32\igfxhfrc.lhp
[2010/07/26 20:47:29 | 000,062,767 | ---- | C] () -- C:\WINDOWS\System32\igfxhfin.lhp
[2010/07/26 20:47:29 | 000,062,629 | ---- | C] () -- C:\WINDOWS\System32\igfxhjpn.lhp
[2010/07/26 20:47:29 | 000,062,451 | ---- | C] () -- C:\WINDOWS\System32\igfxhfra.lhp
[2010/07/26 20:47:29 | 000,062,336 | ---- | C] () -- C:\WINDOWS\System32\igfxhdeu.lhp
[2010/07/26 20:47:29 | 000,061,845 | ---- | C] () -- C:\WINDOWS\System32\igfxhptb.lhp
[2010/07/26 20:47:29 | 000,060,769 | ---- | C] () -- C:\WINDOWS\System32\igfxhesp.lhp
[2010/07/26 20:47:29 | 000,060,247 | ---- | C] () -- C:\WINDOWS\System32\igfxhdan.lhp
[2010/07/26 20:47:29 | 000,060,178 | ---- | C] () -- C:\WINDOWS\System32\igfxhnor.lhp
[2010/07/26 20:47:29 | 000,060,138 | ---- | C] () -- C:\WINDOWS\System32\igfxhnld.lhp
[2010/07/26 20:47:29 | 000,059,747 | ---- | C] () -- C:\WINDOWS\System32\igfxhita.lhp
[2010/07/26 20:47:29 | 000,059,471 | ---- | C] () -- C:\WINDOWS\System32\igfxhheb.lhp
[2010/07/26 20:47:29 | 000,059,390 | ---- | C] () -- C:\WINDOWS\System32\igfxhcht.lhp
[2010/07/26 20:47:29 | 000,059,200 | ---- | C] () -- C:\WINDOWS\System32\igfxharb.lhp
[2010/07/26 20:47:29 | 000,059,200 | ---- | C] () -- C:\WINDOWS\System32\igfxhara.lhp
[2010/07/26 20:47:29 | 000,058,563 | ---- | C] () -- C:\WINDOWS\System32\igfxhchs.lhp
[2010/07/26 20:47:29 | 000,058,384 | ---- | C] () -- C:\WINDOWS\System32\igfxheng.lhp
[2010/07/26 20:47:27 | 000,057,806 | ---- | C] () -- C:\WINDOWS\System32\igfxhenu.lhp
[2010/07/26 20:06:06 | 000,005,120 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Thumbs.db
[2010/07/26 17:21:15 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Vz In-Home Agent.lnk
[2010/07/25 19:37:21 | 000,000,354 | ---- | C] () -- C:\Start_.cmd
[2010/07/23 22:20:17 | 000,001,496 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Welcome, Pedro! LinkedIn.url
[2010/07/19 19:49:29 | 001,822,554 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\untitled.bmp
[2010/07/19 17:31:13 | 000,000,325 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\MalWare Removal • View topic - Win32-Alureon.H may be the issue.url
[2010/07/19 13:54:55 | 000,002,461 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2010/07/17 18:33:39 | 000,000,384 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/07/17 18:18:38 | 000,001,588 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Defraggler.lnk
[2010/07/17 10:30:06 | 000,000,529 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Compaq Presario SR1400 Desktop PC series - Download drivers and software - HP Business Support Center.url
[2010/07/17 09:01:16 | 000,001,496 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Welcome, Pedro! LinkedIn.url
[2010/07/16 19:53:05 | 000,001,225 | ---- | C] () -- C:\WINDOWS\System32\readme.htm
[2010/07/16 19:35:35 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Startup Inspector for Windows.lnk
[2010/07/16 19:35:29 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/16 19:35:27 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/16 13:59:39 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\System Restore (2).lnk
[2010/07/16 13:18:52 | 1601,753,088 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/14 20:14:25 | 016,777,216 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ntuser.dat
[2010/07/14 15:14:53 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/14 15:14:53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/07/14 15:14:53 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/14 15:14:53 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/14 15:14:52 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/07/13 00:55:00 | 000,175,184 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Roguefix_3.001.bat
[2010/07/12 09:52:17 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to stinger1001934.exe.lnk
[2010/07/12 09:51:33 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware (2).lnk
[2010/07/12 08:54:55 | 000,001,515 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/07/12 08:54:36 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/07/12 08:54:23 | 062,629,516 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/07/11 22:56:46 | 000,000,241 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Add or Remove Programs.lnk
[2010/07/11 22:55:10 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser (4).lnk
[2010/07/11 22:55:01 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook (2).lnk
[2010/07/11 19:52:54 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\sjhiprx.sys
[2010/07/11 18:02:06 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[2010/07/11 13:58:40 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\hwpaun.sys
[2010/07/11 13:30:55 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\kxpkio.sys
[2010/07/11 11:36:16 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\qewopbfa.sys
[2010/07/11 11:15:29 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/10 19:17:27 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/09 17:02:44 | 001,196,423 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\From Shapiro Buson to Turnkey.pdf
