AVG + Other Anti-virus/spyware/malware 404 error effecting me updating AVG

Hello,

I think I have some kind of virus/malware/spyware. I am unable to update my virus definitions for AVG,and whenever I try to visit a website for removal tools like AVG or Avast or Malwarebytes, I get a 404 error on Firefox. This only happens on my computer, and not others in the house so it is probably not a router issue. I've also had friends try these websites, and they live in different states and can get to these sites no problem.

I hope this can get fixed so I can update my antivirus software.

Thanks!

Hi there artpassion!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:

• Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  
• Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  
• I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  
• Stick with me till the end! If your computer starts running better, doesn´t mean it is clean yet!

====================

Please download OTL by OldTimer from here and save it to your Desktop.

• Close all windows and double click OTL.exe.
  
• The Extra Registry setting should be Use Safelist
  
• Copy and paste the following text into the Custom Scans/Fixes box:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.sys
%systemroot%\system32\drivers\*.dll
%systemroot%\system32\drivers\*.ini
%systemroot%\system32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
/md5start
atapi.sys
explorer.exe
iastor.sys
userinit.exe
winlogon.exe
/md5stop

• Click the Run Scan button and allow it to run.
  
• It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  
• You may need to use two posts to get it all.

OTL.txt

OTL logfile created on: 4/28/2011 8:48:47 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Max Slobodin_2\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

767.00 Mb Total Physical Memory | 557.00 Mb Available Physical Memory | 73.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 0.18 Gb Free Space | 0.24% Space Free | Partition Type: NTFS
Drive F: | 372.51 Gb Total Space | 0.25 Gb Free Space | 0.07% Space Free | Partition Type: FAT32

Computer Name: THEARTCHIVE | User Name: Max Slobodin_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/28 08:44:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Max Slobodin_2\Desktop\OTL.exe
PRC - [2011/03/20 08:35:09 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 09:17:34 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/23 09:19:44 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/22 08:09:11 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/22 08:08:33 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/22 08:04:01 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/05/14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2008/04/17 01:28:48 | 000,818,176 | ---- | M] (Jay Elaraj) -- C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/06 04:27:18 | 000,200,704 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2006/09/28 15:21:04 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2005/09/18 18:40:42 | 001,421,824 | ---- | M] (Methlabs) -- C:\Program Files\PeerGuardian2\pg2.exe
PRC - [2005/07/15 14:48:34 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
PRC - [2005/02/16 04:48:13 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2004/09/22 20:00:00 | 000,221,191 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\mcshield.exe
PRC - [2004/09/22 20:00:00 | 000,094,208 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\shstat.exe
PRC - [2004/09/22 20:00:00 | 000,028,672 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
PRC - [2004/08/06 03:50:00 | 000,237,623 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe
PRC - [2004/08/06 03:50:00 | 000,139,320 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
PRC - [2004/08/06 03:50:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
PRC - [2004/06/30 14:33:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2003/11/18 09:31:52 | 000,241,664 | ---- | M] (Hewlett-Packard ) -- C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
PRC - [2003/08/04 17:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
PRC - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (SafeList) ==========

MOD - [2011/04/28 08:44:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Max Slobodin_2\Desktop\OTL.exe
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/07/22 08:08:33 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2004/09/22 20:00:00 | 000,221,191 | ---- | M] (Network Associates, Inc.) [Auto | Paused] -- C:\Program Files\Network Associates\VirusScan\mcshield.exe -- (McShield)
SRV - [2004/09/22 20:00:00 | 000,028,672 | ---- | M] (Network Associates, Inc.) [Auto | Running] -- C:\Program Files\Network Associates\VirusScan\vstskmgr.exe -- (McTaskManager)
SRV - [2004/08/06 03:50:00 | 000,102,463 | ---- | M] (Network Associates, Inc.) [Auto | Running] -- C:\Program Files\Network Associates\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2004/01/05 03:27:32 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2010/07/22 08:09:24 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/22 08:04:13 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/05 08:44:07 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008/03/22 17:37:20 | 000,113,896 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2007/02/15 20:56:49 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006/11/06 04:28:11 | 000,030,988 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2005/09/18 18:02:52 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/09/22 20:00:00 | 000,108,256 | ---- | M] (Network Associates, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\naiavf5x.sys -- (NaiAvFilter1)
DRV - [2004/09/22 20:00:00 | 000,008,320 | ---- | M] (Network Associates, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\entdrv51.sys -- (EntDrv51)
DRV - [2004/04/26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/12/18 02:02:00 | 000,042,092 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tiumfwl.sys -- (tiumfwl)
DRV - [2003/12/18 02:02:00 | 000,008,448 | ---- | M] (Texas Instruments Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\tiumflt.sys -- (DevUpper)
DRV - [2003/12/08 00:17:00 | 000,621,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/12/08 00:17:00 | 000,013,174 | R--- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atisgkaf.sys -- (caboagp)
DRV - [2003/12/04 08:29:58 | 000,286,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2003/10/30 09:40:56 | 001,205,324 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/10/23 11:11:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2003/10/07 23:40:00 | 000,094,601 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/08/18 08:57:52 | 000,007,080 | R--- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2003/06/06 06:46:16 | 000,005,220 | R--- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eabusb.sys -- (eabusb)
DRV - [2002/09/20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002/07/17 10:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
DRV - [2002/07/07 14:39:14 | 000,185,256 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\om518vid.sys -- (OM518P) VGA USB Camera (2120)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=14597&l=dis
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Program Files\eMusic Download Manager\xulrunner\components [2008/12/25 11:58:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Program Files\eMusic Download Manager\xulrunner\plugins [2008/12/25 11:58:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/24 09:49:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 17:45:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/24 17:45:13 | 000,000,000 | ---D | M]

[2008/06/17 15:22:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Extensions
[2011/04/27 23:39:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions
[2009/11/08 05:09:57 | 000,000,000 | ---D | M] (URL Link) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}
[2011/04/04 17:41:17 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2008/06/17 21:03:46 | 000,000,000 | ---D | M] (oldbar) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}
[2011/03/29 17:43:39 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2011/03/29 17:43:37 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010/02/14 17:19:31 | 000,000,000 | ---D | M] ("Gmail Space") -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2011/04/04 17:41:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/04/10 16:28:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/03/29 17:43:31 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2011/03/14 17:42:52 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2011/01/26 16:03:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008/11/24 19:44:25 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011/03/14 17:42:51 | 000,000,000 | ---D | M] (Menu Editor) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}
[2008/06/20 11:31:09 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\keyscrambler@qfx.software.corporation
[2010/09/01 00:10:36 | 000,000,000 | ---D | M] (Long URL Please) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\longurlplease@darragh.curran
[2009/05/25 22:09:52 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\moveplayer@movenetworks.com
[2010/09/23 09:46:36 | 000,000,000 | ---D | M] (Research Word) -- C:\Documents and Settings\Max Slobodin_2\Application Data\Mozilla\Firefox\Profiles\8zggw2dz.default\extensions\researchword@scott
[2011/04/27 18:10:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/03 11:53:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/08 16:37:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/12/03 10:37:22 | 000,000,000 | ---D | M] (eMusic - Apple iTunes Support) -- C:\PROGRAM FILES\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\DLM_ITUNES@EMUSIC.COM
[2008/12/03 10:37:22 | 000,000,000 | ---D | M] (eMusic - Nullsoft Winamp Support) -- C:\PROGRAM FILES\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\DLM_WINAMP@EMUSIC.COM
[2008/12/03 10:37:22 | 000,000,000 | ---D | M] (eMusic - Microsoft Media Player Support) -- C:\PROGRAM FILES\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\DLM_WMP@EMUSIC.COM
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2005/11/10 20:21:00 | 001,499,136 | ---- | M] (LizardTech) -- C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
[2005/10/09 13:26:12 | 000,000,614 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npdrmv2.dll
[2005/10/09 13:25:49 | 000,000,614 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npdsplay.dll
[2008/11/24 19:43:45 | 000,056,576 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2005/10/02 13:28:00 | 000,110,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2003/02/01 02:03:30 | 000,106,496 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\NPnsv_vp3_mp3.dll
[2008/12/25 11:57:36 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2005/10/09 13:26:00 | 000,000,614 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npwmsdrm.dll

