• Announcements

    • Andrew Browne

      Support for other products than adaware, ad block and Web Companion

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock


      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/

Sign in to follow this  
Followers 0
skybox999

skybox999 - splitted from other topic

3 posts in this topic

Hi,

I have a similar issue. Please help! I tried to install the ad-aware but it gets killed automatically after it scan up to 3000 objects. Then, when I tried to run it again - I got cannot connect to service.

I ran the TDSSKiller and it did found 2 issues: Rootkit.Win32.PMax.gen and Rootkit.Win32.Zaccess.e. For the first one, action is Delete so, I set it to Skip and for second one, the action is Cure. After Continue and reboot, both issues are still there.

Here are the logs:

1. From TDSSKiller:

19:30:43.0593 0500 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21
19:30:43.0843 0500 ============================================================
19:30:43.0843 0500 Current date / time: 2011/10/25 19:30:43.0843
19:30:43.0843 0500 SystemInfo:
19:30:43.0843 0500
19:30:43.0843 0500 OS Version: 5.1.2600 ServicePack: 3.0
19:30:43.0843 0500 Product type: Workstation
19:30:43.0843 0500 ComputerName: ZEUS
19:30:43.0843 0500 UserName: John
19:30:43.0843 0500 Windows directory: C:\WINDOWS
19:30:43.0843 0500 System windows directory: C:\WINDOWS
19:30:43.0843 0500 Processor architecture: Intel x86
19:30:43.0843 0500 Number of processors: 2
19:30:43.0843 0500 Page size: 0x1000
19:30:43.0843 0500 Boot type: Normal boot
19:30:43.0843 0500 ============================================================
19:30:44.0875 0500 Initialize success
19:30:57.0468 1792 ============================================================
19:30:57.0468 1792 Scan started
19:30:57.0468 1792 Mode: Manual; SigCheck; TDLFS;
19:30:57.0468 1792 ============================================================
19:31:01.0281 1792 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
19:31:02.0062 1792 61883 - ok
19:31:02.0531 1792 72cecc6 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\3337366535:4174582585.exe
19:31:03.0765 1792 Suspicious file (Hidden): C:\WINDOWS\3337366535:4174582585.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
19:31:03.0765 1792 72cecc6 ( Rootkit.Win32.PMax.gen ) - infected
19:31:03.0765 1792 72cecc6 - detected Rootkit.Win32.PMax.gen (0)
19:31:04.0656 1792 Abiosdsk - ok
19:31:04.0781 1792 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:31:05.0250 1792 abp480n5 - ok
19:31:05.0828 1792 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:31:06.0250 1792 ACPI - ok
19:31:06.0609 1792 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:31:06.0937 1792 ACPIEC - ok
19:31:07.0546 1792 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:31:07.0812 1792 adpu160m - ok
19:31:08.0390 1792 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:31:08.0609 1792 aec - ok
19:31:10.0140 1792 AFD (140aac8460bb1388835e5f63be93172f) C:\WINDOWS\System32\drivers\afd.sys
19:31:10.0203 1792 Suspicious file (Forged): C:\WINDOWS\System32\drivers\afd.sys. Real md5: 140aac8460bb1388835e5f63be93172f, Fake md5: 1e44bc1e83d8fd2305f8d452db109cf9
19:31:10.0218 1792 AFD ( Rootkit.Win32.ZAccess.e ) - infected
19:31:10.0218 1792 AFD - detected Rootkit.Win32.ZAccess.e (0)
19:31:10.0640 1792 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:31:10.0953 1792 agp440 - ok
19:31:11.0390 1792 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:31:11.0671 1792 agpCPQ - ok
19:31:11.0890 1792 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:31:12.0015 1792 Aha154x - ok
19:31:12.0218 1792 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:31:12.0375 1792 aic78u2 - ok
19:31:12.0453 1792 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:31:12.0640 1792 aic78xx - ok
19:31:12.0671 1792 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:31:12.0828 1792 AliIde - ok
19:31:13.0093 1792 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:31:13.0296 1792 alim1541 - ok
19:31:13.0406 1792 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:31:13.0562 1792 amdagp - ok
19:31:13.0593 1792 AmdK8 (0a4d13b388c814560bd69c3a496ecfa8) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
19:31:13.0656 1792 AmdK8 - ok
19:31:13.0734 1792 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:31:13.0812 1792 amsint - ok
19:31:14.0218 1792 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:31:14.0765 1792 Arp1394 - ok
19:31:14.0890 1792 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:31:15.0140 1792 asc - ok
19:31:15.0171 1792 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:31:15.0234 1792 asc3350p - ok
19:31:15.0328 1792 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:31:15.0453 1792 asc3550 - ok
19:31:15.0484 1792 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
19:31:15.0500 1792 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
19:31:15.0500 1792 ASCTRM - detected UnsignedFile.Multi.Generic (1)
19:31:15.0593 1792 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:31:15.0734 1792 AsyncMac - ok
19:31:15.0765 1792 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:31:15.0890 1792 atapi - ok
19:31:15.0906 1792 Atdisk - ok
19:31:15.0953 1792 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:31:16.0078 1792 Atmarpc - ok
19:31:16.0109 1792 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:31:16.0250 1792 audstub - ok
19:31:16.0406 1792 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
19:31:16.0546 1792 Avc - ok
19:31:17.0078 1792 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
19:31:33.0750 1792 AVGIDSDriver - ok
19:31:34.0890 1792 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
19:31:45.0859 1792 AVGIDSEH - ok
19:31:46.0375 1792 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
19:31:46.0390 1792 AVGIDSFilter - ok
19:31:47.0000 1792 AVGIDSShim (07eba0c11fa1d73b82ecc3255ddfe34d) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
19:31:47.0078 1792 AVGIDSShim - ok
19:31:47.0187 1792 Avgldx86 (f4dbbc8d3c5338693da23c59a50f8abc) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
19:31:47.0250 1792 Avgldx86 - ok
19:31:47.0453 1792 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
19:31:47.0484 1792 Avgmfx86 - ok
19:31:47.0515 1792 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
19:31:47.0578 1792 Avgrkx86 - ok
19:31:48.0218 1792 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
19:31:48.0296 1792 Avgtdix - ok
19:31:48.0750 1792 bcm4sbxp (78e7b52da292fa90bad2f887bbf22159) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
19:31:48.0921 1792 bcm4sbxp - ok
19:31:49.0906 1792 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:31:50.0640 1792 Beep - ok
19:31:51.0828 1792 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:31:52.0187 1792 cbidf - ok
19:31:53.0140 1792 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:31:54.0953 1792 cbidf2k - ok
19:31:56.0218 1792 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:31:58.0093 1792 CCDECODE - ok
19:31:59.0171 1792 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:31:59.0359 1792 cd20xrnt - ok
19:32:00.0390 1792 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:32:00.0734 1792 Cdaudio - ok
19:32:01.0781 1792 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:32:02.0015 1792 Cdfs - ok
19:32:02.0500 1792 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:32:04.0421 1792 Cdrom - ok
19:32:04.0984 1792 Changer - ok
19:32:05.0281 1792 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:32:05.0578 1792 CmdIde - ok
19:32:05.0656 1792 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:32:05.0843 1792 Cpqarray - ok
19:32:06.0312 1792 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
19:32:06.0437 1792 ctxusbm - ok
19:32:06.0843 1792 CVUVC (b190b95bbe6a11f4280a20de6d9b6913) C:\WINDOWS\system32\DRIVERS\cvuvc.sys
19:32:08.0453 1792 CVUVC - ok
19:32:09.0296 1792 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:32:09.0609 1792 dac2w2k - ok
19:32:10.0593 1792 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:32:10.0921 1792 dac960nt - ok
19:32:11.0875 1792 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:32:15.0328 1792 Disk - ok
19:32:15.0750 1792 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
19:32:15.0781 1792 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
19:32:15.0781 1792 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
19:32:16.0406 1792 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
19:32:17.0515 1792 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
19:32:17.0515 1792 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
19:32:18.0156 1792 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS
19:32:18.0218 1792 DLADResN ( UnsignedFile.Multi.Generic ) - warning
19:32:18.0218 1792 DLADResN - detected UnsignedFile.Multi.Generic (1)
19:32:18.0812 1792 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
19:32:18.0843 1792 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
19:32:18.0843 1792 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
19:32:19.0203 1792 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
19:32:19.0250 1792 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
19:32:19.0250 1792 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
19:32:19.0390 1792 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
19:32:19.0421 1792 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
19:32:19.0421 1792 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
19:32:19.0859 1792 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
19:32:19.0890 1792 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
19:32:19.0890 1792 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
19:32:20.0343 1792 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
19:32:20.0375 1792 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
