Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrator at 2009-03-29 11:47:53
Microsoft Windows XP Professional Service Pack 3
System drive C: has 116 GB (51%) free of 229 GB
Total RAM: 1015 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:48:29 AM, on 3/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\AGRSMMSG.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Administrator\Desktop\RSIT.exe
C:\Documents and Settings\HP_Administrator\Desktop\HP_Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &Google Search -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
--
End of file - 12220 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Easy Internet Sign-up.job
C:\WINDOWS\tasks\jpwlkvuy.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{CFD7DB17-7288-4D16-B8E9-76108534956D}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2008-09-29 61200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2005-11-02 720896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-16 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-16 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - HP view - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2005-11-02 720896]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-10 59392]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-18 61952]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-12-01 126976]
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2005-02-26 245760]
"LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-11-02 180269]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-03-14 136512]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2008-09-29 124240]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-16 148888]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-12-18 76304]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-03-09 515416]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]
""= []
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-08-16 236016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-12-01 348160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-02-19 72208]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe:*:Enabled:BackWeb for Pavilion"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d3451be4-bc13-11d9-bafb-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
======List of files/folders created in the last 1 months======
2009-03-29 11:47:53 ----D---- C:\rsit
2009-03-29 02:32:52 ----D---- C:\Program Files\American Airlines TravelDesk
2009-03-29 02:29:36 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Google
2009-03-23 10:55:38 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Sonic
2009-03-23 10:54:44 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Leadertech
2009-03-23 09:56:45 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard
2009-03-23 09:55:33 ----D---- C:\Program Files\Common Files\iS3
2009-03-23 09:55:33 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2009-03-23 02:09:43 ----D---- C:\Program Files\Trend Micro
2009-03-20 09:24:18 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2009-03-20 01:23:55 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Registry Cleaner
2009-03-19 09:52:55 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\HP
2009-03-18 08:53:47 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Blackberry Desktop
2009-03-18 00:10:52 ----D---- C:\Program Files\Roxio
2009-03-17 23:52:30 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Research In Motion
2009-03-17 10:35:03 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes
2009-03-17 10:34:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-17 07:09:46 ----D---- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-17 06:59:38 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-03-17 06:35:47 ----HDC---- C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-16 08:02:24 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\AdobeUM
2009-03-16 08:02:10 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
2009-03-16 05:29:18 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Macromedia
2009-03-16 05:09:45 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Logitech
2009-03-16 05:06:39 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2009-03-16 05:06:31 ----A---- C:\WINDOWS\system32\KemXML.dll
2009-03-16 05:06:31 ----A---- C:\WINDOWS\system32\KemWnd.dll
2009-03-16 05:06:31 ----A---- C:\WINDOWS\system32\kemutb.dll
2009-03-16 05:06:30 ----A---- C:\WINDOWS\system32\KemUtil.dll
2009-03-16 04:54:54 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\HPAppData
2009-03-16 04:38:24 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-16 04:38:24 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-16 04:38:24 ----A---- C:\WINDOWS\system32\java.exe
2009-03-15 22:39:35 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-03-15 22:39:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-15 22:37:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-15 22:37:00 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-03-15 22:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-03-15 22:35:28 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-03-15 22:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-03-15 22:34:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-03-15 22:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-03-15 22:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-03-15 22:33:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-03-15 22:32:37 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-15 22:11:15 ----D---- C:\WINDOWS\system32\scripting
