ComboFix 09-07-07.A2 - Kareem Brown 07/07/2009 18:36.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1553 [GMT -5:00]
Running from: c:\documents and settings\Kareem Brown\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Kareem Brown\Desktop\CFScript.txt
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((( Files Created from 2009-06-07 to 2009-07-07 )))))))))))))))))))))))))))))))
.
2009-07-07 21:32 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-07-07 21:00 . 2009-07-07 21:00 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2009-07-06 01:33 . 2008-06-19 22:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-07-06 01:32 . 2009-07-06 01:32 -------- d-----w- c:\program files\Panda Security
2009-07-05 21:12 . 2009-07-05 21:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-07-05 20:57 . 2009-07-05 20:57 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\Malwarebytes
2009-07-05 20:57 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-05 20:57 . 2009-07-05 21:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-05 20:57 . 2009-07-05 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-05 20:57 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-05 17:11 . 2009-07-06 02:38 -------- d-----w- c:\program files\SpywareBlaster
2009-07-03 17:24 . 2009-07-03 21:16 -------- d-----w- c:\program files\COMODO
2009-07-03 01:19 . 2009-07-03 01:19 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Opera
2009-07-02 02:14 . 2008-04-13 16:39 142592 ----a-w- c:\windows\system32\drivers\aec.sys
2009-06-27 12:25 . 2009-07-05 20:35 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-27 12:24 . 2009-06-27 12:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-06-26 23:05 . 2009-07-05 18:02 117760 ----a-w- c:\documents and settings\Kareem Brown\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-26 23:03 . 2009-06-26 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-06-26 23:01 . 2009-06-26 23:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-06-26 23:01 . 2009-06-26 23:01 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\SUPERAntiSpyware.com
2009-06-23 00:32 . 2009-06-23 00:32 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\CyberLink
2009-06-23 00:32 . 2009-06-23 01:47 -------- d-----w- c:\documents and settings\Kareem Brown\Local Settings\Application Data\PowerDVD
2009-06-23 00:30 . 2009-06-23 00:30 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\dvdcss
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-07 23:33 . 2009-03-29 05:32 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-07-07 23:21 . 2008-06-01 17:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-07-07 22:28 . 2005-08-16 09:18 182656 ----a-w- c:\windows\system32\drivers\ndis.sys
2009-07-07 20:29 . 2006-09-23 05:18 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-06 22:21 . 2008-11-29 22:13 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-06 00:20 . 2006-09-29 09:58 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\Lavasoft
2009-07-03 02:38 . 2007-03-26 07:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-07-03 02:38 . 2006-09-23 05:30 -------- d-----w- c:\program files\Microsoft Works
2009-07-03 02:34 . 2008-11-26 01:51 -------- d-----w- c:\program files\iTunes
2009-07-03 02:03 . 2006-09-29 09:53 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-02 14:26 . 2006-09-23 05:27 -------- d-----w- c:\program files\Google
2009-06-26 23:01 . 2006-09-29 09:37 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-07 13:28 . 2008-11-16 22:59 -------- d-----w- c:\program files\Packet Tracer 4.1
2009-06-07 13:27 . 2009-06-07 13:26 -------- d-----w- c:\program files\Packet Tracer 5.1
2009-06-06 19:51 . 2006-10-15 10:01 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\uTorrent
2009-05-31 18:46 . 2007-10-01 05:36 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\LimeWire
2009-05-28 01:01 . 2009-01-07 20:50 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-07 15:32 . 2005-08-16 09:18 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:56 . 2005-08-16 09:18 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2005-08-16 09:18 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-18 19:22 . 2009-04-18 19:22 1915520 ----a-w- c:\documents and settings\Kareem Brown\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-04-17 12:26 . 2005-08-16 09:18 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2005-08-16 09:18 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2006-12-11 08:22 . 2006-09-27 21:45 88 --sh--r- c:\windows\system32\2EB4A548E6.sys
2006-12-11 08:22 . 2006-09-27 21:45 3766 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-07-07_21.36.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-08-16 09:18 . 2009-07-07 21:39 72354 c:\windows\system32\perfc009.dat
+ 2005-08-16 09:18 . 2009-07-07 21:39 426068 c:\windows\system32\perfh009.dat
+ 2005-08-16 09:18 . 2009-07-07 22:21 182656 c:\windows\system32\dllcache\ndis.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-12 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 17:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk
backup=c:\windows\pss\Service Manager.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\Kareem Brown\\Desktop\\Tools\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [7/5/2009 8:33 PM 28544]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [6/23/2009 11:01 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [6/23/2009 11:01 AM 72944]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys --> c:\windows\system32\Drivers\avgtdix.sys [?]