19:32:20.0375 1792 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
19:32:20.0968 1792 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
19:32:21.0046 1792 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
19:32:21.0046 1792 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
19:32:22.0468 1792 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:32:22.0875 1792 dmboot - ok
19:32:23.0359 1792 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:32:23.0531 1792 dmio - ok
19:32:24.0187 1792 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:32:24.0406 1792 dmload - ok
19:32:24.0921 1792 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:32:25.0062 1792 DMusic - ok
19:32:25.0562 1792 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:32:25.0765 1792 dpti2o - ok
19:32:27.0343 1792 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:32:30.0265 1792 drmkaud - ok
19:32:31.0093 1792 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
19:32:31.0156 1792 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
19:32:31.0156 1792 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
19:32:32.0531 1792 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
19:32:32.0562 1792 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
19:32:32.0562 1792 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
19:32:32.0593 1792 DSproct - ok
19:32:33.0359 1792 dwusbdnt (732ab6d2fc7f2afebc4a9d2750655b7f) C:\WINDOWS\system32\DRIVERS\dwusbdnt.sys
19:32:33.0437 1792 dwusbdnt - ok
19:32:34.0046 1792 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:32:34.0375 1792 E100B - ok
19:32:34.0921 1792 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:32:35.0109 1792 Fastfat - ok
19:32:35.0546 1792 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:32:35.0687 1792 Fdc - ok
19:32:36.0078 1792 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:32:36.0234 1792 Fips - ok
19:32:36.0640 1792 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:32:38.0078 1792 Flpydisk - ok
19:32:38.0500 1792 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:32:38.0796 1792 FltMgr - ok
19:32:39.0390 1792 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:32:39.0625 1792 Fs_Rec - ok
19:32:39.0984 1792 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:32:40.0171 1792 Ftdisk - ok
19:32:40.0890 1792 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:32:41.0656 1792 GEARAspiWDM - ok
19:32:42.0250 1792 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:32:42.0703 1792 Gpc - ok
19:32:43.0093 1792 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:32:43.0250 1792 HDAudBus - ok
19:32:43.0750 1792 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:32:43.0906 1792 HidUsb - ok
19:32:44.0296 1792 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:32:44.0500 1792 hpn - ok
19:32:44.0531 1792 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:32:44.0578 1792 HSFHWBS2 - ok
19:32:44.0781 1792 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
19:32:44.0984 1792 HSF_DP - ok
19:32:45.0546 1792 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:32:45.0625 1792 HTTP - ok
19:32:46.0015 1792 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:32:46.0265 1792 i2omgmt - ok
19:32:47.0031 1792 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:32:47.0250 1792 i2omp - ok
19:32:47.0937 1792 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:32:48.0156 1792 i8042prt - ok
19:32:49.0968 1792 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:32:50.0437 1792 Imapi - ok
19:32:51.0140 1792 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:32:51.0343 1792 ini910u - ok
19:32:52.0109 1792 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:32:52.0343 1792 IntelIde - ok
19:32:53.0796 1792 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:32:54.0296 1792 intelppm - ok
19:32:55.0156 1792 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:32:55.0375 1792 Ip6Fw - ok
19:32:56.0296 1792 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:32:56.0546 1792 IpFilterDriver - ok
19:32:57.0484 1792 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:32:57.0656 1792 IpInIp - ok
19:32:58.0484 1792 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:32:58.0625 1792 IpNat - ok
19:32:59.0609 1792 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:32:59.0828 1792 IPSec - ok
19:33:00.0437 1792 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:33:00.0734 1792 IRENUM - ok
19:33:01.0265 1792 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:33:01.0515 1792 isapnp - ok
19:33:03.0718 1792 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:33:04.0109 1792 Kbdclass - ok
19:33:04.0578 1792 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:33:04.0859 1792 kbdhid - ok
19:33:05.0328 1792 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:33:05.0453 1792 kmixer - ok
19:33:06.0406 1792 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:33:06.0609 1792 KSecDD - ok
19:33:06.0828 1792 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
19:33:06.0875 1792 Lavasoft Kernexplorer - ok
19:33:07.0656 1792 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
19:33:09.0218 1792 Lbd - ok
19:33:09.0750 1792 lbrtfdc - ok
19:33:09.0921 1792 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:33:10.0000 1792 mdmxsdk - ok
19:33:10.0250 1792 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:33:10.0546 1792 mnmdd - ok
19:33:11.0187 1792 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:33:11.0390 1792 Modem - ok
19:33:11.0921 1792 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:33:12.0109 1792 MODEMCSA - ok
19:33:12.0671 1792 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:33:12.0890 1792 Mouclass - ok
19:33:14.0328 1792 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:33:14.0593 1792 mouhid - ok
19:33:15.0390 1792 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:33:15.0625 1792 MountMgr - ok
19:33:16.0421 1792 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:33:16.0687 1792 mraid35x - ok
19:33:17.0515 1792 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:33:17.0828 1792 MRxDAV - ok
19:33:19.0500 1792 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:33:19.0734 1792 MRxSmb - ok
19:33:20.0390 1792 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
19:33:20.0937 1792 MSDV - ok
19:33:21.0500 1792 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:33:21.0640 1792 Msfs - ok
19:33:22.0140 1792 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:33:22.0296 1792 MSKSSRV - ok
19:33:22.0796 1792 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:33:23.0031 1792 MSPCLOCK - ok
19:33:23.0625 1792 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:33:23.0875 1792 MSPQM - ok
19:33:24.0468 1792 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:33:24.0656 1792 mssmbios - ok
19:33:25.0359 1792 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:33:26.0265 1792 MSTEE - ok
19:33:26.0671 1792 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:33:26.0750 1792 Mup - ok
19:33:27.0156 1792 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:33:27.0421 1792 NABTSFEC - ok
19:33:28.0312 1792 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:33:28.0546 1792 NDIS - ok
19:33:29.0390 1792 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:33:29.0546 1792 NdisIP - ok
19:33:30.0437 1792 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:33:30.0546 1792 NdisTapi - ok
19:33:30.0968 1792 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:33:31.0187 1792 Ndisuio - ok
19:33:31.0453 1792 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:33:32.0203 1792 NdisWan - ok
19:33:32.0953 1792 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:33:33.0062 1792 NDProxy - ok
19:33:33.0687 1792 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:33:33.0921 1792 NetBIOS - ok
19:33:34.0406 1792 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:33:34.0703 1792 NetBT - ok
19:33:35.0421 1792 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:33:35.0640 1792 NIC1394 - ok
19:33:36.0468 1792 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:33:38.0093 1792 Npfs - ok
19:33:38.0765 1792 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:33:39.0062 1792 Ntfs - ok
19:33:39.0515 1792 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:33:39.0687 1792 Null - ok
19:33:41.0218 1792 nv (15a6306a0b958bf60f09688d0ee70479) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:33:44.0453 1792 nv - ok
19:33:44.0875 1792 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:33:45.0125 1792 NwlnkFlt - ok
19:33:45.0515 1792 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:33:45.0656 1792 NwlnkFwd - ok
19:33:46.0281 1792 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:33:46.0531 1792 ohci1394 - ok
19:33:47.0140 1792 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:33:47.0375 1792 Parport - ok
19:33:48.0500 1792 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:33:49.0250 1792 PartMgr - ok
19:33:49.0625 1792 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:33:49.0781 1792 ParVdm - ok
19:33:50.0328 1792 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:33:50.0625 1792 PCI - ok
19:33:50.0968 1792 PCIDump - ok
19:33:51.0375 1792 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:33:51.0687 1792 PCIIde - ok
19:33:52.0328 1792 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:33:52.0546 1792 Pcmcia - ok
19:33:53.0031 1792 PDCOMP - ok
19:33:53.0453 1792 PDFRAME - ok
19:33:54.0062 1792 PDRELI - ok
19:33:55.0296 1792 PDRFRAME - ok
19:33:55.0515 1792 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:33:55.0750 1792 perc2 - ok
19:33:56.0078 1792 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:33:56.0218 1792 perc2hib - ok
19:33:56.0625 1792 pnarp (363127808e41ea960c39ed9f6412c0ce) C:\WINDOWS\system32\DRIVERS\pnarp.sys
19:33:56.0640 1792 pnarp - ok
19:33:57.0109 1792 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:33:57.0343 1792 PptpMiniport - ok