O1 HOSTS File: ([2010/01/09 13:05:29 | 000,000,080 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 93.174.93.98 12chan.org img.12chan.org www.12chan.org
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! ¤u¨ã¦C) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe (Network Associates, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE (Network Associates, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe (Methlabs)
O4 - HKCU..\Run: [Taskbar Shuffle] C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe (Jay Elaraj)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\partypoker\IEExtension.dll ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Max Slobodin_2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Max Slobodin_2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {93994DE8-8239-4655-B1D1-5F4E91300429} - C:\Program Files\DVD Region+CSS Free\DVDShell.dll (Fengtao Software Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/02/14 19:59:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/03/07 15:09:10 | 000,000,000 | ---D | M] - F:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2006/11/03 12:58:30 | 000,000,038 | -H-- | M] () - F:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/12/07 21:46:08 | 000,226,708 | ---- | M] () - F:\autoport.jpg -- [ FAT32 ]
O33 - MountPoints2\{de8f5421-e408-11de-a700-00023f6d431b}\Shell - "" = AutoRun
O33 - MountPoints2\{de8f5421-e408-11de-a700-00023f6d431b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{de8f5421-e408-11de-a700-00023f6d431b}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

========== Files/Folders - Created Within 30 Days ==========

[2011/04/28 08:44:34 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Max Slobodin_2\Desktop\OTL.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/28 08:44:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Max Slobodin_2\Desktop\OTL.exe
[2011/04/28 08:25:04 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/28 06:17:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/28 03:25:02 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/27 17:43:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/27 17:43:38 | 804,311,040 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/20 19:38:56 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/04/13 18:10:50 | 074,594,563 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/04/06 23:46:24 | 000,642,070 | ---- | M] () -- C:\Documents and Settings\Max Slobodin_2\Desktop\1302063342304.png
[2011/04/01 00:27:35 | 037,668,672 | ---- | M] () -- C:\Documents and Settings\Max Slobodin_2\My Documents\li1759.rar
[2011/03/30 22:49:33 | 000,986,272 | ---- | M] () -- C:\Documents and Settings\Max Slobodin_2\Desktop\1301538976993.jpg
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/06 23:46:22 | 000,642,070 | ---- | C] () -- C:\Documents and Settings\Max Slobodin_2\Desktop\1302063342304.png
[2011/04/01 00:27:02 | 037,668,672 | ---- | C] () -- C:\Documents and Settings\Max Slobodin_2\My Documents\li1759.rar
[2011/03/30 22:49:26 | 000,986,272 | ---- | C] () -- C:\Documents and Settings\Max Slobodin_2\Desktop\1301538976993.jpg
[2009/10/21 20:23:55 | 000,236,544 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/21 20:23:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/21 20:23:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/21 20:23:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/09/22 22:59:41 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009/09/22 22:59:39 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009/03/17 23:28:04 | 000,003,720 | ---- | C] () -- C:\WINDOWS\mayacal.ini
[2008/04/18 20:22:56 | 000,000,024 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\.119889580931711767808769176
[2008/04/18 20:18:38 | 000,000,021 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\.24554863501262644635642126105
[2008/01/19 07:44:06 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008/01/19 07:44:03 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2008/01/19 07:44:03 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008/01/19 07:44:02 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2008/01/19 07:44:02 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008/01/19 07:11:38 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2007/12/26 17:30:17 | 000,000,126 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2007/12/04 14:38:12 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/12/04 14:35:32 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/11/05 01:14:33 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/11/05 01:14:32 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/09/19 20:13:10 | 000,002,440 | ---- | C] () -- C:\Documents and Settings\Max Slobodin_2\Application Data\A-OK! WoM.ini
[2007/06/12 08:05:32 | 000,003,365 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2007/06/07 08:49:42 | 000,000,266 | ---- | C] () -- C:\WINDOWS\maketorrent.ini
[2007/05/01 00:34:43 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\SPROF32.DLL
[2007/02/07 19:35:18 | 000,000,445 | ---- | C] () -- C:\WINDOWS\EntPack.dat
[2007/02/07 19:34:03 | 000,000,081 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2007/01/28 03:33:13 | 000,002,722 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Mp4 Codec.dat
[2007/01/28 03:28:19 | 000,010,841 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dMC Power Pack.dat
[2007/01/28 03:25:58 | 010,884,472 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2007/01/28 03:25:58 | 000,036,604 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Music Converter.dat
[2007/01/23 00:41:34 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/02 18:57:54 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\Max Slobodin_2\Application Data\iPod Access v2 Prefs
[2007/01/02 18:53:27 | 000,000,048 | -H-- | C] () -- C:\Documents and Settings\Max Slobodin_2\Application Data\iPodAccess_OwnerName
[2007/01/02 18:51:31 | 000,000,009 | -H-- | C] () -- C:\Documents and Settings\Max Slobodin_2\Application Data\iPodAccess_Time
[2006/08/03 23:17:59 | 000,003,688 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/08/03 18:15:07 | 000,040,960 | ---- | C] () -- C:\WINDOWS\CleanDev.exe
[2006/08/03 18:15:06 | 000,032,528 | ---- | C] () -- C:\WINDOWS\amcap.exe
[2005/11/16 11:15:04 | 000,164,112 | ---- | C] () -- C:\WINDOWS\System32\awmpi.dll
[2005/10/24 01:13:33 | 000,001,370 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/08/18 00:25:49 | 000,000,478 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/18 00:23:27 | 000,433,152 | ---- | C] () -- C:\WINDOWS\System32\aswBoot.exe
[2005/07/11 22:55:05 | 000,038,867 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2005/07/11 22:55:05 | 000,029,232 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2005/06/16 22:51:27 | 000,000,222 | ---- | C] () -- C:\WINDOWS\holdemddd.ini
[2005/05/07 14:34:59 | 000,031,369 | ---- | C] () -- C:\WINDOWS\System32\xvid-uninstall.exe
[2005/04/01 02:45:35 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Speed Video Splitter.INI
[2005/03/11 04:03:26 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll
[2005/02/24 22:03:48 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\UnInstall Elvina Akberov.exe
[2005/02/16 03:07:06 | 000,069,632 | ---- | C] () -- C:\WINDOWS\uinst001.exe
[2005/02/15 15:11:18 | 000,002,719 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/02/14 22:25:58 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005/02/14 21:18:20 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/02/14 21:18:16 | 000,107,134 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2005/02/14 21:17:47 | 000,009,549 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/02/14 21:07:05 | 000,000,897 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2005/02/14 20:48:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/02/14 20:40:00 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/02/14 20:12:39 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2005/02/14 20:01:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/02/14 19:56:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/02/14 14:30:32 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/02/14 14:29:24 | 002,313,528 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/11/23 23:19:52 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\wmatime.dll
[2004/09/01 11:49:17 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/01/05 03:27:36 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2003/12/18 02:02:00 | 000,047,517 | ---- | C] () -- C:\WINDOWS\System32\drivers\tiumfw.bin
[2003/12/08 00:17:00 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2003/12/08 00:17:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003/03/31 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/03/31 15:00:00 | 000,441,598 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/03/31 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/03/31 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/03/31 15:00:00 | 000,071,494 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/03/31 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/03/31 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/03/31 15:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/03/31 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/15 18:54:04 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/07/05 10:12:06 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\authdvd.dll
[2002/05/28 13:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 13:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1997/08/23 11:33:24 | 000,022,056 | ---- | C] () -- C:\WINDOWS\System32\tntlvr.dll

