Here is the second of the two logs.
Thank you for your assistance.
Tim
OTListIt logfile created on: 4/6/2009 9:48:20 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.12.1 Folder = C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 74.03% Memory free
3.84 Gb Paging File | 3.42 Gb Available in Paging File | 89.10% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 55.60 Gb Free Space | 74.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ANASTASIT08-S
Current User Name: AnastasiT08
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - [2005/12/28 10:45:02 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005/12/28 10:47:10 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2005/12/28 11:04:56 | 00,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
PRC - [2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/12/13 12:22:41 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2006/10/26 12:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2006/10/30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
PRC - [2006/01/19 08:14:00 | 00,143,428 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2005/12/28 10:44:24 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2005/04/27 15:59:24 | 00,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2008/11/12 17:02:14 | 03,667,312 | ---- | M] (Webroot Software, Inc. (
http://www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
PRC - [2008/04/14 06:42:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/12/15 11:18:50 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2007/06/28 09:14:42 | 00,270,648 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2006/03/24 16:30:44 | 00,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2007/08/24 07:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2005/03/23 18:26:09 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\point32.exe
PRC - [2008/12/13 12:22:42 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2006/10/18 20:05:26 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
PRC - [2009/02/17 11:43:26 | 01,830,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2007/06/28 09:14:32 | 00,501,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/12/19 00:25:25 | 00,634,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/04/06 21:46:43 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\OTListIt2.exe
========== Win32 Services (SafeList) ========== SRV - [2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/10/24 02:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/02/04 23:05:06 | 00,206,088 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP [Auto | Running])
SRV - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007/10/24 02:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2005/12/28 10:45:02 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2006/10/20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/04/14 06:42:04 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006/10/30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2007/06/28 09:14:32 | 00,501,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2008/12/13 12:22:41 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2006/11/17 03:06:00 | 00,104,000 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework [Auto | Stopped])
SRV - [2006/10/26 12:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2007/08/24 06:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2007/05/15 18:08:38 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2006/10/30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Auto | Running])
SRV - [2006/01/19 08:14:00 | 00,143,428 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/05/15 18:08:40 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hpzipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2005/12/28 10:44:24 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2005/12/28 10:47:10 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - [2005/04/27 15:59:24 | 00,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean [Auto | Running])
SRV - [2008/11/12 17:02:14 | 03,667,312 | ---- | M] (Webroot Software, Inc. (
http://www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService [Auto | Running])
SRV - [2005/12/28 11:04:56 | 00,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- (WLANKEEPER [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Stopped])
========== Driver Services (SafeList) ========== DRV - [2005/10/26 09:01:02 | 00,142,720 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys -- (b57w2k [On_Demand | Running])
DRV - [2004/08/04 02:21:00 | 00,087,136 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb [Boot | Running])
DRV - [2004/08/13 01:56:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm [Auto | Running])
DRV - [2006/09/19 13:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/12/13 10:54:08 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\System32\DRIVERS\gmer.sys -- (gmer [On_Demand | Stopped])
DRV - [2008/04/13 23:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2005/12/01 00:40:56 | 00,936,960 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2005/12/01 00:40:12 | 00,192,512 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2008/07/21 18:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [Boot | Running])
DRV - [2009/02/04 23:05:05 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [Boot | Running])
DRV - [2009/02/04 23:05:05 | 00,226,832 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\DRIVERS\klif.sys -- (KLIF [System | Running])
DRV - [2008/04/30 18:06:48 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running])
DRV - [2005/10/04 22:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2006/01/19 08:14:00 | 03,595,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2005/12/09 15:39:16 | 00,067,840 | ---- | M] (Novatel Wireless Inc) -- C:\WINDOWS\system32\DRIVERS\NWADIenum.sys -- (NWADI [On_Demand | Running])
DRV - [2001/08/22 07:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI [System | Running])
DRV - [2008/06/19 16:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
DRV - [2004/11/29 13:13:28 | 00,017,359 | R--- | M] (PCTEL Inc.) -- C:\WINDOWS\system32\PCTINDIS5.SYS -- (PCTINDIS5 [On_Demand | Stopped])
DRV - [2005/03/15 04:45:20 | 00,020,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\point32.sys -- (Point32 [On_Demand | Running])
DRV - [2004/08/04 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/11/22 19:26:45 | 00,107,272 | ---- | M] (Privacyware/PWI, Inc.) -- C:\WINDOWS\System32\drivers\pwipf6.sys.old -- (pwipf6 [System | Stopped])
DRV - [2005/12/28 12:22:08 | 00,013,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys -- (s24trans [Auto | Running])
DRV - [2009/02/17 11:43:28 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/02/17 11:43:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Running])
DRV - [2009/02/17 11:43:28 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2004/07/14 10:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5 [System | Running])
DRV - [2008/11/12 17:02:26 | 00,029,808 | ---- | M] (Webroot Software, Inc. (
http://www.webroot.com)) -- C:\WINDOWS\System32\drivers\ssfs0bbc.sys.old -- (SSFS0BBC [Boot | Stopped])
DRV - [2008/11/12 17:02:26 | 00,023,152 | ---- | M] (Webroot Software, Inc. (
http://www.webroot.com)) -- C:\WINDOWS\System32\drivers\sshrmd.sys.old -- (SSHRMD [Boot | Stopped])
DRV - [2008/11/12 17:02:28 | 00,170,608 | ---- | M] (Webroot Software, Inc. (
http://www.webroot.com)) -- C:\WINDOWS\System32\drivers\ssidrv.sys.old -- (SSIDRV [Boot | Stopped])
DRV - [2006/07/07 15:41:48 | 00,014,848 | ---- | M] (Webroot Software Inc (
http://www.webroot.com)) -- C:\WINDOWS\System32\Drivers\sskbfd.sys -- (SSKBFD [On_Demand | Running])
DRV - [2004/07/14 10:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln [System | Running])
DRV - [2006/03/24 16:34:30 | 01,156,648 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA [On_Demand | Running])