[2010/07/05 20:34:15 | 001,563,456 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Sounds By Four.PSF
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/29 12:55:42 | 000,000,303 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/05/06 10:06:20 | 000,000,091 | ---- | C] () -- C:\WINDOWS\2pic.ini
[2008/08/26 21:26:56 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/08/26 21:26:55 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/04/28 15:39:28 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/09/15 14:16:28 | 000,000,084 | ---- | C] () -- C:\WINDOWS\EPSPRX580.ini
[2007/04/21 11:33:05 | 001,089,536 | ---- | C] () -- C:\WINDOWS\System32\XWheel.dll
[2007/04/21 11:33:05 | 000,892,928 | ---- | C] () -- C:\WINDOWS\System32\MousePage.dll
[2007/03/26 18:28:57 | 000,003,058 | ---- | C] () -- C:\WINDOWS\Foothill Felines ScreenSaver.ini
[2007/01/27 20:56:51 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\LPng.dll
[2006/08/02 13:59:20 | 000,000,031 | ---- | C] () -- C:\WINDOWS\MaData6.INI
[2006/03/30 20:12:30 | 000,000,031 | ---- | C] () -- C:\WINDOWS\warhead.ini
[2006/03/12 14:02:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006/03/05 14:14:17 | 001,474,618 | ---- | C] () -- C:\WINDOWS\System32\DOCSMARTZ.dll
[2006/03/05 14:14:17 | 000,245,868 | ---- | C] () -- C:\WINDOWS\System32\DocSmartzHS.dll
[2005/12/31 19:21:50 | 000,000,058 | ---- | C] () -- C:\WINDOWS\sview.ini
[2005/12/27 09:21:01 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2005/12/11 12:39:56 | 000,000,255 | ---- | C] () -- C:\WINDOWS\d42001.ini
[2005/09/23 13:04:39 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2005/09/20 00:38:47 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2005/09/20 00:37:53 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2005/09/20 00:34:49 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2005/09/20 00:34:48 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2005/09/20 00:32:02 | 000,000,227 | ---- | C] () -- C:\WINDOWS\EPSON CX6600 Installer.ini
[2005/09/19 23:34:32 | 000,202,240 | R--- | C] () -- C:\WINDOWS\patchw32.A259.dll
[2005/09/19 23:14:36 | 000,000,730 | ---- | C] () -- C:\WINDOWS\BTI.INI
[2005/09/19 17:47:56 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2005/09/19 14:14:30 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2005/01/29 08:36:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/01/29 08:33:55 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/01/29 08:33:55 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/01/29 08:33:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/01/29 08:33:55 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/01/29 08:33:55 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/01/29 08:33:54 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/01/29 07:56:27 | 000,013,975 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/01/29 07:56:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/01/29 07:55:53 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2005/01/29 07:52:21 | 000,002,634 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/29 07:22:59 | 000,000,883 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/01/29 00:30:48 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/11/24 14:47:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\DXFLib.dll
[2004/08/20 06:14:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 06:14:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/07/10 18:55:38 | 000,252,416 | ---- | C] () -- C:\WINDOWS\System32\wsiShared.dll
[2004/06/16 07:38:02 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/06/09 16:38:01 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\JPeg32.dll
[2004/04/15 20:00:00 | 000,000,059 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2003/04/11 02:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/01/08 02:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/10/28 18:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2001/09/19 13:41:46 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\opcode.dll
[2001/03/12 10:26:58 | 000,000,502 | ---- | C] () -- C:\WINDOWS\TIFF2PDF.INI
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 400 bytes -> C:\WINDOWS\System32\drivers\azwohmna.sys:changelist
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 27/07/10 8:56:54 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 620 620 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.43 Gb Total Space | 30.48 Gb Free Space | 42.67% Space Free | Partition Type: NTFS
Drive D: | 19.00 Gb Total Space | 10.39 Gb Free Space | 54.65% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 5.26 Gb Total Space | 4.72 Gb Free Space | 89.87% Space Free | Partition Type: NTFS
Computer Name: GM
Current User Name: Pedro
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
jsfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" %*
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.)