OTL.txt PART TWO

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys >
[2004/08/03 23:10:08 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\1394bus.sys
[2004/08/03 23:07:38 | 000,187,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpi.sys
[2003/03/31 15:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\acpiec.sys
[2004/04/07 08:41:38 | 000,116,176 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys
[2006/02/14 20:22:26 | 000,142,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\aec.sys
[2008/08/14 05:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\afd.sys
[2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) -- C:\WINDOWS\system32\drivers\AFS2K.SYS
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:44 | 000,044,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\agpcpq.sys
[2003/10/30 09:40:56 | 001,205,324 | R--- | M] (Agere Systems) -- C:\WINDOWS\system32\drivers\AGRSM.sys
[2004/08/03 23:07:42 | 000,042,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\alim1541.sys
[2004/08/03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\drivers\amdagp.sys
[2004/08/03 22:59:20 | 000,036,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk6.sys
[2004/08/03 22:59:22 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys
[2003/10/07 23:40:00 | 000,094,601 | R--- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\system32\drivers\Apfiltr.sys
[2004/08/03 22:58:30 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\arp1394.sys
[2002/07/17 10:05:10 | 000,016,512 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\ASPI32.SYS
[2005/07/09 05:23:39 | 000,016,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2004/08/03 23:05:04 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:29:30 | 000,056,623 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1btxx.sys
[2004/08/03 22:29:30 | 000,011,615 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys
[2004/08/03 22:29:30 | 000,012,047 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys
[2004/08/03 22:29:32 | 000,030,671 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys
[2004/08/03 22:29:32 | 000,063,663 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys
[2004/08/03 22:29:32 | 000,026,367 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys
[2004/08/03 22:29:32 | 000,021,343 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys
[2004/08/03 22:29:32 | 000,036,463 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys
[2004/08/03 22:29:32 | 000,029,455 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys
[2004/08/03 22:29:32 | 000,034,735 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys
[2004/08/03 22:29:28 | 000,327,040 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys
[2003/12/08 00:17:00 | 000,621,056 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys
[2004/08/03 22:29:28 | 000,057,856 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinbtxx.sys
[2004/08/03 22:29:30 | 000,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys
[2004/08/03 22:29:30 | 000,014,336 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys
[2004/08/03 22:29:30 | 000,052,224 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinraxx.sys
[2004/08/03 22:29:32 | 000,104,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys
[2004/08/03 22:29:32 | 000,028,672 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys
[2004/08/03 22:29:32 | 000,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinttxx.sys
[2004/08/03 22:29:32 | 000,073,216 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atintuxx.sys
[2004/08/03 22:29:32 | 000,031,744 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys
[2004/08/03 22:29:32 | 000,063,488 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys
[2003/12/08 00:17:00 | 000,013,174 | R--- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atisgkaf.SYS
[2004/08/03 22:58:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2003/03/31 15:00:00 | 000,031,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2004/08/03 22:58:36 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmlane.sys
[2003/03/31 15:00:00 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001/08/17 09:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\audstub.sys
[2010/07/22 08:04:13 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgldx86.sys
[2010/06/05 08:44:07 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgmfx86.sys
[2010/07/22 08:09:24 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\system32\drivers\avgtdix.sys
[2001/08/17 09:57:54 | 000,014,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\battc.sys
[2003/12/04 08:29:58 | 000,286,848 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS
[2004/08/03 23:10:14 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bdasup.sys
[2003/03/31 15:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\beep.sys
[2004/08/03 22:59:58 | 000,071,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bridge.sys
[2004/08/03 23:10:40 | 000,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthenum.sys
[2004/08/03 23:10:40 | 000,038,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthmodem.sys
[2004/08/03 22:58:40 | 000,100,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthpan.sys
[2008/06/13 09:10:50 | 000,272,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthport.sys
[2004/08/03 23:10:38 | 000,035,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthprint.sys
[2004/08/03 23:10:36 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthusb.sys
[2003/03/31 15:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2004/08/03 23:10:18 | 000,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ccdecode.sys
[2003/03/31 15:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2004/08/03 23:14:12 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdfs.sys
[2006/05/19 17:16:24 | 000,002,432 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys
[2006/05/19 17:16:24 | 000,002,560 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\cdralw2k.sys
[2004/08/03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdrom.sys
[2003/03/31 15:00:00 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2004/08/03 23:14:28 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\classpnp.sys
[2004/08/03 23:07:40 | 000,014,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cmbatt.sys
[2001/08/17 09:58:00 | 000,009,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\compbatt.sys
[2003/03/31 15:00:00 | 000,011,776 | ---- | M] (Compaq Computer Corporation) -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2004/08/03 22:59:22 | 000,036,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\crusoe.sys
[2004/08/03 22:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\disk.sys
[2004/08/03 22:59:54 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\diskdump.sys
[2004/08/03 23:07:18 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmboot.sys
[2004/08/03 23:07:18 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\system32\drivers\dmio.sys
[2003/03/31 15:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\system32\drivers\dmload.sys
[2004/08/03 23:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dmusic.sys
[2004/08/04 00:08:00 | 000,060,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmk.sys
[2004/08/03 23:07:58 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\drmkaud.sys
[2003/03/31 15:00:00 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxapi.sys
[2004/08/03 23:00:56 | 000,071,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxg.sys
[2003/03/31 15:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\dxgthk.sys
[2003/08/18 08:57:52 | 000,007,080 | R--- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\drivers\eabfiltr.sys
[2003/06/06 06:46:16 | 000,005,220 | R--- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\drivers\eabusb.sys
[2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys
[2007/08/07 15:48:33 | 000,025,160 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys
[2007/02/15 20:56:49 | 000,011,984 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys
[2004/09/22 20:00:00 | 000,008,320 | ---- | M] (Network Associates, Inc) -- C:\WINDOWS\system32\drivers\entdrv51.sys
[2001/08/17 09:46:40 | 000,006,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\enum1394.sys
[2004/08/03 23:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fastfat.sys
[2004/08/03 22:59:28 | 000,027,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fdc.sys
[2003/03/31 15:00:00 | 000,034,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fips.sys
[2004/08/03 22:59:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\flpydisk.sys
[2006/08/21 05:14:58 | 000,128,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fltmgr.sys
[2003/03/31 15:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys
[2003/03/31 15:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fs_rec.sys
[2003/03/31 15:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ftdisk.sys
[2004/08/03 23:07:44 | 000,046,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gagp30kx.sys
[2006/09/19 16:44:04 | 000,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
[2004/08/03 23:10:38 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidbth.sys
[2004/08/03 23:08:20 | 000,036,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidclass.sys
[2004/08/03 23:08:20 | 000,015,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidir.sys
[2004/08/03 23:08:18 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidparse.sys
[2001/08/17 14:02:20 | 000,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidusb.sys
[2004/01/05 03:27:32 | 000,051,056 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\hpzid412.sys
[2004/01/05 03:27:34 | 000,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys
[2004/01/05 03:27:34 | 000,021,488 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys
[2004/08/03 22:41:48 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
[2004/08/03 22:41:50 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys
[2004/08/03 22:41:56 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
[2009/10/20 10:58:48 | 000,263,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\http.sys
[2004/08/03 23:14:38 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2004/08/03 23:00:16 | 000,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\imapi.sys
[2004/08/03 22:59:20 | 000,036,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelppm.sys
[2004/08/03 23:00:08 | 000,029,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ip6fw.sys
[2003/03/31 15:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipfltdrv.sys
[2004/08/03 23:04:46 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipinip.sys
[2004/09/29 18:28:37 | 000,134,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipnat.sys
[2004/08/03 23:14:30 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ipsec.sys
[2004/08/03 23:00:48 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\irenum.sys
[2003/03/31 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\isapnp.sys
[2004/08/03 22:58:34 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2008/03/22 17:37:20 | 000,113,896 | ---- | M] (QFX Software Corporation) -- C:\WINDOWS\system32\drivers\keyscrambler.sys
[2006/06/14 04:47:45 | 000,172,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kmixer.sys
[2004/08/04 00:15:22 | 000,140,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ks.sys
[2009/06/22 07:34:52 | 000,092,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ksecdd.sys
[2009/09/10 14:53:50 | 000,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2009/09/10 14:54:06 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2003/03/31 15:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mcd.sys
[2004/08/03 22:41:56 | 000,011,868 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys
[2004/08/03 23:07:46 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mf.sys
[2002/09/20 11:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) -- C:\WINDOWS\system32\drivers\MidiSyn.sys
[2003/03/31 15:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mnmdd.sys
[2004/08/03 23:08:06 | 000,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\modem.sys
[2004/08/03 22:58:34 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouclass.sys
[2001/08/17 13:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mouhid.sys
[2004/08/03 22:58:32 | 000,042,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2004/08/03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mpe.sys
[2007/12/18 05:51:35 | 000,179,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxdav.sys
[2010/02/24 08:31:30 | 000,454,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2004/08/03 23:10:00 | 000,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msdv.sys
[2004/08/03 23:00:42 | 000,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msfs.sys
[2004/08/03 23:04:14 | 000,035,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msgpc.sys
[2004/08/03 22:58:42 | 000,007,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mskssrv.sys