2009-03-15 22:11:11 ----D---- C:\WINDOWS\system32\bits
2009-03-15 21:28:56 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-03-15 21:28:41 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2_0$
2009-03-15 21:23:58 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2009-03-15 21:15:57 ----A---- C:\WINDOWS\system32\hpz3l5k2.dll
2009-03-15 21:15:42 ----D---- C:\WINDOWS\system32\PreInstall
2009-03-15 21:14:15 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-15 21:12:46 ----D---- C:\Program Files\Common Files\L&H
2009-03-15 21:12:31 ----D---- C:\WINDOWS\system32\Lang
2009-03-15 21:12:16 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-03-15 21:12:14 ----D---- C:\Program Files\Microsoft ActiveSync
2009-03-15 21:11:29 ----D---- C:\Program Files\Common Files\DESIGNER
2009-03-15 21:10:33 ----ASH---- C:\Documents and Settings\HP_Administrator\Application Data\desktop.ini
2009-03-15 21:10:23 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\InterMute
2009-03-15 21:10:23 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Identities
2009-03-15 21:10:23 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Apple Computer
2009-03-15 21:10:22 ----SD---- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft
2009-03-15 21:10:22 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Symantec
2009-03-15 21:10:22 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\SampleView
2009-03-15 21:10:22 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Real
2009-03-15 21:09:48 ----D---- C:\Program Files\Microsoft.NET
2009-03-15 21:08:10 ----RHD---- C:\MSOCache
2009-03-15 21:08:01 ----D---- C:\WINDOWS\system32\RTCOM
2009-03-15 21:06:07 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-03-15 21:02:34 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-03-15 20:32:25 ----A---- C:\WINDOWS\system32\mfevtps.exe
2009-03-15 20:25:20 ----D---- C:\WINDOWS\system32\appmgmt
2009-03-15 20:16:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-03-15 20:12:43 ----A---- C:\WINDOWS\system32\MRT.exe
2009-03-15 20:12:27 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2009-03-15 20:11:29 ----HDC---- C:\WINDOWS\$NtUninstallKB958690_0$
2009-03-15 20:10:39 ----A---- C:\WINDOWS\system32\LuResult.txt
2009-03-15 20:09:05 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-03-15 19:59:02 ----A---- C:\WINDOWS\system32\cdintf250.dll
2009-03-15 19:58:50 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Intuit
2009-03-15 19:31:11 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-03-15 19:22:09 ----D---- C:\WINDOWS\system32\en-US
2009-03-15 19:20:05 ----N---- C:\WINDOWS\system32\xmllite.dll
2009-03-15 17:59:24 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-15 17:58:30 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Sun
2009-03-15 17:45:10 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2009-03-15 17:44:12 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-03-15 17:44:10 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-03-15 17:44:08 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-03-15 17:44:08 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-03-15 17:44:06 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-03-15 17:44:04 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-03-15 17:44:04 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-03-15 17:43:58 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2009-03-15 17:43:58 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2009-03-15 17:43:56 ----N---- C:\WINDOWS\system32\slserv.exe
2009-03-15 17:43:56 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-03-15 17:43:55 ----N---- C:\WINDOWS\system32\slgen.dll
2009-03-15 17:43:55 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-03-15 17:43:55 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-03-15 17:43:53 ----N---- C:\WINDOWS\system32\setupn.exe
2009-03-15 17:43:51 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-03-15 17:43:50 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-03-15 17:43:49 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-03-15 17:43:48 ----N---- C:\WINDOWS\system32\qutil.dll
2009-03-15 17:43:47 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-03-15 17:43:47 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-03-15 17:43:47 ----N---- C:\WINDOWS\system32\qagent.dll
2009-03-15 17:43:46 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-03-15 17:43:44 ----N---- C:\WINDOWS\system32\onex.dll
2009-03-15 17:43:42 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2009-03-15 17:43:37 ----N---- C:\WINDOWS\system32\napstat.exe
2009-03-15 17:43:37 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-03-15 17:43:37 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-03-15 17:43:36 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-03-15 17:43:35 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-03-15 17:43:34 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-03-15 17:43:34 ----N---- C:\WINDOWS\system32\mssha.dll