19:33:58.0062 1792 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
19:33:58.0296 1792 Processor - ok
19:33:58.0859 1792 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:33:59.0093 1792 PSched - ok
19:33:59.0906 1792 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:34:00.0203 1792 Ptilink - ok
19:34:00.0750 1792 purendis (c0cdb9f7ce42c3487f0bea409bf5d153) C:\WINDOWS\system32\DRIVERS\purendis.sys
19:34:00.0765 1792 purendis - ok
19:34:01.0187 1792 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:34:01.0218 1792 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
19:34:01.0218 1792 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
19:34:01.0625 1792 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:34:01.0859 1792 ql1080 - ok
19:34:02.0359 1792 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:34:02.0734 1792 Ql10wnt - ok
19:34:03.0171 1792 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:34:03.0312 1792 ql12160 - ok
19:34:03.0828 1792 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:34:03.0968 1792 ql1240 - ok
19:34:04.0578 1792 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:34:04.0796 1792 ql1280 - ok
19:34:05.0281 1792 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:34:05.0515 1792 RasAcd - ok
19:34:06.0656 1792 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:34:06.0968 1792 Rasl2tp - ok
19:34:07.0437 1792 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:34:07.0593 1792 RasPppoe - ok
19:34:08.0140 1792 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:34:08.0343 1792 Raspti - ok
19:34:09.0250 1792 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:34:09.0531 1792 Rdbss - ok
19:34:10.0125 1792 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:34:10.0359 1792 RDPCDD - ok
19:34:10.0937 1792 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:34:11.0203 1792 rdpdr - ok
19:34:12.0375 1792 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
19:34:13.0015 1792 RDPWD - ok
19:34:13.0500 1792 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:34:13.0765 1792 redbook - ok
19:34:14.0375 1792 RsFx0150 (a95840a95a9ff74b0009e5d848cddb39) C:\WINDOWS\system32\DRIVERS\RsFx0150.sys
19:34:14.0515 1792 RsFx0150 - ok
19:34:15.0406 1792 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:34:15.0625 1792 Secdrv - ok
19:34:16.0093 1792 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:34:16.0312 1792 serenum - ok
19:34:17.0156 1792 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:34:17.0812 1792 Serial - ok
19:34:18.0250 1792 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:34:18.0453 1792 Sfloppy - ok
19:34:18.0828 1792 Simbad - ok
19:34:19.0250 1792 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:34:19.0546 1792 sisagp - ok
19:34:20.0109 1792 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:34:20.0343 1792 SLIP - ok
19:34:20.0890 1792 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
19:34:21.0125 1792 SONYPVU1 - ok
19:34:21.0750 1792 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:34:21.0906 1792 Sparrow - ok
19:34:22.0406 1792 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:34:22.0625 1792 splitter - ok
19:34:23.0312 1792 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:34:23.0859 1792 sr - ok
19:34:24.0406 1792 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:34:24.0671 1792 Srv - ok
19:34:25.0531 1792 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
19:34:25.0937 1792 STHDA - ok
19:34:26.0781 1792 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:34:26.0953 1792 streamip - ok
19:34:27.0718 1792 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:34:27.0921 1792 swenum - ok
19:34:29.0171 1792 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:34:29.0593 1792 swmidi - ok
19:34:30.0359 1792 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:34:30.0562 1792 symc810 - ok
19:34:31.0546 1792 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:34:31.0765 1792 symc8xx - ok
19:34:32.0750 1792 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:34:37.0703 1792 sym_hi - ok
19:34:38.0937 1792 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:34:40.0234 1792 sym_u3 - ok
19:34:41.0265 1792 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:34:41.0484 1792 sysaudio - ok
19:34:43.0000 1792 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:34:45.0328 1792 Tcpip - ok
19:34:46.0328 1792 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:34:46.0578 1792 TDPIPE - ok
19:34:46.0937 1792 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:34:47.0937 1792 TDTCP - ok
19:34:49.0109 1792 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:34:49.0343 1792 TermDD - ok
19:34:51.0171 1792 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
19:34:51.0734 1792 TosIde - ok
19:34:53.0000 1792 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:34:53.0328 1792 Udfs - ok
19:34:54.0156 1792 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:34:54.0328 1792 ultra - ok
19:34:55.0015 1792 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:34:55.0937 1792 Update - ok
19:34:56.0312 1792 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:34:56.0500 1792 USBAAPL - ok
19:34:57.0062 1792 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:34:57.0343 1792 usbaudio - ok
19:34:58.0015 1792 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:34:58.0296 1792 usbccgp - ok
19:34:59.0000 1792 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:34:59.0171 1792 usbehci - ok
19:35:00.0375 1792 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:35:00.0968 1792 usbhub - ok
19:35:01.0625 1792 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:35:02.0000 1792 usbohci - ok
19:35:02.0703 1792 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:35:02.0953 1792 usbprint - ok
19:35:03.0546 1792 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:35:03.0765 1792 usbscan - ok
19:35:04.0406 1792 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:35:04.0656 1792 USBSTOR - ok
19:35:05.0296 1792 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:35:05.0546 1792 usbuhci - ok
19:35:06.0250 1792 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:35:06.0593 1792 VgaSave - ok
19:35:07.0312 1792 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:35:08.0546 1792 viaagp - ok
19:35:09.0140 1792 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:35:09.0375 1792 ViaIde - ok
19:35:10.0031 1792 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:35:10.0281 1792 VolSnap - ok
19:35:10.0796 1792 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:35:11.0015 1792 Wanarp - ok
19:35:11.0843 1792 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
19:35:12.0484 1792 wanatw - ok
19:35:13.0265 1792 WDICA - ok
19:35:14.0000 1792 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:35:14.0234 1792 wdmaud - ok
19:35:15.0109 1792 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:35:15.0468 1792 winachsf - ok
19:35:16.0250 1792 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:35:16.0468 1792 WS2IFSL - ok
19:35:17.0046 1792 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:35:17.0343 1792 WSTCODEC - ok
19:35:17.0406 1792 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
19:35:20.0656 1792 \Device\Harddisk0\DR0 - ok
19:35:20.0687 1792 Boot (0x1200) (220f47d457d8067b1504d207cfcda2dc) \Device\Harddisk0\DR0\Partition0
19:35:20.0734 1792 \Device\Harddisk0\DR0\Partition0 - ok
19:35:20.0734 1792 ============================================================
19:35:20.0734 1792 Scan finished
19:35:20.0734 1792 ============================================================
19:35:20.0859 1292 Detected object count: 15
19:35:20.0859 1292 Actual detected object count: 15
19:57:13.0171 1292 72cecc6 ( Rootkit.Win32.PMax.gen ) - skipped by user
19:57:13.0218 1292 72cecc6 ( Rootkit.Win32.PMax.gen ) - User select action: Skip
19:57:15.0812 1292 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\afd.sys) error 1813
19:57:22.0453 1292 Backup copy found, using it..
19:57:22.0859 1292 C:\WINDOWS\System32\drivers\afd.sys - will be cured on reboot
19:57:22.0859 1292 AFD ( Rootkit.Win32.ZAccess.e ) - User select action: Cure
19:57:22.0859 1292 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0859 1292 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0859 1292 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0859 1292 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0859 1292 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0859 1292 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0859 1292 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0859 1292 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0875 1292 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0875 1292 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0875 1292 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0875 1292 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0875 1292 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0875 1292 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0875 1292 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0875 1292 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0875 1292 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0890 1292 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0890 1292 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0890 1292 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0890 1292 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0890 1292 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0890 1292 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0890 1292 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:22.0890 1292 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:22.0890 1292 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:36.0843 4028 Deinitialize success
2. From OTL, Extras:

OTL Extras logfile created on: 10/25/2011 8:05:27 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Download\antivirus
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 55.93% Memory free
3.78 Gb Paging File | 3.13 Gb Available in Paging File | 82.69% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.56 Gb Total Space | 69.73 Gb Free Space | 47.90% Space Free | Partition Type: NTFS

Computer Name: ZEUS | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] --
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"9051:UDP" = 9051:UDP:LocalSubNet:Enabled:Verizon Tech Wizard
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"443:TCP" = 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675
"37687:UDP" = 37687:UDP:*:Enabled:ooVoo UDP port 37687
"37675:TCP" = 37675:TCP:*:Enabled:ooVoo TCP port 37675
"37676:UDP" = 37676:UDP:*:Enabled:ooVoo UDP port 37676
"37688:TCP" = 37688:TCP:*:Disabled:ooVoo TCP port 37688
"37688:UDP" = 37688:UDP:*:Disabled:ooVoo UDP port 37688
"37693:UDP" = 37693:UDP:*:Disabled:ooVoo UDP port 37693
"37682:TCP" = 37682:TCP:*:Enabled:ooVoo TCP port 37682
"37682:UDP" = 37682:UDP:*:Enabled:ooVoo UDP port 37682
"37683:UDP" = 37683:UDP:*:Enabled:ooVoo UDP port 37683
"37685:TCP" = 37685:TCP:*:Enabled:ooVoo TCP port 37685
"37685:UDP" = 37685:UDP:*:Enabled:ooVoo UDP port 37685
"37735:TCP" = 37735:TCP:*:Enabled:ooVoo TCP port 37735
"37735:UDP" = 37735:UDP:*:Enabled:ooVoo UDP port 37735
"37739:UDP" = 37739:UDP:*:Enabled:ooVoo UDP port 37739