[2004/08/03 22:58:40 | 000,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mspclock.sys
[2004/08/03 22:58:42 | 000,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mspqm.sys
[2004/08/03 23:07:48 | 000,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mssmbios.sys
[2004/08/03 22:58:40 | 000,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mstee.sys
[2004/08/03 22:41:40 | 000,126,686 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys
[2004/08/03 22:41:38 | 001,309,184 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\mtlstrm.sys
[2004/08/03 22:29:38 | 000,452,736 | ---- | M] (Matrox Graphics Inc.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys
[2004/08/03 23:15:22 | 000,107,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mup.sys
[2004/08/03 23:04:52 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mutohpen.sys
[2004/08/03 23:10:30 | 000,085,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nabtsfec.sys
[2004/09/22 20:00:00 | 000,108,256 | ---- | M] (Network Associates, Inc.) -- C:\WINDOWS\system32\drivers\naiavf5x.sys
[2004/08/03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/03 23:10:14 | 000,010,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndisip.sys
[2003/03/31 15:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys
[2004/08/03 23:03:14 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndisuio.sys
[2004/08/03 23:14:32 | 000,091,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndiswan.sys
[2003/03/31 15:00:00 | 000,038,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2004/08/03 23:03:22 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbios.sys
[2004/08/03 23:14:38 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\netbt.sys
[2004/08/03 22:58:30 | 000,061,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nic1394.sys
[2003/03/31 15:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\nikedrv.sys
[2004/08/03 22:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nmnt.sys
[2004/08/03 23:00:44 | 000,030,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\npfs.sys
[2007/02/09 07:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004/08/03 22:41:40 | 000,180,360 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys
[2003/03/31 15:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\null.sys
[2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys
[2003/03/31 15:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkflt.sys
[2003/03/31 15:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
[2004/08/03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys
[2003/03/31 15:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys
[2003/03/31 15:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys
[2004/08/03 23:10:10 | 000,061,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ohci1394.sys
[2002/07/07 14:39:14 | 000,185,256 | ---- | M] (OmniVision Technologies, Inc.) -- C:\WINDOWS\system32\drivers\om518vid.sys
[2003/03/31 15:00:00 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\oprghdlr.sys
[2002/07/07 14:39:14 | 000,024,438 | ---- | M] (OmniVision Technologies, Inc) -- C:\WINDOWS\system32\drivers\ovtcamd.sys
[2004/08/03 22:59:20 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\p3.sys
[2004/08/03 22:59:08 | 000,080,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parport.sys
[2003/03/31 15:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\partmgr.sys
[2003/03/31 15:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\parvdm.sys
[2004/08/03 23:07:48 | 000,068,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pci.sys
[2003/03/31 15:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciide.sys
[2004/08/03 22:59:42 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciidex.sys
[2004/08/03 23:07:48 | 000,119,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pcmcia.sys
[2004/08/04 00:15:50 | 000,145,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\portcls.sys
[2004/08/03 22:59:18 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\processr.sys
[2004/08/03 23:04:20 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\psched.sys
[2003/03/31 15:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys
[2009/04/28 16:20:06 | 000,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys
[2003/10/23 11:11:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\R8139n51.sys
[2003/03/31 15:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasacd.sys
[2004/08/03 23:14:24 | 000,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rasl2tp.sys
[2004/08/03 23:05:08 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspppoe.sys
[2004/08/03 23:14:28 | 000,048,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspptp.sys
[2003/03/31 15:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\raspti.sys
[2003/03/31 15:00:00 | 000,034,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rawwan.sys
[2006/05/05 05:47:57 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdbss.sys
[2003/03/31 15:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpcdd.sys
[2004/08/03 23:01:16 | 000,196,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpdr.sys
[2005/06/10 00:09:46 | 000,139,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2004/08/03 22:41:40 | 000,013,776 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\recagent.sys
[2004/08/03 22:59:38 | 000,057,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\redbook.sys
[2004/08/03 23:10:40 | 000,059,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rfcomm.sys
[2003/03/31 15:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\rio8drv.sys
[2003/03/31 15:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\system32\drivers\riodrv.sys
[2008/05/08 08:28:49 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rmcast.sys
[2004/08/03 23:04:32 | 000,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rndismp.sys
[2004/08/03 23:04:32 | 000,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rndismpx.sys
[2003/03/31 15:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys
[2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\rtl8139.sys
[2004/08/03 22:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys
[2006/11/06 04:28:11 | 000,030,988 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\system32\drivers\scdemu.sys
[2004/08/03 22:59:42 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\scsiport.sys
[2004/08/03 23:07:48 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys
[2007/11/13 06:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys
[2004/04/26 10:49:56 | 000,381,056 | ---- | M] (Sensaura) -- C:\WINDOWS\system32\drivers\senfilt.sys
[2004/08/03 22:59:08 | 000,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serenum.sys
[2004/08/03 23:15:54 | 000,064,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serial.sys
[2004/08/03 22:59:56 | 000,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffdisk.sys
[2004/08/03 22:59:56 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_sd.sys
[2004/08/03 22:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2004/08/03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisagp.sys
[2004/08/03 23:10:18 | 000,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\slip.sys
[2004/08/03 22:41:42 | 000,129,535 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slnt7554.sys
[2004/08/03 22:41:44 | 000,404,990 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slntamr.sys
[2004/08/03 22:41:46 | 000,095,424 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slnthal.sys
[2004/08/03 22:41:46 | 000,013,240 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slwdmsup.sys
[2004/08/03 23:07:38 | 000,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\smbali.sys
[2003/03/31 15:00:00 | 000,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\smclib.sys
[2004/07/08 18:24:02 | 000,267,392 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys
[2004/08/03 23:09:56 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sonydcam.sys
[2006/06/14 04:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\splitter.sys
[2004/08/03 23:06:26 | 000,073,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sr.sys
[2009/12/31 12:14:12 | 000,352,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys
[2004/12/18 21:32:32 | 000,038,229 | ---- | M] (Generic) -- C:\WINDOWS\system32\drivers\StMp3Rec.sys
[2004/08/04 00:08:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\stream.sys
[2004/08/03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\streamip.sys
[2004/08/03 22:58:42 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swenum.sys
[2001/08/17 15:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\swmidi.sys
[2004/08/03 23:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sysaudio.sys
[2004/08/03 23:00:00 | 000,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tape.sys
[2008/06/20 06:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip.sys
[2010/02/11 08:01:43 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys
[2004/08/03 23:07:50 | 000,018,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdi.sys
[2004/08/04 01:01:08 | 000,012,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2004/08/04 01:01:08 | 000,021,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2004/08/04 01:01:08 | 000,040,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\termdd.sys
[2003/12/18 02:02:00 | 000,008,448 | ---- | M] (Texas Instruments Inc.) -- C:\WINDOWS\system32\drivers\tiumflt.sys
[2003/12/18 02:02:00 | 000,042,092 | ---- | M] (Texas Instruments Inc.) -- C:\WINDOWS\system32\drivers\tiumfwl.sys
[2003/03/31 15:00:00 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tosdvd.sys
[2003/03/31 15:00:00 | 000,021,376 | ---- | M] (Toshiba Corporation) -- C:\WINDOWS\system32\drivers\tsbvcap.sys
[2004/08/03 23:03:18 | 000,012,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tunmp.sys
[2004/08/03 23:07:44 | 000,044,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\uagp35.sys
[2004/08/03 23:00:32 | 000,066,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\udfs.sys
[2007/04/23 06:32:54 | 000,364,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\update.sys
[2004/08/03 23:04:34 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023.sys
[2004/08/03 23:04:34 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023x.sys
[2004/08/03 23:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys
[2003/03/31 15:00:00 | 000,023,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd.sys
[2003/03/31 15:00:00 | 000,023,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbcamd2.sys
[2004/08/03 23:08:48 | 000,031,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbccgp.sys
[2003/03/31 15:00:00 | 000,004,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbd.sys
[2004/08/03 23:08:38 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbehci.sys
[2004/08/03 23:08:44 | 000,057,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbhub.sys
[2004/08/03 23:08:58 | 000,016,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbintel.sys
[2004/08/03 23:08:38 | 000,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbohci.sys
[2004/08/03 23:08:44 | 000,142,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbport.sys
[2004/08/03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbprint.sys
[2004/08/03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbscan.sys
[2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbstor.sys
[2004/08/03 23:10:12 | 000,078,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbvideo.sys
[2003/03/31 15:00:00 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys
[2004/08/03 23:07:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\vga.sys
[2004/08/03 23:07:44 | 000,042,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\viaagp.sys
[2004/08/03 23:07:06 | 000,079,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\videoprt.sys
[2004/08/03 23:00:18 | 000,052,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\volsnap.sys
[2004/08/03 23:04:54 | 000,013,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wacompen.sys
[2004/08/03 22:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv07nt.sys
[2004/08/03 22:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv08nt.sys
[2004/08/03 22:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv09nt.sys
[2004/08/03 22:29:42 | 000,011,935 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\wadv11nt.sys
[2004/08/03 23:04:58 | 000,034,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wanarp.sys
[2004/08/03 22:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\watv06nt.sys
[2004/08/03 22:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\watv10nt.sys
[2006/06/14 05:00:45 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdmaud.sys
[2004/08/03 23:07:42 | 000,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmiacpi.sys
[2003/03/31 15:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmilib.sys
[2006/08/24 20:26:02 | 000,038,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wpdusb.sys
[2003/03/31 15:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
[2004/08/03 23:10:22 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wstcodec.sys