DRV - [2001/08/17 13:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\serscan.sys -- (StillCam [On_Demand | Running])
DRV - [2004/08/13 00:05:00 | 00,025,723 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio [Auto | Running])
DRV - [2004/08/13 00:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs [Auto | Running])
DRV - [2004/08/13 00:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct [Auto | Running])
DRV - [2004/08/13 00:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres [Auto | Running])
DRV - [2004/08/13 00:05:00 | 00,086,202 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs [Auto | Running])
DRV - [2004/08/13 00:05:00 | 00,014,715 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio [Auto | Running])
DRV - [2004/08/13 00:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool [Auto | Running])
DRV - [2004/08/13 00:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf [Auto | Running])
DRV - [2004/08/13 00:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa [Auto | Running])
DRV - [2006/03/20 18:10:22 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\usbccid.sys -- (USBCCID [On_Demand | Running])
DRV - [2005/12/04 23:55:30 | 01,428,096 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\w39n51.sys -- (w39n51 [On_Demand | Running])
DRV - [2005/12/01 00:40:08 | 00,669,696 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value Default_Secondary_Page_URL = 0 bytes
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value Secondary Start Pages = 0 bytes
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Update_Check_Page =
http://www.microsoft.com/isapi/redir.dl ... =ie5update IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.espn.com/IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.espn.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.1
FF - prefs.js..extensions.enabledItems: {63df8e21-711c-4074-a257-b065cadc28d8}:1.9.3
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.4
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.2
FF - prefs.js..extensions.enabledItems: {daf44bf7-a45e-4450-979c-91cf07434c3d}:1.5.3
FF - prefs.js..extensions.enabledItems: {3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}:0.9.6
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090207
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems:
moveplayer@movenetworks.com:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.3.3
FF - prefs.js..extensions.enabledItems: {8620c15f-30dc-4dba-a131-7c5d20cf4a29}:2.0.2
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.1.0.2
FF - prefs.js..extensions.enabledItems:
LDshowpicture_plashcor@gmail.com:1.5
FF - prefs.js..extensions.enabledItems: {54BB9F3F-07E5-486c-9B39-C7398B99391C}:3.1.2009032701
FF - prefs.js..extensions.enabledItems: {f701c26a-479a-4724-b4f1-870db12f063c}:1.3.0.5
FF - prefs.js..extensions.enabledItems:
en-US@dictionaries.addons.mozilla.org:3.0.3
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.4
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008/12/13 12:22:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/03/28 16:20:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/03/28 16:00:29 | 00,000,000 | ---D | M]
[2008/12/13 12:23:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Extensions
[2008/12/13 12:23:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/31 22:27:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions
[2009/03/31 22:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/03/31 22:27:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2008/12/13 12:24:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
[2009/03/31 22:27:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}
[2008/12/13 12:24:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{63df8e21-711c-4074-a257-b065cadc28d8}
[2009/02/14 10:20:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2008/12/13 12:24:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}
[2008/12/13 12:24:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2009/02/14 19:42:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
[2009/03/31 22:27:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/01/13 00:32:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/02/14 10:20:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2008/12/13 12:24:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}
[2008/12/13 12:24:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\{f701c26a-479a-4724-b4f1-870db12f063c}
[2008/12/13 12:24:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\en-US@dictionaries.addons.mozilla.org
[2008/12/13 12:24:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\LDshowpicture_plashcor@gmail.com
[2009/01/27 22:18:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\mozilla\Firefox\Profiles\ysrwuiit.default\extensions\moveplayer@movenetworks.com
[2009/03/28 16:00:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/28 16:00:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/26 14:11:21 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/26 14:11:22 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/26 13:56:22 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/26 13:56:22 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/26 13:56:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/26 13:56:22 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/26 13:56:22 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/26 13:56:22 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/26 13:56:22 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (736 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" (Kaspersky Lab)
O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: virginia.edu ([admin.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([computing.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([exed.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([faculty.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([intranet.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([it.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([mail.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([mail2.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([mydarden.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([portal.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([student.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([webboard.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: virginia.edu ([webmail.darden] http in Local intranet)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: virginia.edu ([admin.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([computing.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([exed.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([faculty.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([intranet.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([it.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([mail.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([mail2.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([mydarden.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([portal.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([student.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([webboard.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.edu ([webmail.darden] http in Local intranet)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED}
http://supportsoft.adelphia.net/sdccomm ... ctlins.cab (Support.com Installer)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.macromedia.com/pub/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 9189890156 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftup ... 9190053234 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.macromedia.com/get/fl ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\system\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\system\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\system\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\system\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\system\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\system\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\system\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/14 13:24:45 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