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- ()
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- ()
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe" = C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Home Networking Application
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"C:\Program Files\Common Files\AOL\1175966489\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1175966489\ee\aolsoftware.exe:*:Enabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\MySQL\MySQL Workbench 5.2 CE\MySQLWorkbench.exe" = C:\Program Files\MySQL\MySQL Workbench 5.2 CE\MySQLWorkbench.exe:LocalSubNet:Enabled:MySQL Workbench -- (Oracle Corporation)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Apache2\bin\Apache.exe" = C:\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\ooVoo\ooVoo.exe" = C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo
"C:\Program Files\WS_FTP\WS_FTP95.exe" = C:\Program Files\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- ()
"C:\Program Files\Funshion Online\Funshion\FunshionService.exe" = C:\Program Files\Funshion Online\Funshion\FunshionService.exe:*:Enabled:FunshionService
"C:\Program Files\Funshion Online\Funshion\FunshionUpgrade.exe" = C:\Program Files\Funshion Online\Funshion\FunshionUpgrade.exe:*:Enabled:FunshionUpgrade
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- ()
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- ()
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Funshion Online\Funshion\Funshion.exe" = C:\Program Files\Funshion Online\Funshion\Funshion.exe:*:Enabled:Funshion
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe" = C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Thunderbird -- (Mozilla Messaging)
"C:\WINDOWS\system32\msfeedssync.exe" = C:\WINDOWS\system32\msfeedssync.exe:*:Enabled:Microsoft Feeds Synchronization -- (Microsoft Corporation)
"C:\Program Files\TurboTax\Deluxe 2008\Installer\TurboTax 2008 Installer.exe" = C:\Program Files\TurboTax\Deluxe 2008\Installer\TurboTax 2008 Installer.exe:*:Enabled:TurboTax 2008 Installer
"C:\Documents and Settings\John\Local Settings\Temp\dc2c4e21-cd72-4196-8dac-6bbdfae77847\TurboTax 2008 Installer.exe" = C:\Documents and Settings\John\Local Settings\Temp\dc2c4e21-cd72-4196-8dac-6bbdfae77847\TurboTax 2008 Installer.exe:*:Enabled:TurboTax 2008 Installer -- (Intuit)
"C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe" = C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe:*:Enabled:Adobe Reader 7.0 -- (Adobe Systems Incorporated)
"C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe" = C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe:*:Enabled:InstallShield Update Service Agent -- (InstallShield Software Corporation)
"C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Funshion Online\Funshion\FunshionAddr\ASBarBroker.exe" = C:\Program Files\Funshion Online\Funshion\FunshionAddr\ASBarBroker.exe:*:Enabled:??????????
"C:\Documents and Settings\John\Local Settings\Temp\~nsu.tmp\Au_.exe" = C:\Documents and Settings\John\Local Settings\Temp\~nsu.tmp\Au_.exe:*:Enabled:Funshion Installation
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\738c488ab9651fafccaa58d7\Setup.exe" = C:\738c488ab9651fafccaa58d7\Setup.exe:*:Enabled:Setup Installer
"C:\Download\antivirus\tdsskiller\TDSSKiller.exe" = C:\Download\antivirus\tdsskiller\TDSSKiller.exe:*:Enabled:TDSS rootkit removing tool -- (Kaspersky Lab ZAO)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{020617D7-2F72-4D02-BF59-A5CBC1761177}" = SQL Server 2008 R2 Management Studio
"{029A95A8-E814-4760-B5A1-0D46E2D62FB1}" = PHP 5.2.17
"{03DF638A-D61C-4893-B8B9-845900C03163}" = TurboTax 2010 wnyiper
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{046755CA-F677-4B7F-AF9A-6AB295A02A30}" = Microsoft SQL Server 2008 R2 Native Client
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{121475F5-2598-4574-8801-8F6B3D6A99BB}" = SQL Server 2008 R2 Management Studio
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15EFEBF6-E414-33EB-8710-A04AD1302BF8}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Web - enu
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{199C20D6-10D3-4210-B361-4760209F56AE}" = Citrix online plug-in (Web)
"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{221125DC-6A40-4900-B844-591F5E1195B0}" = Microsoft Visual Web Developer 2005 Express Edition - ENU
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26E76762-7F20-4694-AD06-CC3A9B547A71}" = Microsoft Office Live Meeting 2007
"{27B6D024-FD7E-4A88-BC17-5AFBE33EC072}" = Microsoft F# Runtime for Silvelight 4
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2DDCCEA5-2AA4-4ABB-BCAD-41BB115A4333}" = Microsoft Silverlight 4 Toolkit April 2010
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160070}" = Java(TM) SE Development Kit 6 Update 7
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35A3A4F4-B792-11D6-A78A-00B0D0142160}" = Java 2 SDK, SE v1.4.2_16
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{38766225-85FA-469B-A373-82BF1923A7E4}" = MySQL Workbench 5.2 CE
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3A862C7D-0504-48BC-AEF8-7F7479C7C158}" = Apache HTTP Server 2.0.59
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B8186F0-EAA2-012B-AE69-000000000000}" = TurboTax 2009 wnyiper
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3CB15F63-7D48-4694-B68E-3D6E25D5C932}" = MySQL Server 5.0
"{3ECCB578-504E-4F7A-A8B4-CF4F3B939B44}" = Citrix online plug-in (USB)
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4C24C6EB-FF40-4855-9C1D-42F8AFC75112}" = Zend Optimizer
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{4F1DA6BF-3614-48A1-9970-9E90F646789E}" = Ulead VideoStudio 8.0
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{558358E5-E4F3-4374-BA1D-26FF39EF87D9}" = Microsoft Silverlight 4 Tools for Visual Studio 2010
"{57BADDF0-859A-47BC-8940-143E9F3F5629}" = Pure Networks Platform
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5BDFAB82-060E-438B-AB4F-A2331B2294C0}" = Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{678094A1-6250-476B-9AFF-4376E48F135C}" = Citrix online plug-in (DV)
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6DA0B8BE-3735-4287-AF4D-B8DE088D0AA7}" = AVG 2012
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142160}" = Java 2 Runtime Environment, SE v1.4.2_16
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{76866BE3-B2C7-40BB-B267-927792AED0C3}" = Microsoft SQL Server 2008 R2 Setup (English)
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{7A3F0566-5E05-4919-9C98-456F6B5CF831}" = Get High Speed Internet!
"{7ADE3A47-B425-45E9-8FF6-11BE2B775645}" = Corel Snapfire Plus
"{7BB40A22-8D98-43F9-A08A-E7EFF5AB1324}" = Camtasia Studio 5
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}" = Microsoft Silverlight 4 SDK
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{85076DFF-7A17-3566-9CC0-488E6E6D4494}" = Microsoft Visual Web Developer 2010 Express - ENU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FFC6175-D2C5-4FA7-91E8-E2A9431A5CDA}" = WCF RIA Services V1.0 for Visual Studio 2010
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{98BD9EA5-2DF2-445C-8C8D-057F55B3C633}" = AVG 2012
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.3
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B67C01B3-8502-4BE7-AEAB-BBDE910AD3EE}" = Microsoft Web Platform Installer 2.0
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C252EB7B-7AE0-46DE-9BEE-DF681B885F13}" = Modem Diagnostic Tool
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6DB11F1-EBD1-3AA4-A44D-55630E1E6FDA}" = Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CD49361E-3FE6-457E-90A1-9C59E29B5D02}" = Java DB 10.3.1.4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}" = Microsoft SQL Server 2008 R2 Policies
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D504303A-717D-414C-BA9F-FE01093E2EF8}" = Adobe Setup
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0F9E47D-3132-4DA0-98E7-A8A9C6716C90}" = Microsoft ASP.NET MVC 2 - VWD Express 2008 Tools
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FA365307-1963-4D16-BD44-113C8F037AAD}" = Citrix online plug-in (HDX)
"{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}" = Broadcom Management Programs
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_5bc0f8414ec36c555a3e7e5ec2e225e" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"AdobeESD" = Adobe Download Manager 2.2 (Remove Only)
"AIM Toolbar" = AIM Toolbar 5.0
"AIM_6" = AIM 6
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AppInventor Setup" = AppInventor Setup
"AspUpload" = AspUpload
"AVG" = AVG 2012
"C0A0AA4D-C79B-48CA-8843-2B02B626C9E6" = Blackhawk Striker 2
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"CSCLIB" = Canon Camera Support Core Library
"CuteFTP Pro" = CuteFTP Pro
"Dell Color Printer 725" = Dell Color Printer 725
"Dell Game Console" = Dell Game Console
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"Fiddler2" = Fiddler2
"FTP Voyager_is1" = FTP Voyager 14.0
"Google Desktop" = Google Desktop
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"IsoBuster_is1" = IsoBuster 2.4
"LG USB Drivers" = LG USB Drivers
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2000" = Microsoft SQL Server 2000
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"Microsoft Visual Web Developer 2005 Express Edition - ENU" = Microsoft Visual Web Developer 2005 Express Edition - ENU
"Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU" = Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU
"Microsoft Visual Web Developer 2010 Express - ENU" = Microsoft Visual Web Developer 2010 Express - ENU
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mozilla Thunderbird (3.0.11)" = Mozilla Thunderbird (3.0.11)
"MSNINST" = MSN
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer Basic
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SearchAssist" = SearchAssist
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"UltraEdit-32" = UltraEdit-32 Uninstall
"ViewpointMediaPlayer" = Viewpoint Media Player
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"WIC" = Windows Imaging Component
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Draw 4 App" = Draw 4 App
"Google Chrome" = Google Chrome
"Sun Download Manager 2.0 (web)" = Sun Download Manager 2.0 (web)