< %systemroot%\system32\drivers\*.dll >
[2004/08/04 00:56:42 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2004/08/04 00:56:42 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2004/08/04 00:56:42 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2004/08/04 00:56:42 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2004/08/04 00:56:42 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2004/08/04 00:56:42 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2004/08/04 00:56:42 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2004/08/04 00:56:42 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2004/08/04 00:56:42 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2004/08/04 00:56:42 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2004/08/04 00:56:42 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2004/08/04 00:56:42 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2004/08/04 00:56:42 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004/08/04 00:56:46 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2004/08/04 00:56:48 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2005/11/27 02:08:48 | 000,004,068 | ---- | M] () -- C:\Alarmping.wav
[2005/11/25 23:12:56 | 000,009,680 | ---- | M] () -- C:\Alarmping2.wav
[2005/08/28 17:12:27 | 000,000,953 | ---- | M] () -- C:\aswBoot.log
[2005/02/14 19:59:03 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/08/28 13:50:50 | 000,000,166 | ---- | M] () -- C:\bcmwl5.log
[2006/03/11 16:01:34 | 002,825,268 | ---- | M] () -- C:\Beat2.wav
[2005/08/30 23:07:32 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2009/10/21 20:32:29 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2005/03/10 22:42:04 | 000,821,248 | ---- | M] () -- C:\clip1.mpg
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2009/10/22 00:02:38 | 000,012,375 | ---- | M] () -- C:\ComboFix.txt
[2005/02/14 19:59:03 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/06/08 07:34:19 | 000,000,368 | ---- | M] () -- C:\drmHeader.bin
[2006/03/01 03:06:16 | 000,000,081 | ---- | M] () -- C:\DVDPATH.TXT
[2001/09/05 22:00:58 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\gdiplus.dll
[2011/04/27 17:43:38 | 804,311,040 | -HS- | M] () -- C:\hiberfil.sys
[2005/02/14 19:59:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/01/23 00:47:59 | 000,001,485 | -H-- | M] () -- C:\IPH.PH
[2006/01/01 21:13:46 | 000,031,682 | ---- | M] () -- C:\Keypress.wav
[2009/01/19 21:28:52 | 000,000,017 | ---- | M] () -- C:\lost.tools
[2005/02/14 19:59:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2005/08/30 22:56:27 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2005/08/30 22:56:26 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2011/04/27 17:43:22 | 1207,959,552 | -HS- | M] () -- C:\pagefile.sys
[2010/01/22 05:12:32 | 000,000,090 | ---- | M] () -- C:\setup.log
[2005/02/14 20:47:36 | 000,031,754 | ---- | M] () -- C:\sunjava.log
[2008/05/01 23:53:11 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %PROGRAMFILES%\*. >
[2006/12/10 20:48:20 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2007/01/26 05:08:14 | 000,000,000 | ---D | M] -- C:\Program Files\AC3Filter
[2005/08/28 16:01:43 | 000,000,000 | ---D | M] -- C:\Program Files\Accessdiver
[2005/02/15 02:40:01 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/05/01 15:07:26 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2008/07/14 08:34:01 | 000,000,000 | ---D | M] -- C:\Program Files\AIM+
[2007/01/26 08:44:16 | 000,000,000 | ---D | M] -- C:\Program Files\Alt WAV MP3 WMA OGG Converter
[2005/08/18 00:23:25 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2005/02/14 20:12:40 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2008/04/11 18:25:18 | 000,000,000 | ---D | M] -- C:\Program Files\Anti Keylogger Shield
[2005/02/14 21:22:01 | 000,000,000 | ---D | M] -- C:\Program Files\AOD
[2005/02/14 20:18:53 | 000,000,000 | ---D | M] -- C:\Program Files\Apoint2K
[2007/09/17 20:38:12 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2008/11/24 19:44:25 | 000,000,000 | ---D | M] -- C:\Program Files\AskBarDis
[2005/02/14 20:34:36 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2007/01/21 00:11:04 | 000,000,000 | ---D | M] -- C:\Program Files\Audacity
[2009/10/24 03:05:11 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2005/03/10 22:47:38 | 000,000,000 | ---D | M] -- C:\Program Files\AVI MPEG ASF WMV Splitter
[2008/01/19 07:44:01 | 000,000,000 | ---D | M] -- C:\Program Files\AviSynth 2.5
[2005/02/14 21:22:01 | 000,000,000 | ---D | M] -- C:\Program Files\AWS
[2009/10/24 02:13:18 | 000,000,000 | ---D | M] -- C:\Program Files\Azureus
[2007/06/22 14:51:33 | 000,000,000 | ---D | M] -- C:\Program Files\BadBlue
[2005/07/13 15:48:56 | 000,000,000 | ---D | M] -- C:\Program Files\BitTorrent
[2009/09/22 22:25:31 | 000,000,000 | ---D | M] -- C:\Program Files\Boilsoft Video Joiner
[2006/12/06 07:02:05 | 000,000,000 | ---D | M] -- C:\Program Files\CDisplay
[2008/07/23 13:09:52 | 000,000,000 | ---D | M] -- C:\Program Files\CDisplayEx
[2009/10/24 23:33:59 | 000,000,000 | ---D | M] -- C:\Program Files\cdTree
[2008/07/23 11:54:22 | 000,000,000 | ---D | M] -- C:\Program Files\Comical
[2009/10/24 02:16:55 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2005/02/14 19:56:11 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2007/05/19 10:44:14 | 000,000,000 | ---D | M] -- C:\Program Files\DC++
[2007/12/13 17:57:55 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2008/01/19 07:11:06 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Region+CSS Free
[2008/01/19 06:55:24 | 000,000,000 | ---D | M] -- C:\Program Files\Elaborate Bytes
[2009/10/24 02:14:21 | 000,000,000 | ---D | M] -- C:\Program Files\eMule
[2008/12/03 10:37:36 | 000,000,000 | ---D | M] -- C:\Program Files\eMusic Download Manager
[2008/01/19 07:42:42 | 000,000,000 | ---D | M] -- C:\Program Files\eRightSoft
[2008/04/18 20:22:05 | 000,000,000 | ---D | M] -- C:\Program Files\Final Draft 7
[2008/04/18 20:18:07 | 000,000,000 | ---D | M] -- C:\Program Files\Final Draft Tagger
[2008/11/30 11:39:02 | 000,000,000 | ---D | M] -- C:\Program Files\FLAV
[2007/08/21 23:32:45 | 000,000,000 | ---D | M] -- C:\Program Files\FLVPlayer
[2009/05/10 23:24:48 | 000,000,000 | ---D | M] -- C:\Program Files\FormatFactory
[2008/11/24 19:44:04 | 000,000,000 | ---D | M] -- C:\Program Files\Foxit Software
[2009/08/18 02:26:41 | 000,000,000 | ---D | M] -- C:\Program Files\Free Music Zilla
[2005/06/03 12:49:01 | 000,000,000 | ---D | M] -- C:\Program Files\Fx, Sound and Magic
[2007/04/15 18:53:31 | 000,000,000 | ---D | M] -- C:\Program Files\Gabest
[2006/08/03 18:15:06 | 000,000,000 | ---D | M] -- C:\Program Files\GE
[2007/10/31 03:21:07 | 000,000,000 | ---D | M] -- C:\Program Files\GLtron
[2010/04/29 05:07:22 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2008/03/01 23:49:37 | 000,000,000 | ---D | M] -- C:\Program Files\Google Video