2009-03-15 17:43:27 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-03-15 17:43:27 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-03-15 17:43:27 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-03-15 17:43:26 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-03-15 17:43:25 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2009-03-15 17:43:24 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-03-15 17:43:24 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-03-15 17:43:24 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-03-15 17:43:24 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-03-15 17:43:24 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-03-15 17:43:24 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-03-15 17:43:21 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-03-15 17:43:21 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-03-15 17:43:19 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-03-15 17:43:18 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-03-15 17:43:17 ----N---- C:\WINDOWS\system32\faxpatch.exe
2009-03-15 17:43:17 ----A---- C:\WINDOWS\006245_.tmp
2009-03-15 17:43:16 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-03-15 17:43:16 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-03-15 17:43:16 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-03-15 17:43:16 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-03-15 17:43:16 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-03-15 17:43:16 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-03-15 17:43:16 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-03-15 17:43:16 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-03-15 17:43:14 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-03-15 17:43:14 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-03-15 17:43:14 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-03-15 17:43:14 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-03-15 17:43:14 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-03-15 17:43:14 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-03-15 17:43:14 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-03-15 17:43:13 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-03-15 17:43:13 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-03-15 17:43:13 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-03-15 17:43:12 ----N---- C:\WINDOWS\system32\credssp.dll
2009-03-15 17:43:10 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-03-15 17:43:09 ----N---- C:\WINDOWS\system32\azroles.dll
2009-03-15 17:43:08 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2009-03-15 17:43:08 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-03-15 17:43:08 ----N---- C:\WINDOWS\system32\ati3duag.dll
2009-03-15 17:43:08 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-03-15 17:43:08 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2009-03-15 17:43:08 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-03-15 17:43:08 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2009-03-15 17:43:08 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-03-15 17:33:09 ----RSHD---- C:\cmdcons
2009-03-15 17:32:55 ----D---- C:\WINDOWS\setupupd
2009-03-06 06:47:57 ----A---- C:\WINDOWS\wininit.ini
2009-03-05 16:13:23 ----A---- C:\WINDOWS\cracked.txt
2009-03-05 00:41:34 ----D---- C:\Program Files\MagicISO
2009-03-03 09:06:22 ----HD---- C:\WINDOWS\msdownld.tmp
2009-03-03 09:06:14 ----D---- C:\WINDOWS\Logs
2009-03-03 08:34:10 ----D---- C:\Program Files\Activision
2009-03-03 07:35:36 ----D---- C:\Program Files\GooglePlusVideos
2009-03-03 07:34:20 ----D---- C:\Program Files\recfree
2009-03-03 07:34:06 ----D---- C:\Program Files\EasySearch
2009-03-02 15:22:21 ----D---- C:\Program Files\DC++
======List of files/folders modified in the last 1 months======
2009-03-29 11:48:14 ----D---- C:\WINDOWS\Prefetch
2009-03-29 11:41:53 ----D---- C:\Program Files\Mozilla Firefox
2009-03-29 11:40:43 ----D---- C:\WINDOWS\Temp
2009-03-29 11:20:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-29 02:32:52 ----D---- C:\Program Files
2009-03-29 01:20:23 ----D---- C:\WINDOWS\system32
2009-03-28 12:05:11 ----D---- C:\WINDOWS
2009-03-26 20:30:50 ----A---- C:\WINDOWS\ODBC.INI
2009-03-26 20:19:59 ----SHD---- C:\WINDOWS\Installer
2009-03-26 20:19:59 ----HD---- C:\Config.Msi
2009-03-26 19:45:11 ----D---- C:\WINDOWS\Registration
2009-03-26 19:44:19 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-24 12:12:20 ----D---- C:\WINDOWS\system32\wbem
2009-03-24 12:12:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-24 12:02:31 ----A---- C:\WINDOWS\win.ini
2009-03-24 12:02:18 ----RSD---- C:\WINDOWS\Fonts
2009-03-24 12:02:16 ----D---- C:\WINDOWS\SHELLNEW
2009-03-24 11:41:43 ----D---- C:\Program Files\Microsoft Office
2009-03-24 11:29:21 ----D---- C:\WINDOWS\system
2009-03-24 11:29:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-03-23 22:49:42 ----HD---- C:\WINDOWS\inf
2009-03-23 22:27:50 ----D---- C:\WINDOWS\system32\drivers
2009-03-23 15:56:20 ----D---- C:\quarantine
2009-03-23 09:55:33 ----D---- C:\Program Files\Common Files
2009-03-23 02:06:49 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-03-23 02:06:30 ----D---- C:\Program Files\SpywareBlaster
2009-03-20 09:24:41 ----D---- C:\WINDOWS\system32\mui