"C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
"C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe:*:Disabled:Compaq Connections -- (Hewlett-Packard)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034BAB6C-8ED8-4CF6-B292-CC6A5B6ADFAA}" = Virtual Earth - 3DVIA (Beta)
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{109D28C7-FB38-483A-9C91-001CB59E2699}" = EPSON CardMonitor
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A103D70-5C9B-4E1A-B306-5106C68F9914}" = Microsoft Plus! Dancer LE
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1CA2E5E4-F4FE-44B4-95E9-77523FB95838}" = EPSON Stylus Photo RX580 Scanner Driver Update
"{1CBE3804-20DF-48DA-B048-895C206E80A5}" = Microsoft SQL Server VSS Writer
"{2171F767-B6D7-4651-9198-24A0812AA528}" = HP Photosmart Cameras 4.5
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{235C3A50-559F-4CAA-BAC3-4CC9ABF51976}" = HP Mouse
"{23E5C72C-CC08-4EE0-9CC2-D925B232B331}" = Microsoft MSDN 2005 Express Edition - ENU
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 13
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2C42ED1E-6315-4E63-89E6-057EA114EBB8}" = MetaFrame Presentation Server Client
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Virtual Earth 3D (Beta)
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3912A629-0020-0005-3757-2FBA74D4DF0A}" = InterVideo WinDVD Player
"{3A14DB5B-8D96-400C-BD97-A5656779099D}" = ArcSoft PhotoStudio 5.5
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4AC23178-EEBC-4BAF-8CC0-AB15C8897AC9}" = Log Parser 2.2
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54DD126C-E5F5-404C-B4B7-66DF7FD4F2FF}" = MSSoap
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6450335D-D87C-4003-812F-7E879866A74E}" = Business Plan Pro 2006
"{66C8BE35-8BBB-472B-96C7-C7C9A499F988}" = ArcSoft Software Suite
"{6710FE30-27F7-492B-A660-D31D4A898A43}" = MSN Toolbar
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6DE6837F-F3A3-40FF-9F5C-A0B95948E32D}" = Dassault Systemes Software Prerequisites x86
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{76643356-611A-4A07-8BEC-79E85546916F}" = HP Display LiteSaver
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BDD6642-76D6-49F7-9157-6100E5C75B97}" = Vz In Home Agent
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84F1DE76-C48C-4281-87A0-CC9548D1E7F9}" = Rhapsody Player Engine
"{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6A4A5F6-072C-4c3a-B6B2-5D8F31DF9A01}" = CameraDrivers
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.3
"{AE704636-ECD0-426C-952E-05B8DABD1949}" = EPSON PhotoStarter3.2
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B383EEC2-A3EC-4E76-9CFC-26A2328712FC}" = Reporting Add-In for Microsoft Visual Web Developer 2005 Express
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BAD00139-E284-4F6C-AA94-FB637462DEEB}" = Palo Alto Software's Application Manager 8.2
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BE20E2F5-1903-4AAE-B1AF-2046E586C925}" = iTunes
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{CA0A1E54-CE0F-4366-B09C-A87B61DC5633}" = Symantec Network Drivers Update
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{D21553E9-2EC5-4E8C-AB71-07AC07D50BBC}" = EPSON PhotoCenter
"{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1" = Uninstall Startup Inspector
"{E786D4DB-EB0D-4474-ADC2-3C229BC17FCA}" = Interactive User’s Guide