[2007/01/24 13:31:44 | 000,000,000 | ---D | M] -- C:\Program Files\GPL MPEG Decoder
[2005/07/11 23:07:27 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2005/02/14 21:03:48 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ
[2005/05/14 05:40:46 | 000,000,000 | ---D | M] -- C:\Program Files\ID3-TagIT 3
[2007/01/28 03:25:47 | 000,000,000 | ---D | M] -- C:\Program Files\Illustrate
[2009/10/24 02:17:09 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/06/13 03:13:48 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2005/02/14 20:39:18 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2007/03/15 01:42:47 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2007/01/02 18:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\iPod Access for Windows
[2007/03/15 01:43:01 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/08/08 16:36:43 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/01/09 22:26:48 | 000,000,000 | ---D | M] -- C:\Program Files\JDownloader
[2008/06/20 11:29:16 | 000,000,000 | ---D | M] -- C:\Program Files\KeyScrambler
[2008/10/09 17:22:13 | 000,000,000 | ---D | M] -- C:\Program Files\KRyLack Password Recovery
[2010/11/03 03:44:54 | 000,000,000 | ---D | M] -- C:\Program Files\Last.fm
[2007/04/16 18:43:58 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2006/03/08 18:34:04 | 000,000,000 | ---D | M] -- C:\Program Files\LizardTech
[2007/06/07 08:48:56 | 000,000,000 | ---D | M] -- C:\Program Files\Maketorrent 2
[2009/10/23 22:56:03 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2007/01/24 13:33:57 | 000,000,000 | ---D | M] -- C:\Program Files\Mediatwins software
[2008/07/21 08:52:02 | 000,000,000 | ---D | M] -- C:\Program Files\Medieval Software
[2008/08/17 03:04:34 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2010/03/19 00:29:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/10/18 23:46:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2005/02/14 19:59:12 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2007/10/21 21:12:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2006/10/18 23:41:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Professional Enterprise Edition 2003
[2011/04/27 17:43:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2006/10/18 23:45:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2006/10/18 23:45:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2006/10/18 23:44:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2007/02/01 02:49:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mini-stream
[2009/10/27 18:28:48 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Joiner
[2010/03/14 04:03:16 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/03/24 17:45:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2008/06/13 02:56:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2007/06/01 17:08:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mp3Tagger
[2008/09/01 19:02:13 | 000,000,000 | ---D | M] -- C:\Program Files\MS Word Split
[2010/01/31 04:31:40 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2007/10/21 21:12:09 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2005/02/14 19:55:22 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2006/11/19 04:02:38 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/08/30 03:10:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2009/10/24 02:15:38 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2005/08/30 23:00:47 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2005/08/28 17:04:14 | 000,000,000 | ---D | M] -- C:\Program Files\Network Associates
[2005/02/14 19:55:33 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/05/16 03:02:39 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/06/18 02:15:29 | 000,000,000 | ---D | M] -- C:\Program Files\PartyGaming
[2006/02/25 12:20:59 | 000,000,000 | ---D | M] -- C:\Program Files\partypoker
[2010/06/05 17:17:39 | 000,000,000 | ---D | M] -- C:\Program Files\PeerGuardian2
[2009/06/03 19:49:26 | 000,000,000 | ---D | M] -- C:\Program Files\PFPortChecker
[2006/11/26 00:27:46 | 000,000,000 | ---D | M] -- C:\Program Files\PowerISO
[2007/02/23 00:10:02 | 000,000,000 | ---D | M] -- C:\Program Files\Project64
[2007/09/17 20:41:44 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2005/02/16 04:48:12 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2010/01/31 04:31:08 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2005/08/28 17:05:19 | 000,000,000 | ---D | M] -- C:\Program Files\RUSS
[2008/01/16 04:12:14 | 000,000,000 | ---D | M] -- C:\Program Files\ScummVM
[2010/09/27 15:09:58 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2007/12/26 17:23:10 | 000,000,000 | ---D | M] -- C:\Program Files\SlySoft
[2011/02/19 03:27:37 | 000,000,000 | ---D | M] -- C:\Program Files\Soulseek
[2008/08/18 00:32:10 | 000,000,000 | ---D | M] -- C:\Program Files\SoulseekNS
[2005/08/28 16:04:32 | 000,000,000 | ---D | M] -- C:\Program Files\Speed Video Splitter
[2010/07/12 21:16:11 | 000,000,000 | ---D | M] -- C:\Program Files\Stalled Printer Repair
[2011/04/27 17:47:50 | 000,000,000 | ---D | M] -- C:\Program Files\Taskbar Shuffle
[2007/05/04 19:54:24 | 000,000,000 | ---D | M] -- C:\Program Files\Trapware Corporation
[2009/09/22 23:00:42 | 000,000,000 | ---D | M] -- C:\Program Files\Ultra Video Splitter
[2005/04/01 02:50:49 | 000,000,000 | ---D | M] -- C:\Program Files\Ultra WMV Converter
[2005/02/14 20:10:29 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/01/02 23:54:35 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2005/05/17 22:50:26 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2007/01/29 18:46:29 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2007/05/23 19:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\VirtualDub-1.6.18
[2010/03/30 22:46:18 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2006/08/11 18:32:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal Viewer
[2010/03/19 00:29:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2010/03/19 00:29:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2005/06/03 12:49:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2007/06/12 08:07:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2005/08/30 23:00:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/08/31 04:48:48 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/02/15 04:34:00 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2008/07/04 02:44:21 | 000,000,000 | ---D | M] -- C:\Program Files\WinSCP
[2005/02/14 19:59:12 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2009/02/19 14:21:09 | 000,000,000 | ---D | M] -- C:\Program Files\Xilisoft
[2007/11/05 01:14:33 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2008/05/01 23:54:01 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2005/02/14 21:04:49 | 000,000,000 | ---D | M] -- C:\Program Files\Zone.com