2009-03-18 07:41:56 ----AC---- C:\WINDOWS\QUICKEN.INI
2009-03-18 07:27:00 ----D---- C:\Program Files\Quicken
2009-03-18 06:14:31 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-18 00:13:46 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-03-18 00:12:38 ----D---- C:\WINDOWS\security
2009-03-18 00:12:09 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-18 00:11:56 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-03-18 00:10:55 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-03-18 00:06:39 ----D---- C:\temp
2009-03-18 00:06:38 ----D---- C:\WINDOWS\RegisteredPackages
2009-03-18 00:04:36 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-03-17 07:21:02 ----D---- C:\Documents and Settings
2009-03-17 07:10:41 ----D---- C:\Program Files\iTunes
2009-03-17 07:08:06 ----D---- C:\Program Files\Bonjour
2009-03-17 07:07:47 ----D---- C:\Program Files\QuickTime
2009-03-17 06:38:21 ----SD---- C:\WINDOWS\Tasks
2009-03-17 06:35:35 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-03-17 06:35:29 ----D---- C:\WINDOWS\WinSxS
2009-03-17 06:06:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-17 06:03:33 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-16 21:08:15 ----A---- C:\WINDOWS\imsins.BAK
2009-03-16 21:08:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-03-16 21:07:52 ----D---- C:\WINDOWS\ie7updates
2009-03-16 21:07:48 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-16 21:07:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-03-16 06:19:23 ----A---- C:\WINDOWS\cdplayer.ini
2009-03-16 05:06:36 ----D---- C:\Program Files\Common Files\Logishrd
2009-03-16 04:54:55 ----D---- C:\Program Files\HP
2009-03-16 04:38:35 ----D---- C:\Program Files\Messenger
2009-03-16 04:37:39 ----D---- C:\Program Files\Java
2009-03-16 03:17:53 ----A---- C:\WINDOWS\OEWABLog.txt
2009-03-16 03:17:12 ----A---- C:\WINDOWS\setuplog.txt
2009-03-16 03:16:24 ----D---- C:\WINDOWS\system32\Setup
2009-03-16 03:16:24 ----D---- C:\WINDOWS\ime
2009-03-16 03:16:24 ----D---- C:\WINDOWS\AppPatch
2009-03-15 22:12:36 ----D---- C:\WINDOWS\system32\inetsrv
2009-03-15 22:12:34 ----D---- C:\WINDOWS\Help
2009-03-15 22:11:20 ----D---- C:\WINDOWS\system32\usmt
2009-03-15 22:11:13 ----AD---- C:\WINDOWS\system32\en
2009-03-15 22:11:11 ----D---- C:\WINDOWS\PeerNet
2009-03-15 22:11:10 ----D---- C:\Program Files\Movie Maker
2009-03-15 22:10:05 ----D---- C:\WINDOWS\system32\Restore
2009-03-15 22:10:05 ----D---- C:\WINDOWS\system32\npp
2009-03-15 22:10:04 ----D---- C:\WINDOWS\mui
2009-03-15 22:09:58 ----D---- C:\WINDOWS\msagent
2009-03-15 22:09:53 ----D---- C:\WINDOWS\srchasst
2009-03-15 22:09:47 ----D---- C:\Program Files\NetMeeting
2009-03-15 22:09:37 ----D---- C:\WINDOWS\system32\Com
2009-03-15 22:09:21 ----D---- C:\Program Files\Windows NT
2009-03-15 22:09:20 ----D---- C:\Program Files\Outlook Express
2009-03-15 22:08:59 ----D---- C:\Program Files\Common Files\System
2009-03-15 22:07:55 ----D---- C:\WINDOWS\system32\oobe
2009-03-15 21:56:15 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-03-15 21:31:26 ----D---- C:\WINDOWS\ehome
2009-03-15 21:29:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2009-03-15 21:28:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-03-15 21:26:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-03-15 21:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-03-15 21:26:09 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2009-03-15 21:26:00 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-03-15 21:25:51 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-03-15 21:25:29 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$
2009-03-15 21:25:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-03-15 21:25:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-03-15 21:24:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-03-15 21:24:42 ----HDC---- C:\WINDOWS\$NtUninstallKB930494$
2009-03-15 21:24:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2009-03-15 21:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2009-03-15 21:23:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2009-03-15 21:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2009-03-15 21:18:13 ----SHD---- C:\RECYCLER
2009-03-15 21:16:12 ----D---- C:\WINDOWS\system32\FxsTmp
2009-03-15 21:15:41 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-03-15 21:14:13 ----A---- C:\WINDOWS\system32\ssmute.ini
2009-03-15 21:09:49 ----D---- C:\WINDOWS\pchealth
2009-03-15 21:08:51 ----D---- C:\sysprep
2009-03-15 21:07:18 ----RASH---- C:\BOOT.BAK
2009-03-15 21:06:16 ----D---- C:\WINDOWS\SoftwareDistribution
2009-03-15 21:02:49 ----A---- C:\WINDOWS\system.ini
2009-03-15 20:29:55 ----D---- C:\Program Files\McAfee
2009-03-15 20:29:55 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-03-15 20:26:37 ----D---- C:\Program Files\Symantec
2009-03-15 20:25:08 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-03-15 20:20:50 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-03-15 20:16:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-03-15 20:15:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-03-15 20:15:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-03-15 20:11:58 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2009-03-15 20:11:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-03-15 20:10:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2009-03-15 19:59:17 ----D---- C:\Program Files\Easy Internet signup