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.0.3.1130)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F91E1833-2D7C-4725-B98A-C779FEC41946}" = EarthLink MDAC
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"AVG9Uninstall" = AVG Free 9.0
"BackWeb-6750491 Uninstaller" = Compaq Connections
"Belarc Advisor 2.0" = Belarc Advisor 7.0
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CCleaner" = CCleaner
"CSCLIB" = Canon Camera Support Core Library
"Defraggler" = Defraggler
"Doro_is1" = Doro 1.40
"EOS Utility" = Canon Utilities EOS Utility
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"EvidenceNuker" = EvidenceNuker (remove only)
"HijackThis" = HijackThis 1.99.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{76643356-611A-4A07-8BEC-79E85546916F}" = HP Display LiteSaver
"InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}" = iTunes
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"MemoKit" = MemoKit
"MemoKit - Software Benefits Inc" = MemoKit - Software Benefits Inc
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"Microsoft MSDN 2005 Express Edition - ENU" = Microsoft MSDN 2005 Express Edition - ENU
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Pervasive System Analyzer" = Pervasive System Analyzer
"Pervasive.SQL Workgroup" = Pervasive.SQL Workgroup v8.10
"Pervasive.SQL Workgroup HotFix - MicroKernel" = Pervasive.SQL Workgroup v8.10 MicroKernel HotFix
"Pervasive.SQL Workgroup HotFix - SQL/ODBC" = Pervasive.SQL Workgroup v8.10 SQL/ODBC HotFix
"PhotoScape" = PhotoScape
"PhotoShow 5" = PhotoShow 5
"PhotoStitch" = Canon Utilities PhotoStitch
"PIXresizer_is1" = PIXresizer 2.0.4
"Pop-Up Stopper Free Edition" = Pop-Up Stopper Free Edition
"ProjectWhois" = ProjectWhois
"PS2" = PS2
"QuickTime" = QuickTime
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Security Task Manager" = Security Task Manager 1.7h
"SEO Explorer" = SEO Explorer
"Silent Package Run-Time Sample" = EPSON Stylus Photo RX580 User's Guide
"Smart Defrag_is1" = Smart Defrag
"SmartDraw VP" = SmartDraw VP
"SpreadPro 2" = SpreadPro 2
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"ST6UNST #2" = Invoice by Click (C:\Program Files\Invoice by Click\)
"WebIQ" = WebIQ Client Software
"Webshots Desktop" = Webshots Desktop
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-905325559-1440688104-3847562056-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Digital Editions" = Adobe Digital Editions
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 26/07/10 7:33:35 PM | Computer Name = GM | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
Error - 26/07/10 8:04:06 PM | Computer Name = GM | Source = MsiInstaller | ID = 11316
Description = Product: System Requirements Lab for Intel -- Error 1316. A network
error occurred while attempting to read from the file: C:\Documents and Settings\Compaq_Owner\Local
Settings\Temporary Internet Files\Content.IE5\LTX2S0C4\srldetect.msi
Error - 26/07/10 8:07:07 PM | Computer Name = GM | Source = MsiInstaller | ID = 11500
Description = Product: System Requirements Lab for Intel -- Error 1500. Another
installation is in progress. You must complete that installation before continuing
this one.
Error - 26/07/10 8:07:11 PM | Computer Name = GM | Source = MsiInstaller | ID = 11500
Description = Product: System Requirements Lab for Intel -- Error 1500. Another
installation is in progress. You must complete that installation before continuing
this one.