S3 samhid;samhid;c:\windows\system32\drivers\Samhid.sys [4/25/2008 10:30 PM 7548]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [6/23/2009 11:01 AM 7408]
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1553 [GMT -5:00]
Running from: c:\documents and settings\Kareem Brown\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Kareem Brown\Desktop\CFScript.txt
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((( Files Created from 2009-06-07 to 2009-07-07 )))))))))))))))))))))))))))))))
.
2009-07-07 21:32 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-07-07 21:00 . 2009-07-07 21:00 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2009-07-06 01:33 . 2008-06-19 22:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-07-06 01:32 . 2009-07-06 01:32 -------- d-----w- c:\program files\Panda Security
2009-07-05 21:12 . 2009-07-05 21:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-07-05 20:57 . 2009-07-05 20:57 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\Malwarebytes
2009-07-05 20:57 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-05 20:57 . 2009-07-05 21:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-05 20:57 . 2009-07-05 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-05 20:57 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-05 17:11 . 2009-07-06 02:38 -------- d-----w- c:\program files\SpywareBlaster
2009-07-03 17:24 . 2009-07-03 21:16 -------- d-----w- c:\program files\COMODO
2009-07-03 01:19 . 2009-07-03 01:19 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Opera
2009-07-02 02:14 . 2008-04-13 16:39 142592 ----a-w- c:\windows\system32\drivers\aec.sys
2009-06-27 12:25 . 2009-07-05 20:35 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-27 12:24 . 2009-06-27 12:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-06-26 23:05 . 2009-07-05 18:02 117760 ----a-w- c:\documents and settings\Kareem Brown\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-06-26 23:03 . 2009-06-26 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-06-26 23:01 . 2009-06-26 23:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-06-26 23:01 . 2009-06-26 23:01 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\SUPERAntiSpyware.com
2009-06-23 00:32 . 2009-06-23 00:32 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\CyberLink
2009-06-23 00:32 . 2009-06-23 01:47 -------- d-----w- c:\documents and settings\Kareem Brown\Local Settings\Application Data\PowerDVD
2009-06-23 00:30 . 2009-06-23 00:30 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\dvdcss
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-07 23:33 . 2009-03-29 05:32 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-07-07 23:21 . 2008-06-01 17:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-07-07 22:28 . 2005-08-16 09:18 182656 ----a-w- c:\windows\system32\drivers\ndis.sys
2009-07-07 20:29 . 2006-09-23 05:18 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-06 22:21 . 2008-11-29 22:13 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-06 00:20 . 2006-09-29 09:58 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\Lavasoft
2009-07-03 02:38 . 2007-03-26 07:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-07-03 02:38 . 2006-09-23 05:30 -------- d-----w- c:\program files\Microsoft Works
2009-07-03 02:34 . 2008-11-26 01:51 -------- d-----w- c:\program files\iTunes
2009-07-03 02:03 . 2006-09-29 09:53 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-02 14:26 . 2006-09-23 05:27 -------- d-----w- c:\program files\Google
2009-06-26 23:01 . 2006-09-29 09:37 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-07 13:28 . 2008-11-16 22:59 -------- d-----w- c:\program files\Packet Tracer 4.1
2009-06-07 13:27 . 2009-06-07 13:26 -------- d-----w- c:\program files\Packet Tracer 5.1
2009-06-06 19:51 . 2006-10-15 10:01 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\uTorrent
2009-05-31 18:46 . 2007-10-01 05:36 -------- d-----w- c:\documents and settings\Kareem Brown\Application Data\LimeWire
2009-05-28 01:01 . 2009-01-07 20:50 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-07 15:32 . 2005-08-16 09:18 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:56 . 2005-08-16 09:18 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2005-08-16 09:18 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-18 19:22 . 2009-04-18 19:22 1915520 ----a-w- c:\documents and settings\Kareem Brown\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-04-17 12:26 . 2005-08-16 09:18 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2005-08-16 09:18 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2006-12-11 08:22 . 2006-09-27 21:45 88 --sh--r- c:\windows\system32\2EB4A548E6.sys
2006-12-11 08:22 . 2006-09-27 21:45 3766 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-07-07_21.36.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-08-16 09:18 . 2009-07-07 21:39 72354 c:\windows\system32\perfc009.dat
+ 2005-08-16 09:18 . 2009-07-07 21:39 426068 c:\windows\system32\perfh009.dat
+ 2005-08-16 09:18 . 2009-07-07 22:21 182656 c:\windows\system32\dllcache\ndis.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-12 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 17:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk
backup=c:\windows\pss\Service Manager.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\Kareem Brown\\Desktop\\Tools\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [7/5/2009 8:33 PM 28544]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [6/23/2009 11:01 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [6/23/2009 11:01 AM 72944]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys --> c:\windows\system32\Drivers\avgtdix.sys [?]
S3 samhid;samhid;c:\windows\system32\drivers\Samhid.sys [4/25/2008 10:30 PM 7548]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [6/23/2009 11:01 AM 7408]