< End of report >

3. From OTL


OTL logfile created on: 10/25/2011 8:05:27 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Download\antivirus
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 55.93% Memory free
3.78 Gb Paging File | 3.13 Gb Available in Paging File | 82.69% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.56 Gb Total Space | 69.73 Gb Free Space | 47.90% Space Free | Partition Type: NTFS

Computer Name: ZEUS | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Download\antivirus\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe ()
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe ()
PRC - C:\Program Files\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe (Yahoo! Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
PRC - C:\Program Files\Common Files\AOL\1175966489\ee\aolsoftware.exe (America Online, Inc.)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
PRC - C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll ()
MOD - C:\Program Files\AVG\AVG2012\avgrsx.exe ()
MOD - C:\Program Files\AVG\AVG2012\avgcsrvx.exe ()
MOD - C:\Program Files\Google\Google Desktop Search\gzlib.dll ()
MOD - [url="file://\\?\globalroot\systemroot\system32\mswsock.dll"]\\?\globalroot\systemroot\system32\mswsock.dll[/url] ()
MOD - C:\WINDOWS\system32\nvapi.dll ()
MOD - C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (vToolbarUpdater) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe ()
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe ()
SRV - (IntuitUpdateService) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe ()
SRV - (SQLWriter) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe ()
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (SMTPSVC) Simple Mail Transfer Protocol (SMTP) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe ()
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe ()
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe ()
SRV - (MySQL) -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe ()
SRV - (dlcf_device) -- C:\WINDOWS\System32\dlcfcoms.exe ( )
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (WANMiniportService) WAN Miniport (ATW) -- C:\WINDOWS\wanmpsvc.exe ()
SRV - (MDM) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE ()
SRV - (MSSQLSERVER) -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe ()


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (AFD) -- C:\WINDOWS\System32\drivers\tsk1CC.tmp ()
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (RsFx0150) -- C:\WINDOWS\system32\drivers\RsFx0150.sys (Microsoft Corporation)
DRV - (ctxusbm) -- C:\WINDOWS\system32\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Pure Networks, Inc.)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Pure Networks, Inc.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (CVUVC) Cisco VT Camera II(UVC) -- C:\WINDOWS\system32\drivers\Cvuvc.sys (Logitech Inc.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (dwusbdnt) -- C:\WINDOWS\system32\drivers\dwusbdnt.sys ([email="[email protected]"][email protected][/email] Co., Ltd.)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us"]http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com/"]http://www.google.com/[/url]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "[url="http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50fftrie7"]http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50fftrie7[/url]"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "[url="http://www.cubehelper.com/"]http://www.cubehelper.com/[/url]"
FF - prefs.js..extensions.enabledItems: [email="[email protected]:2.2.9.8"][email protected]:2.2.9.8[/email]
FF - prefs.js..extensions.enabledItems: [email="[email protected]:8.0.0.34.1"][email protected]:8.0.0.34.1[/email]
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1829
FF - prefs.js..keyword.URL: "[url="http://isearch.avg.com/search?cid=%7B95bcb223-7314-40f1-af7b-228bc7bd98b0%7D&mid=0681e8eedc9c47d6bbccd14acce4e9e6-28dfc710305386f0742d1ebfe482ca7ccfe26bd6&ds=AVG&v=8.0.0.34.1&lang=en&pr=fr&d=2011-09-29%2019%3A24%3A44&sap=ku&q"]http://isearch.avg.com/search?cid=%7B95bcb223-7314-40f1-af7b-228bc7bd98b0%7D&mid=0681e8eedc9c47d6bbccd14acce4e9e6-28dfc710305386f0742d1ebfe482ca7ccfe26bd6&ds=AVG&v=8.0.0.34.1&lang=en&pr=fr&d=2011-09-29%2019%3A24%3A44&sap=ku&q[/url]="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.0: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Fiddler2\FiddlerHook [2010/09/14 07:14:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/10/07 08:50:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/02 19:46:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/02 19:46:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/12/16 20:44:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\AVG\AVG2012\Thunderbird\ [2011/09/29 19:23:06 | 000,000,000 | ---D | M]

[2010/06/13 20:34:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John\Application Data\Mozilla\Extensions
[2010/06/13 20:34:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/09/29 20:52:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\bqgh9iu8.default\extensions
[2009/06/27 17:09:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\bqgh9iu8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/03/21 14:41:11 | 000,000,000 | ---D | M] ("AOL Toolbar") -- C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\bqgh9iu8.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2011/09/29 19:24:57 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\bqgh9iu8.default\extensions\[email protected]
[2009/03/21 14:41:19 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\bqgh9iu8.default\searchplugins\aim-search.xml
[2011/09/29 20:52:19 | 000,003,849 | ---- | M] () -- C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\bqgh9iu8.default\searchplugins\avg-secure-search.xml
[2010/12/19 23:17:03 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\John\Application Data\Mozilla\Firefox\Profiles\bqgh9iu8.default\searchplugins\bing-zugo.xml
[2011/09/24 22:09:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/07 08:50:42 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2010/09/14 07:14:02 | 000,000,000 | ---D | M] (FiddlerHook) -- C:\PROGRAM FILES\FIDDLER2\FIDDLERHOOK
[2010/10/12 16:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2010/10/12 16:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2010/10/12 16:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2010/10/12 16:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2010/10/12 18:16:54 | 000,484,768 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2010/10/12 16:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = [url="http://isearch.avg.com/search?cid={34F15F43-1258-49DE-A07D-D5E3E4926AF6}&mid=0681e8eedc9c47d6bbccd14acce4e9e6-28dfc710305386f0742d1ebfe482ca7ccfe26bd6&lang=en&ds=AVG&pr=fr&d=2011-09-29"]http://isearch.avg.com/search?cid={34F15F43-1258-49DE-A07D-D5E3E4926AF6}&mid=0681e8eedc9c47d6bbccd14acce4e9e6-28dfc710305386f0742d1ebfe482ca7ccfe26bd6&lang=en&ds=AVG&pr=fr&d=2011-09-29[/url] 19:24:44&v=8.0.0.34&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = [url="http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding"]http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding[/url]}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\John\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: WPI Detector 1.1 (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1829_0\