2009-03-15 19:56:19 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-03-15 19:47:27 ----HD---- C:\hp
2009-03-15 19:47:15 ----D---- C:\WINDOWS\I386
2009-03-15 19:45:46 ----D---- C:\Program Files\Windows Media Player
2009-03-15 19:45:36 ----D---- C:\Program Files\Common Files\Services
2009-03-15 19:45:15 ----D---- C:\WINDOWS\system32\ras
2009-03-15 19:44:53 ----D---- C:\WINDOWS\system32\icsxml
2009-03-15 19:44:53 ----D---- C:\WINDOWS\system32\ias
2009-03-15 19:43:14 ----RD---- C:\WINDOWS\Web
2009-03-15 19:43:14 ----D---- C:\WINDOWS\addins
2009-03-15 19:43:13 ----D---- C:\WINDOWS\Media
2009-03-15 19:43:01 ----D---- C:\WINDOWS\Cursors
2009-03-15 19:42:59 ----AHDC---- C:\WINDOWS\$NtUninstallMC05Upd1$
2009-03-15 19:42:59 ----AHDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-03-15 19:42:59 ----AHDC---- C:\WINDOWS\$NtUninstallKB890175$
2009-03-15 19:42:57 ----AHDC---- C:\WINDOWS\$NtUninstallKB889858$
2009-03-15 19:42:57 ----AHDC---- C:\WINDOWS\$NtUninstallKB888113$
2009-03-15 19:42:56 ----AHDC---- C:\WINDOWS\$NtUninstallKB887742$
2009-03-15 19:42:56 ----AHDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-03-15 19:42:56 ----AHDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-03-15 19:42:56 ----AHDC---- C:\WINDOWS\$NtUninstallKB885354$
2009-03-15 19:42:56 ----AHDC---- C:\WINDOWS\$NtUninstallKB885250$
2009-03-15 19:42:56 ----AHDC---- C:\WINDOWS\$NtUninstallKB883667$
2009-03-15 19:42:56 ----AHDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-03-15 19:42:55 ----AHDC---- C:\WINDOWS\$NtUninstallKB867282$
2009-03-15 19:42:28 ----RD---- C:\WINDOWS\Offline Web Pages
2009-03-15 19:42:26 ----RSD---- C:\WINDOWS\assembly
2009-03-15 19:25:53 ----D---- C:\Program Files\Internet Explorer
2009-03-15 19:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-03-15 19:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-03-15 19:24:00 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-03-15 19:23:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2009-03-15 19:23:44 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2009-03-15 19:23:35 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2009-03-15 19:22:15 ----D---- C:\WINDOWS\system32\config
2009-03-15 19:21:54 ----HDC---- C:\WINDOWS\ie7
2009-03-15 19:20:11 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-03-15 19:18:25 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2009-03-15 18:47:23 ----AC---- C:\WINDOWS\ntbtlog.txt
2009-03-15 17:33:35 ----RASH---- C:\boot.ini
2009-03-15 17:33:09 ----AC---- C:\WINDOWS\UPGRADE.TXT
2009-03-15 15:28:14 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-03-05 18:11:53 ----D---- C:\WINDOWS\Minidump
2009-03-04 19:25:34 ----AC---- C:\WINDOWS\winph.ini
2009-03-02 14:58:05 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 mfetdik;McAfee Inc. mfetdik; C:\WINDOWS\system32\drivers\mfetdik.sys [2008-09-29 62704]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-12-18 10384]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-01-19 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-01-19 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-01-19 21568]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-12-01 776637]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-12-18 63248]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-12-18 79248]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2008-09-29 74648]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2008-09-29 90360]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2008-09-29 42424]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-10-16 71168]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-18 113664]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2008-09-29 64432]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys [2005-01-19 12416]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112]
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2007-05-31 22656]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-04 32768]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-09-28 195584]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2004-08-10 102912]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-16 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-05-09 53248]
R2 McAfeeEngineService;McAfee Engine Service; C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe [2008-09-29 19456]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2008-03-14 103744]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [2008-09-29 143088]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [2008-09-29 62800]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2008-09-29 67904]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-09 951632]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-07-24 358896]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-08-16 309744]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-08-16 166384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-02-19 121360]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-07-24 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-08-16 1092080]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
-----------------EOF-----------------