< MD5 for: ATAPI.SYS >
[2003/03/31 15:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2003/03/31 15:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtUninstallQ331958$\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2002/10/24 16:59:48 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=F1D915C3870E741D83B5142F3B358761 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2003/03/31 15:00:00 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004/08/04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004/08/04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\system32\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[2003/03/31 15:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2003/03/31 15:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 182 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4BF2F6B5

< End of report >

Extras.txt

OTL Extras logfile created on: 4/28/2011 8:48:47 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Max Slobodin_2\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

767.00 Mb Total Physical Memory | 557.00 Mb Available Physical Memory | 73.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 0.18 Gb Free Space | 0.24% Space Free | Partition Type: NTFS
Drive F: | 372.51 Gb Total Space | 0.25 Gb Free Space | 0.07% Space Free | Partition Type: FAT32

Computer Name: THEARTCHIVE | User Name: Max Slobodin_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cdTree] -- "C:\Program Files\cdTree\CdTreePro" /Scan %1 (VB Knowledge Solutions)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [ID3-TagIT] -- "C:\Program Files\ID3-TagIT 3\ID3-TagIT.exe" "/P=%1" ( )
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"43375:TCP" = 43375:TCP:*:Enabled:emuleTCP
"49797:UDP" = 49797:UDP:*:Enabled:emuleUDP
"32368:TCP" = 32368:TCP:*:Enabled:utorrent
"32368:UDP" = 32368:UDP:*:Enabled:utorrent
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"4560:TCP" = 4560:TCP:*:Enabled:utorr
"4800:TCP" = 4800:TCP:*:Enabled:slsk
"4800:UDP" = 4800:UDP:*:Enabled:slskudp

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\DC++\DCPlusPlus.exe" = C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++ -- ()
"C:\Program Files\BitTorrent\btdownloadgui.exe" = C:\Program Files\BitTorrent\btdownloadgui.exe:*:Enabled:btdownloadgui -- ()
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\BadBlue\PE\badblue.exe" = C:\Program Files\BadBlue\PE\badblue.exe:*:Enabled:P2P Web Server -- (Working Resources Inc.)
"C:\Program Files\Last.fm\LastFM.exe" = C:\Program Files\Last.fm\LastFM.exe:*:Enabled:Last.fm -- (Last.fm)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Documents and Settings\Max Slobodin_2\My Documents\hjoin\apollo\LM_Simulator\yaAGC\yaAGC.exe" = C:\Documents and Settings\Max Slobodin_2\My Documents\hjoin\apollo\LM_Simulator\yaAGC\yaAGC.exe:*:Enabled:yaAGC
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Free Music Zilla\FMZilla.exe" = C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla -- ()
"C:\Program Files\PFPortChecker\PFPortChecker.exe" = C:\Program Files\PFPortChecker\PFPortChecker.exe:*:Enabled:PFPortchecker by portforward.com helps check if your ports are properly forwarded. -- (portforward.com)
"C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\Soulseek\slsk.exe" = C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe" = C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre1.6.0_05\bin\java.exe" = C:\Program Files\Java\jre1.6.0_05\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Max Slobodin_2\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Documents and Settings\Max Slobodin_2\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01B51908-02EF-453B-87A9-815182E8C2F2}" = iTunes
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0FABD3D7-3036-4e78-B29D-58957ADB0A12}" = HP PSC & OfficeJet 3.5
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24C8FBF7-26C6-48ca-834B-A4E5C09E362F}" = AiO_Scan
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{300D9EF4-2721-4cb4-A6C3-FB2337CFEA2D}" = AIOMinimal
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{5DF3D1BB-894E-4DCD-8275-159AC9829B43}" = McAfee VirusScan Enterprise
"{63F2408D-A675-4d97-A256-70EACB6B9B4A}" = AiOSoftware
"{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}" = Zone Deluxe Games
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{78B50D1D-642C-4B89-BCC7-352EAE3614D7}" = iPod for Windows 2005-02-07
"{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}" = Ad-Aware SE Personal
"{78D62D17-D970-42DA-B8CF-5E5576293B33}" = Final Draft 7
"{7AD35FDD-A268-44b7-9A8E-4677020CC90B}" = 1300Tour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{97355297-21C8-40CD-96D3-48E58037A9B8}" = TI1620/1520
"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
"{980606BB-A475-4a85-A665-6E30DB2F28B3}" = 1300Trb
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A61EBA6E-B44A-48B4-B57B-0BAE80DA97CE}_is1" = Stalled Printer Repair 1.2
"{A71822CD-7F77-46a3-B761-D6BA35245E95}" = 1300
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AF226123-1A6F-4ec1-8DEF-E35E7A0D0127}" = Fax
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB83F10A-D02A-4aba-8843-ACAB50D48216}" = 1300_Help
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 4.20 C1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D186329B-1B4D-408D-ABEC-EA5CE1F182C9}" = Overland
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{E47D2974-AA5E-FlvMP3-B984-3CA48DFA2849}_is1" = FLAV FLV to MP3 Converter 2.58.15
"{E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A}" = PhotoGallery
"{E9A5B341-167D-4042-8854-46F671F94049}" = Medieval CUE Splitter
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"{FD391DC6-0714-4DE3-8661-199BD4A4703F}" = KRyLack Password Recovery
"{FF102450-55AA-4AE1-ACE4-E271E2470C83}" = hpmdtab
"7-Zip" = 7-Zip 4.42
"AC3 Decoder" = AC3 Decoder
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"AIM+" = AIM+ (remove only)
"All ATI Software" = ATI - Software Uninstall Utility
"Alt WAV MP3 WMA OGG Converter 4.4 Shareware_is1" = Alt WAV MP3 WMA OGG Converter 4.4
"AntiKeyloggerShield_is1" = Anti Keylogger Shield v2.0
"AOL Instant Messenger" = AOL Instant Messenger
"Ask Toolbar_is1" = Foxit Toolbar
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"AVG9Uninstall" = AVG Free 9.0
"AVI MPEG ASF WMV Splitter_is1" = AVI/MPEG/ASF/WMV Splitter 3.25
"BadBlue Personal Edition" = BadBlue Personal Edition 2.72
"BitTorrent" = BitTorrent 3.4.2
"Boilsoft Video Joiner_is1" = Boilsoft Video Joiner 5.32
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Driver
"CDisplay_is1" = CDisplay 1.8
"CDisplayEx_is1" = CDisplayEx 1.4
"cdTree 3 Professional Edition" = cdTree 3 Professional Edition 3.1.3 Pro
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Comical_is1" = Comical 0.8
"dBpowerAMP Mp4 Codec" = dBpowerAMP Mp4 Codec
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"DC++" = DC++ 0.674
"dMC Power Pack" = dMC Power Pack
"DVD Region+CSS Free_is1" = DVD Region+CSS Free 5.9.7.5
"Elvina Akberov Screen Saver" = Elvina Akberov Screen Saver
"eMusic Download Manager" = eMusic Download Manager 4.0.0.4
"FLVPlayer" = FLV Player 1.3.3
"FormatFactory" = FormatFactory 1.85
"Foxit Reader" = Foxit Reader
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Free Music Zilla_is1" = Free Music Zilla
"GLtron_is1" = GLtron version 0.70
"Google Video Uploader" = Google Video Uploader
"HP Photo & Imaging" = HP Image Zone 3.5
"ID3-TagIT 3_is1" = ID3-TagIT 3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"InstallShield_{78B50D1D-642C-4B89-BCC7-352EAE3614D7}" = iPod for Windows 2005-02-07
"InstallShield_{97355297-21C8-40CD-96D3-48E58037A9B8}" = PCI 1620 Cardbus Controller and Software
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"iPod Access for Windows_is1" = iPod Access for Windows v2.9.3
"JDownloader" = JDownloader
"KeyScrambler" = KeyScrambler
"LastFM_is1" = Last.fm 1.5.4.27091
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"MakeTorrent 2" = MakeTorrent v2.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mini-stream Ripper_is1" = Mini-stream Ripper 2.7.4.100 2006.10.16
"Mosaic" = NCSA Mosaic 3.0
"MovieJoiner" = Movie Joiner
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (1.5)" = Mozilla Thunderbird (1.5)
"MS Word Split (Divide, Save) Pages Into Separate~0D81E8AC_is1" = MS Word Split (Divide, Save) Pages Into Separate Files Software
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PartyPoker" = PartyPoker
"PartyPoker_is1" = PartyPoker Setup
"PeerGuardian_is1" = PeerGuardian 2.0
"PFPortChecker" = PFPortChecker 1.0.28
"PowerISO" = PowerISO
"RealPlayer 6.0" = RealPlayer
"ScummVM_is1" = ScummVM 0.10.0
"Soulseek" = SoulSeek Client 156c
"Soulseek2" = SoulSeek 157 NS 13e
"SUPER ©" = SUPER © Version 2007.bld.23 (July 4, 2007)
"Taskbar Shuffle_is1" = Taskbar Shuffle version 2.5
"Tweak UI 2.10" = Tweak UI
"Ultra Video Splitter_is1" = Ultra Video Splitter 5.4.0822
"Ultra WMV Converter_is1" = Ultra WMV Converter 1.7.0
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.1
"VobSub" = VobSub v2.23 (Remove Only)
"Who's Watching Me" = Who's Watching Me (remove only)
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Encoder 7" = Windows Media Encoder 7.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.1.4 beta
"WMFDist11" = Windows Media Format 11 runtime
"Xilisoft ISO Burner" = Xilisoft ISO Burner
"XviD MPEG4 Video Codec v1.0.3" = XviD MPEG4 Video Codec v1.0.3 (remove only)
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Yahoo! Companion" = Yahoo! ¤u¨ã¦C
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dr. DivX 2.0 OSS" = Dr. DivX 2.0 OSS
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/18/2011 3:53:10 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