Drivers32: aux - C:\WINDOWS\system32\..\fbr.rfh ()
Drivers32: midi - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\system32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\system32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\system32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\system32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\system32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\system32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\system32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\system32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\system32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\system32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\system32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\system32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\system32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\system32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\system32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\system32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\system32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\system32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\WINDOWS\system32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\system32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\system32\msacm32.drv (Microsoft Corporation)
========== Files/Folders - Created Within 30 Days ========== [2 C:\WINDOWS\*.tmp files]
[2009/04/06 21:46:26 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\OTListIt2.exe
[2009/03/31 23:19:14 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\HiJackThis.exe
[2009/03/31 23:17:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/03/31 23:16:47 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\NTREGOPT.lnk
[2009/03/31 23:16:47 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\ERUNT.lnk
[2009/03/31 23:16:47 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/03/31 23:15:24 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\erunt-setup.exe
[2009/03/31 19:25:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/03/31 19:24:53 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/03/31 19:24:48 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/03/31 19:24:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Application Data\SUPERAntiSpyware.com
[2009/03/31 19:23:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/03/30 19:41:24 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/03/30 19:40:35 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/03/30 19:39:25 | 00,175,504 | ---- | C] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\activescan2_en.exe
[2009/03/30 19:03:21 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\Spybot - Search & Destroy.lnk
[2009/03/30 19:03:15 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/03/30 19:03:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/03/28 16:00:32 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/03/27 08:20:03 | 00,035,328 | ---- | C] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\Pledges and Promsies 03.27.09.xls
[2009/03/27 08:19:48 | 00,035,328 | ---- | C] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\Copy of Pledges and Promsies.xls
[2009/02/14 23:52:27 | 00,000,072 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2009/02/14 23:52:27 | 00,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2009/02/14 23:52:27 | 00,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2008/12/13 10:54:12 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/12/13 10:54:08 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/07/26 21:01:03 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2008/07/26 21:00:45 | 00,000,166 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2008/07/07 11:02:26 | 00,001,345 | ---- | C] () -- C:\WINDOWS\DKAAT2DD.ini
[2007/12/04 18:24:19 | 00,003,227 | ---- | C] () -- C:\WINDOWS\DM.INI
[2007/12/04 18:10:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2007/07/31 17:05:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007/01/22 21:57:31 | 00,000,665 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/01/02 17:54:30 | 00,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2006/11/06 17:49:36 | 00,000,310 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2006/08/23 20:05:38 | 00,000,685 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2006/07/17 15:00:14 | 00,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/07/17 15:00:14 | 00,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006/07/17 14:39:05 | 00,000,189 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/07/17 14:38:42 | 00,000,319 | ---- | C] () -- C:\WINDOWS\SMSCFG.ini
[2006/07/17 14:17:36 | 00,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/07/17 12:31:54 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/07/14 13:56:53 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/07/14 13:56:52 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/07/14 13:56:48 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/07/14 13:56:41 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/07/14 13:56:26 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/01/21 11:02:28 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2004/08/04 07:00:00 | 00,000,749 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 07:00:00 | 00,000,289 | ---- | C] () -- C:\WINDOWS\system.ini
[2001/07/06 15:30:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/04/06 21:46:43 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\OTListIt2.exe
[2009/04/06 21:41:44 | 00,067,353 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/04/06 21:41:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2009/04/06 21:41:24 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/06 21:40:55 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/06 21:40:53 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/05 19:17:58 | 02,236,448 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/04/05 19:17:58 | 00,393,248 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/04/05 19:17:58 | 00,018,552 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009/04/05 19:17:58 | 00,002,424 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2009/04/01 20:37:09 | 07,228,990 | -H-- | M] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Local Settings\Application Data\IconCache.db
[2009/03/31 23:19:23 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\HiJackThis.exe
[2009/03/31 23:16:47 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\NTREGOPT.lnk
[2009/03/31 23:16:47 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\ERUNT.lnk
[2009/03/31 23:15:47 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\erunt-setup.exe
[2009/03/31 19:24:53 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/03/30 19:39:25 | 00,175,504 | ---- | M] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\activescan2_en.exe
[2009/03/30 19:03:21 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\Spybot - Search & Destroy.lnk
[2009/03/28 16:00:32 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/03/27 08:24:25 | 00,035,328 | ---- | M] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\Pledges and Promsies 03.27.09.xls
[2009/03/27 08:19:50 | 00,035,328 | ---- | M] () -- C:\Documents and Settings\AnastasiT08.ANASTASIT08-S\Desktop\Copy of Pledges and Promsies.xls
[2009/03/12 07:29:17 | 00,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/09 06:48:39 | 00,526,666 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/09 06:48:39 | 00,444,900 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/09 06:48:39 | 00,072,676 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
< End of report >