Error - 26/07/10 8:34:29 PM | Computer Name = GM | Source = MsiInstaller | ID = 11316
Description = Product: System Requirements Lab for Intel -- Error 1316. A network
error occurred while attempting to read from the file: C:\Documents and Settings\Compaq_Owner\Local
Settings\Temporary Internet Files\Content.IE5\LTX2S0C4\srldetect.msi
Error - 26/07/10 8:35:04 PM | Computer Name = GM | Source = MsiInstaller | ID = 11316
Description = Product: System Requirements Lab for Intel -- Error 1316. A network
error occurred while attempting to read from the file: C:\Documents and Settings\Compaq_Owner\Desktop\srldetect.msi
Error - 26/07/10 8:35:09 PM | Computer Name = GM | Source = MsiInstaller | ID = 11316
Description = Product: System Requirements Lab for Intel -- Error 1316. A network
error occurred while attempting to read from the file: C:\Documents and Settings\Compaq_Owner\Desktop\srldetect.msi
Error - 26/07/10 11:05:43 PM | Computer Name = GM | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 26/07/10 11:05:48 PM | Computer Name = GM | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
Error - 27/07/10 8:15:08 AM | Computer Name = GM | Source = MSSecurityEssentials | ID = 5000
Description =
[ System Events ]
Error - 23/07/10 9:39:52 AM | Computer Name = GM | Source = Microsoft Antimalware | ID = 3002
Description =
Error - 23/07/10 9:46:46 AM | Computer Name = GM | Source = Microsoft Antimalware | ID = 3002
Description =
Error - 23/07/10 4:20:52 PM | Computer Name = GM | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 0011D8BE4E8C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 25/07/10 12:55:02 PM | Computer Name = GM | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 0011D8BE4E8C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 25/07/10 1:23:08 PM | Computer Name = GM | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 0011D8BE4E8C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 25/07/10 1:26:53 PM | Computer Name = GM | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 0011D8BE4E8C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 25/07/10 8:49:44 PM | Computer Name = GM | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 0011D8BE4E8C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
Error - 26/07/10 7:23:29 AM | Computer Name = GM | Source = Microsoft Antimalware | ID = 3002
Description =
Error - 26/07/10 7:29:15 AM | Computer Name = GM | Source = Microsoft Antimalware | ID = 3002
Description =
Error - 27/07/10 7:00:11 PM | Computer Name = GM | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 0011D8BE4E8C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
< End of report >
GMER 1.0.15.15281 -
http://www.gmer.netRootkit scan 2010-07-28 07:36:53
Windows 5.1.2600 Service Pack 3
Running: judkbn02.exe; Driver: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\ugldqpow.sys
---- System - GMER 1.0.15 ----
SSDT 8A4B1E00 ZwConnectPort
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Classes\CLSID\{71A78D8C-2A2C-F1E0-42C57DD6D788EDD0}\{92C0E49C-6DF5-7FD3-2A5D5DA34780C80D}\{FCC2AF23-71C0-A57B-CCE1F90128BA76FE}
Reg HKLM\SOFTWARE\Classes\CLSID\{71A78D8C-2A2C-F1E0-42C57DD6D788EDD0}\{92C0E49C-6DF5-7FD3-2A5D5DA34780C80D}\{FCC2AF23-71C0-A57B-CCE1F90128BA76FE}@NRDFOBLVNAUE2QOGEQXAH1Y2DD1 0x01 0x00 0x01 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C3E67C84-FF81-4ACD-401BD333BA56E9EA}\{F4E9985F-0D7B-FE76-62CD8C76B0126B78}\{BB457FA5-4647-F88E-4919FBC3754B9322}
Reg HKLM\SOFTWARE\Classes\CLSID\{C3E67C84-FF81-4ACD-401BD333BA56E9EA}\{F4E9985F-0D7B-FE76-62CD8C76B0126B78}\{BB457FA5-4647-F88E-4919FBC3754B9322}@NRDFOBLVNAUE2QOGEQXAH1Y2DD1 0x01 0x00 0x01 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EA20B5D7-213B-BF6A-A687F1F5E27AC26F}\{EEE35091-0AEA-CF92-BEFE1061EF739928}\{47B248DC-A6E0-641B-BA973614FEEFC865}
Reg HKLM\SOFTWARE\Classes\CLSID\{EA20B5D7-213B-BF6A-A687F1F5E27AC26F}\{EEE35091-0AEA-CF92-BEFE1061EF739928}\{47B248DC-A6E0-641B-BA973614FEEFC865}@NRDFOBLVNAUE2QOGEQXAH1Y2DD1 0x01 0x00 0x01 0x00 ...
---- Files - GMER 1.0.15 ----
File C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\#SharedObjects\48HMWAXE\www.fancast.com.\player.sol 98 bytes
File C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\#SharedObjects\48HMWAXE\www.fancast.com.\static-29985 0 bytes
File C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\#SharedObjects\48HMWAXE\www.fancast.com.\static-29985\swf 0 bytes
File C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\#SharedObjects\48HMWAXE\www.fancast.com.\static-29985\swf\FCVidContainerInit.swf 0 bytes
File C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\#SharedObjects\48HMWAXE\www.fancast.com.\static-29985\swf\FCVidContainerInit.swf\comfancastbookmarks.sol 121 bytes
File C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\#SharedObjects\48HMWAXE\www.fancast.com.\s_br.sol 35 bytes
File C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.fancast.com.\settings.sol 86 bytes
---- EOF - GMER 1.0.15 ----