Error - 4/18/2011 3:53:30 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

Error - 4/20/2011 5:55:51 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

Error - 4/20/2011 5:56:12 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

Error - 4/20/2011 5:56:32 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

Error - 4/20/2011 5:56:53 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

Error - 4/27/2011 5:45:29 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

Error - 4/27/2011 5:45:49 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

Error - 4/27/2011 5:46:32 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

Error - 4/27/2011 5:46:58 PM | Computer Name = THEARTCHIVE | Source = McLogEvent | ID = 1006
Description = Task Manager : Service Error : MID Configuration Applicator: Applying
VirusScan settings failed. (0012)

[ System Events ]
Error - 4/11/2011 5:13:34 PM | Computer Name = THEARTCHIVE | Source = Service Control Manager | ID = 7022
Description = The Network Associates McShield service hung on starting.

Error - 4/11/2011 9:45:59 PM | Computer Name = THEARTCHIVE | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC000007F'
while processing the file 'desktop.ini' on the volume 'HarddiskVolume2'. It has
stopped monitoring the volume.

Error - 4/14/2011 7:07:37 PM | Computer Name = THEARTCHIVE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 4/14/2011 7:41:50 PM | Computer Name = THEARTCHIVE | Source = Service Control Manager | ID = 7000
Description = The srenum service failed to start due to the following error: %%2

Error - 4/14/2011 7:43:11 PM | Computer Name = THEARTCHIVE | Source = Service Control Manager | ID = 7022
Description = The Network Associates McShield service hung on starting.

Error - 4/18/2011 3:53:12 PM | Computer Name = THEARTCHIVE | Source = Service Control Manager | ID = 7000
Description = The srenum service failed to start due to the following error: %%2

Error - 4/18/2011 3:54:57 PM | Computer Name = THEARTCHIVE | Source = Service Control Manager | ID = 7022
Description = The Network Associates McShield service hung on starting.

Error - 4/20/2011 5:56:33 PM | Computer Name = THEARTCHIVE | Source = Service Control Manager | ID = 7000
Description = The srenum service failed to start due to the following error: %%2

Error - 4/27/2011 5:46:34 PM | Computer Name = THEARTCHIVE | Source = Service Control Manager | ID = 7000
Description = The srenum service failed to start due to the following error: %%2

Error - 4/27/2011 5:48:25 PM | Computer Name = THEARTCHIVE | Source = Service Control Manager | ID = 7022
Description = The Network Associates McShield service hung on starting.


< End of report >

As far as I can see this log shows no evidence of active malware. We will fix some minor stuff now:

• Please run OTL.exe again
  
• Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

:files
C:\Program Files\Viewpoint

:otl
O1 - Hosts: 93.174.93.98 12chan.org img.12chan.org www.12chan.org
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

:commands
[reboot]

• Then click the Run Fix button at the top.
  
• Allow it to run. It may take some time and you may see some things happen to your desktop - this is normal.
  
• If it asks to reboot the computer, allow it to reboot.
  
• If the program freezes, and the computer fails to reboot - let me know.
  
• Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

There are some programs installed that decrease your security level, you might want to look into those.

====================

You need to install the latest version of Java. Having the latest version is important to take advantage of fixes that have eliminated security vulnerabilities.

• Go to Start > Control Panel
  
• Double-click on Add or Remove Programs
  
• Look for entries that say Java, Java RunTime Environment or J2SE.
  
• Uninstall all of them that are not named Java (TM) 6 Update 25

After doing this, you can go to java.com, click on Free Java Download and proceed from there to install the latest version of Java (currently Version 6 Update 25).

After installing Java, go to Start > Control Panel > Java to open the Java Control Panel.
Under the General tab, Temporary Internet Files click Settings, then click Delete Files.
Select both options and click OK to delete the Java cache.

====================

I see that you have a host of P2P software installed on your machine (Azureus, BitTorrent, eMule, MakeTorrent, uTorrent, maybe a couple more I don´t recognize).
While file-sharing is a useful concept, P2P programs are mostly used for shady/illegal practices like software piracy, copyright infraction and malware distribution. You really do not want to contribute to illegal activities or find yourself victim of cybercriminals using P2P for spreading of their malware. I would strongly recommend that you uninstall all P2P software, however that choice is up to you. If you choose to remove these programs, you can do so via Start >> Control Panel >> Add or Remove Programs.

====================

It appears you have Ask Toolbar installed. Practically all, if not all anti-malware sites, including GeekPolice, have Ask Toolbar flagged as untrustworthy, because it uses shady practices for distributing and installing its toolbar, see here for more info.

I therefore highly recommend you to go to Start >> Control Panel >> Add/Remove Programs and remove the following programs if present:

• AskBarDis
  
• Ask Toolbar

After that go to the C:\Program Files folder and delete the following folders, if present:

• AskBarDis
  
• Ask.com

====================

Besides the OTL scan we ran, I think it is a good idea to run a rootkit scan a well. You are recommended to temporarily disable all your security software, because they may interfere with the scan.

====================

In the following step we are going to disable any CD-emulation drivers you might be running (e.g. Daemon tools, Roxio). These drivers can be a source of problems (blue screens, false positives) for our anti-malware tools. We will not re-enable them until after we clean up your machine.

Download DeFogger by jpshortstuff from here and save it to your Desktop.

• Doubleclick DeFogger.exe to run the tool (rightclick > Run as Administrator for Windows Vista)
  
• Click the Disable button to disable your CD Emulation drivers
  
• Click Yes to continue
  
• A Finished! message will appear
  
• Click OK
  
• DeFogger will now ask to reboot the machine - click OK

If you receive an error message while running DeFogger, please post the defogger_disable log that will appear on your desktop.
Do not re-enable these drivers until otherwise instructed.

====================

Download GMER Rootkit Scanner from here and save it to your desktop.
Note that it will have a random name.

• Double click the file to run the tool. It may take a while to load.
  
• If it gives you a warning about rootkit activity and asks if you want to run a full scan, click No
  
• In the right panel, you will see several boxes that have been checked
  
• Make sure this is unchecked: Show All
  
• Make sure only your system drive (usually C:\) is checked and uncheck all other drives you might have on your system
  
• Click Scan to start the scan
  
• When it has finished, click Save and save the log as gmer.txt on your desktop
  
• If GMER reports any <--- ROOTKIT entries, don´t take any action. It could be a false positive.
  
• Click OK and quit the GMER program.
  
• Please post the contents of gmer.txt in your next reply.

Note that I have decreased www activity during the weekend. It may not be until late sunday before I get back to this thread. Do not worry - you will not be forgotten.