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (CA Toolbar Helper) - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\eTrust Internet Security Suite\CA Website Inspector\WebsiteInspector\Toolbar\CallingIDIE.dll File not found
O3 - HKLM\..\Toolbar: (CA Toolbar) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\eTrust Internet Security Suite\CA Website Inspector\WebsiteInspector\Toolbar\CallingIDIE.dll File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe ()
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DLCFCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.DLL ()
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1175966489\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (HP)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AIM Search - c:\Program Files\AOL\AIM Toolbar 5.0\resources\en-us\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [url="http://upload.facebook.com/controls/FacebookPhotoUploader5.cab"]http://upload.facebook.com/controls/FacebookPhotoUploader5.cab[/url] (Facebook Photo Uploader 5)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [url="http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab"]http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[/url] (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [url="http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab"]http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab[/url] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} [url="http://www.linkedin.com/cab/LinkedInContactFinderControl.cab"]http://www.linkedin.com/cab/LinkedInContactFinderControl.cab[/url] (LinkedIn ContactFinderControl)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} [url="http://www.winkflash.com/photo/loaders/ImageUploader5.cab"]http://www.winkflash.com/photo/loaders/ImageUploader5.cab[/url] (Image Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [url="http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1169262104622"]http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1169262104622[/url] (MUWebControl Class)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} [url="http://www.winkflash.com/photo/loaders/ImageUploader4.cab"]http://www.winkflash.com/photo/loaders/ImageUploader4.cab[/url] (Image Uploader Control)
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} [url="https://www.originators.org/Remote/msrdp.cab"]https://www.originators.org/Remote/msrdp.cab[/url] (Microsoft RDP Client Control (redist))
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[/url] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab"]http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab[/url] (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab[/url] (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[/url] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[/url] (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab"]http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab[/url] (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: vzTCPConfig [url="https://essentialsandextras.verizon.com/whatsnext/mainweb_js/vzTCPConfig.CAB"]https://essentialsandextras.verizon.com/whatsnext/mainweb_js/vzTCPConfig.CAB[/url] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B5BDD20-6052-4E6D-A15C-E7F8C4E53648}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp3.dll (Pure Networks, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Documents and Settings\John\Local Settings\Application Data\072cecc6\X) -C:\Documents and Settings\John\Local Settings\Application Data\072cecc6\X ()
O24 - Desktop WallPaper: C:\Documents and Settings\John\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\John\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 19:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{45c18358-ad9c-11db-8c74-00188b72bf5b}\Shell - "" = AutoRun
O33 - MountPoints2\{45c18358-ad9c-11db-8c74-00188b72bf5b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{45c18358-ad9c-11db-8c74-00188b72bf5b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

File not found -- C:\WINDOWS\System32\
File not found -- C:\WINDOWS\
[2011/10/25 19:57:23 | 000,094,896 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\55151224.sys
[2011/10/25 19:18:17 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/10/25 19:10:48 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/10/24 20:14:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/10/24 19:32:01 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/10/24 19:27:01 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/10/24 19:27:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/10/24 19:02:39 | 000,000,000 | ---D | C] -- C:\6db4259de50f98a5cafe6e76c595
[2011/10/23 22:43:35 | 000,000,000 | ---D | C] -- C:\d36a2842c43c80ed1a0d6f6a
[2011/10/23 18:34:09 | 000,000,000 | ---D | C] -- C:\9b49620dfc815cec2b9accf2
[2011/10/23 17:37:13 | 000,000,000 | ---D | C] -- C:\1ce47bee08e18e16d950eaf42f
[2011/10/23 17:01:43 | 000,089,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SQSRVRES.DLL
[2011/10/23 16:50:40 | 000,000,000 | ---D | C] -- C:\c9ce094ad5d128dfa522
[2011/10/23 12:13:15 | 000,000,000 | ---D | C] -- C:\01be480eadf72ca2905d
[2011/10/23 11:36:11 | 000,000,000 | ---D | C] -- C:\sonic
[2011/10/22 21:12:05 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2011/10/22 21:12:04 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011/10/22 21:11:19 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011/10/22 21:10:49 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/10/22 21:08:50 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/10/22 21:08:48 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/10/22 21:06:32 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/10/22 21:02:38 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/10/21 19:07:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/10/20 19:35:22 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\John\Local Settings\Application Data\072cecc6
[2011/09/29 19:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2011/09/29 19:25:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2011/09/29 19:24:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Application Data\AVG Secure Search
[2011/09/29 19:24:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011/09/29 19:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011/09/29 19:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John\Application Data\AVG2012
[2011/09/29 19:19:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/09/26 11:41:20 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
[2011/09/26 11:41:14 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[2005/10/28 08:46:42 | 000,638,976 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfpmui.dll
[2005/10/28 08:46:00 | 001,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfserv.dll
[2005/10/28 08:43:34 | 000,483,328 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcflmpm.dll
[2005/10/28 08:43:16 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcomm.dll
[2005/10/28 08:43:08 | 000,368,640 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcfg.exe
[2005/10/28 08:42:14 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfih.exe
[2005/10/28 08:42:00 | 000,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfpplc.dll
[2005/10/28 08:41:52 | 000,491,520 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcoms.exe
[2005/10/28 08:41:24 | 000,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfcomc.dll
[2005/10/28 08:40:58 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfprox.dll
[2005/10/28 08:37:48 | 001,134,592 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfusb1.dll
[2005/10/28 08:35:48 | 000,774,144 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcfhbn3.dll
[46 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\Documents and Settings\John\My Documents\*.tmp files -> C:\Documents and Settings\John\My Documents\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

File not found -- C:\WINDOWS\System32\
File not found -- C:\WINDOWS\
[2011/10/25 20:01:23 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D2BD5462-EF45-40AF-93CD-B6D13577B00F}.job
[2011/10/25 19:57:23 | 000,094,896 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\55151224.sys
[2011/10/25 19:36:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2426275479-784255346-68698174-1006UA.job
[2011/10/25 19:36:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2426275479-784255346-68698174-1006Core.job
[2011/10/25 19:29:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/25 19:27:35 | 000,081,191 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/10/25 19:27:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/25 19:27:17 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/25 19:27:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\3337366535
[2011/10/25 19:27:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/25 19:26:57 | 2078,789,632 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/25 19:18:27 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/10/25 19:14:32 | 000,048,016 | -HS- | M] () -- C:\WINDOWS\System32\c_13170.nl_
[2011/10/25 19:05:25 | 107,326,893 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/10/25 18:59:44 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2011/10/24 20:35:13 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/10/24 20:35:13 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/10/24 19:32:00 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/10/24 19:08:40 | 000,675,518 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/24 19:08:40 | 000,147,158 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/23 16:44:21 | 000,003,370 | ---- | M] () -- C:\Documents and Settings\John\funshion.ini
[2011/10/23 16:41:18 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\John\FunshionService.timestamp
[2011/10/23 10:51:45 | 001,630,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/22 21:07:14 | 000,012,403 | ---- | M] () -- C:\WINDOWS\UEDIT32.INI
[2011/10/22 21:07:14 | 000,000,256 | -H-- | M] () -- C:\WINDOWS\uedit32.cfg
[2011/10/22 20:23:12 | 000,002,471 | ---- | M] () -- C:\Documents and Settings\John\Desktop\Microsoft Excel.lnk
[2011/10/21 19:41:45 | 000,000,911 | ---- | M] () -- C:\Documents and Settings\John\Application Data\coreavc.ini
[2011/10/20 19:39:35 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\{2521BB91-29B1-4d7e-9137-AC9875D77735}
[2011/10/11 19:22:10 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/10/07 09:33:06 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\John\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/07 09:33:05 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\John\Desktop\Google Chrome.lnk
[2011/10/07 08:50:43 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/10/05 19:03:49 | 000,223,762 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/09/27 19:29:24 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\John\Desktop\SDK Manager.lnk
[2011/09/26 11:41:20 | 000,611,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uiautomationcore.dll
[2011/09/26 11:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
[2011/09/26 11:41:14 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaccrc.dll
[2011/09/26 11:41:14 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[46 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\Documents and Settings\John\My Documents\*.tmp files -> C:\Documents and Settings\John\My Documents\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/10/24 20:35:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/10/24 20:35:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/10/24 19:27:21 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/10/23 10:51:26 | 000,048,016 | -HS- | C] () -- C:\WINDOWS\System32\c_13170.nl_
[2011/10/20 19:39:35 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\{2521BB91-29B1-4d7e-9137-AC9875D77735}
[2011/10/20 19:35:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\3337366535
[2011/09/29 19:25:05 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/09/27 19:29:05 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\John\Desktop\SDK Manager.lnk
[2011/09/12 20:32:40 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\John\Application Data\coreavc.ini
[2011/09/02 04:39:46 | 000,001,128 | ---- | C] () -- C:\WINDOWS\System32\funshion.ini
[2011/07/09 09:10:24 | 000,050,917 | ---- | C] () -- C:\WINDOWS\php.ini
[2011/07/08 20:26:48 | 000,043,892 | ---- | C] () -- C:\WINDOWS\php52_save.ini
[2011/03/05 17:24:39 | 001,228,560 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/11/23 14:54:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/07 21:24:43 | 000,075,236 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/05/31 22:27:02 | 001,783,262 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2426275479-784255346-68698174-1006-0.dat
[2010/05/31 22:26:58 | 000,395,494 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/04/14 19:49:50 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/12/20 22:45:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/01/07 20:57:11 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\John\Application Data\dvd.bmk
[2009/01/06 20:24:39 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\John\Local Settings\Application Data\fusioncache.dat
[2009/01/05 22:30:05 | 000,000,256 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/01/05 22:30:04 | 000,001,515 | ---- | C] () -- C:\WINDOWS\_isenv31.ini
[2009/01/05 22:30:04 | 000,000,521 | ---- | C] () -- C:\WINDOWS\_iserr31.ini
[2008/05/18 18:09:57 | 000,000,006 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2008/03/21 11:45:55 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/02/29 22:07:33 | 000,000,189 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/12/31 15:05:08 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2007/12/16 19:31:41 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007/11/18 19:13:36 | 000,002,303 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2007/11/18 19:13:06 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2007/05/15 19:43:05 | 000,000,653 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
[2007/04/07 13:21:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\wanmpsvc.exe
[2007/02/18 20:09:33 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007/01/12 20:48:04 | 000,012,403 | ---- | C] () -- C:\WINDOWS\UEDIT32.INI
[2006/12/23 11:26:32 | 000,043,893 | ---- | C] () -- C:\WINDOWS\php5217_save.ini
[2006/12/23 11:26:32 | 000,043,698 | ---- | C] () -- C:\WINDOWS\php.ini.bak
[2006/12/22 18:55:42 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2006/12/22 18:55:42 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2006/12/22 18:55:22 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2006/12/22 18:55:21 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2006/12/22 18:55:21 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2006/12/22 16:39:30 | 000,036,939 | ---- | C] () -- C:\WINDOWS\System32\insrepim.exe
[2006/12/22 15:59:08 | 000,000,036 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/12/22 15:40:58 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\John\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/22 15:27:22 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\dlcfcfg.dll
[2006/12/19 10:01:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/12/19 09:54:50 | 000,001,154 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/19 09:49:22 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/12/19 09:47:40 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/12/19 09:21:41 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2006/12/19 09:21:23 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/12/19 09:21:23 | 001,617,920 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/12/19 09:21:23 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/12/19 09:21:22 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/12/19 09:21:22 | 000,155,715 | ---- | C] () -- C:\WINDOWS\System32\nvsvc32.exe
[2006/12/19 09:21:21 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/12/19 09:21:21 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/12/19 09:21:21 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/12/19 09:21:21 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/12/19 09:21:20 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/12/19 09:21:20 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/12/19 09:21:19 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/12/19 09:20:17 | 000,000,394 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/11/02 13:41:38 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll
[2006/11/02 13:41:38 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\libswish-e.dll
[2006/11/02 13:41:36 | 000,166,912 | ---- | C] () -- C:\WINDOWS\System32\libmcrypt.dll
[2006/11/02 13:41:36 | 000,165,643 | ---- | C] () -- C:\WINDOWS\System32\libmhash.dll
[2006/11/02 13:41:36 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\msql.dll
[2005/11/23 06:54:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcfinsr.dll
[2005/11/23 06:54:36 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcfcur.dll
[2005/11/23 06:54:22 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlcfjswr.dll
[2005/11/23 06:53:52 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcfcub.dll
[2005/11/23 06:53:50 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\dlcfinsb.dll
[2005/11/23 06:53:46 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcfcu.dll
[2005/11/23 06:53:44 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcfins.dll
[2005/11/23 06:53:26 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlcfutil.dll
[2005/11/10 03:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/07/28 14:47:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcfvs.dll
[2004/08/11 19:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 19:19:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/11 19:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 19:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 19:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 19:06:43 | 001,630,024 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 19:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/11 19:00:28 | 000,675,518 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 19:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/11 19:00:28 | 000,147,158 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 19:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/11 19:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/11 19:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/11 19:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/11 19:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/11 19:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/11 19:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/11 19:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/22 14:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2008/09/07 21:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/06/03 19:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2011/09/29 19:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2010/11/07 11:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/02/23 07:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/11/07 11:43:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/02/16 22:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\jOdFgIm17702
[2011/02/16 22:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kLmBjBg17702
[2008/07/04 16:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Linksys
[2011/10/23 11:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/06/23 15:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoStitch
[2009/01/05 20:18:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2008/07/19 21:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2007/05/15 19:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/01/05 20:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/09/07 21:04:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/12/19 09:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2010/03/30 19:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/09/07 21:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\acccore
[2011/09/29 19:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\AVG Secure Search
[2011/09/29 19:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\AVG2012
[2008/05/24 21:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\CallingID
[2008/06/23 15:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Canon
[2010/08/05 21:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\GetRightToGo
[2007/03/15 20:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\GlobalSCAPE
[2006/12/22 15:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\ICAClient
[2006/12/31 18:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Leadertech
[2008/03/02 11:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\LimeWire
[2011/10/22 21:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\MySQL
[2010/12/19 23:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\ooVoo Details
[2007/02/06 21:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\RhinoSoft.com
[2006/12/22 15:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Smith Micro
[2010/04/28 14:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\TechWizard
[2010/06/13 20:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Thunderbird
[2009/01/05 20:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Ulead Systems
[2008/09/14 19:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John\Application Data\Viewpoint
[2011/10/25 19:18:27 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/10/25 20:01:23 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D2BD5462-EF45-40AF-93CD-B6D13577B00F}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 816 bytes -> C:\WINDOWS\3337366535:4174582585.exe
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81
< End of report >



Please HELP!!

Thank you

Share this post


Link to post
Share on other sites
Hi skybox999,

Please, follow the instructions on http://www.bleepingcomputer.com/combofix/how-to-use-combofix for installing and running ComboFix.

Read carefully and note the "Disclaimer of warranty"!

Paste the content of the log into your answer.

Share this post


Link to post
Share on other sites
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Thank You !

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0