freezes when starts on windows screen

I think I deleted a file that had a virus. Ever since then when I turn on the comp it freezes while it is loading at the windows screen. Here is my hijack this file.


Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 10:48:36 AM, on 11/23/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127605169\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: FAXRX.lnk = C:\Program Files\Brother\Brmfl06a\FAXRX.exe
O4 - Startup: RCA Detective.lnk = C:\Documents and Settings\Owner\My Documents\RCA Detective\RCADetective.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} (CrazyTalk4 Control) - http://plug-in.reallusion.com/CrazyTalk4.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) - http://p.playfirst.com/play/game/cookingdash/CookingDashWeb.1.0.0.9.cab
O16 - DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} (CPlayFirstFitnessDasControl Object) - http://p.playfirst.com/play/game/fitness-dash/FitnessDashWeb.1.0.0.11.cab
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4EC99A0B-E57C-4FBE-B9C4-8428424FBF88} (McciUtilsSpecialFolder Class) - http://supportcenter.verizon.net/euserv/jsp/VOLAWeb.cab
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Maid Control) - http://vsp.closetmaid.com/vsp/cmaidctl_vsp.closetmaid.com_downloader.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {B7A59580-B39D-4BF9-B968-1BFA25156691} (TTS Engine Control) - http://www.reallusion.com/plug-in/rltts.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab
O16 - DPF: {C6D25826-96AE-462F-A852-BB33B882B723} (SFImageUpload1_4.ImageUpload) - http://duanereade.storefront.com/images/global/activex/SFImageUpload1_4.CAB
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livenj02.custhelp.com/8102-b424h/rnl/java/RntX.cab
O16 - DPF: {E9B80D94-D8BB-43CC-9138-75605A8D9666} (CPlayFirstWeddingDashControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.50.cab
O16 - DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} (CPlayFirstParkingDasControl Object) - http://p.playfirst.com/play/game/parking-dash/parkingdash.1.0.0.15.cab
O16 - DPF: {F89EF74A-956B-4BD3-A066-4F23DF891982} (Drag and Drop Uploader Control) - http://www.betterphoto.com/_shared/uploadImageDragDrop/DragAndDropUploader2.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe (file missing)
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

--
End of file - 11696 bytes

Sorry I forgot to add that I can use the comp in safe mode. I also did a scan with avg in safe mode here is the log.

AVG 2011 Anti-Virus command line scanner
Copyright (c) 1992 - 2010 AVG Technologies
Program version 10.0.1153, engine 10.0.424
Virus Database: Version 424/3271 2010-11-21

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested.
C:\Documents and Settings\LocalService\ntuser.dat Locked file. Not tested.
C:\Documents and Settings\LocalService\ntuser.dat.LOG Locked file. Not tested.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested.
C:\Documents and Settings\NetworkService\NTUSER.DAT Locked file. Not tested.
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Locked file. Not tested.
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested.
C:\Documents and Settings\Owner\My Documents\ePOSTG302\SNG302.NAP Corrupted executable file Object was moved to Virus Vault.
C:\Documents and Settings\Owner\ntuser.dat Locked file. Not tested.
C:\Documents and Settings\Owner\ntuser.dat.LOG Locked file. Not tested.
C:\pagefile.sys Locked file. Not tested.
C:\WINDOWS\system32\config\default Locked file. Not tested.
C:\WINDOWS\system32\config\default.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\SAM Locked file. Not tested.
C:\WINDOWS\system32\config\SAM.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\SECURITY Locked file. Not tested.
C:\WINDOWS\system32\config\SECURITY.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\software Locked file. Not tested.
C:\WINDOWS\system32\config\software.LOG Locked file. Not tested.
C:\WINDOWS\system32\config\system Locked file. Not tested.
C:\WINDOWS\system32\config\system.LOG Locked file. Not tested.

------------------------------------------------------------
Objects scanned : 927538
Found infections : 0
Found PUPs : 0
Healed infections : 0
Healed PUPs : 0
Warnings : 1
------------------------------------------------------------

Hello.

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL logfile created on: 11/23/2010 8:37:11 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

485.00 Mb Total Physical Memory | 284.00 Mb Available Physical Memory | 59.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.83 Gb Total Space | 74.35 Gb Free Space | 51.33% Space Free | Partition Type: NTFS
Drive D: | 4.20 Gb Total Space | 1.62 Gb Free Space | 38.43% Space Free | Partition Type: FAT32

Computer Name: BIBLE | User Name: Owner | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/23 20:21:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/11/23 20:21:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2002/08/29 07:00:00 | 000,106,547 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\MSSCRIPT.OCX


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\runservice.exe -- (LicCtrlService)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/11/11 07:41:55 | 003,019,352 | ---- | M] () [Auto | Stopped] -- c:\Program Files\Common Files\Akamai\netsession_win_4176eef.dll -- (Akamai)
SRV - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/06 10:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Stopped] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2005/06/08 23:32:02 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2005/04/30 17:02:26 | 000,086,016 | ---- | M] (B.H.A Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\CA500AV.SYS -- (CA500AV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\MinBULK.sys -- (CA500AI)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 02:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/07 02:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 02:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 02:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2009/09/16 09:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 09:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 09:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 09:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/01/19 02:17:38 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/01/18 21:44:46 | 000,053,248 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2005/11/17 04:42:48 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/08/17 08:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM)
DRV - [2005/08/17 08:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 08:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 08:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/05/11 00:33:12 | 000,032,256 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2004/10/20 13:39:32 | 000,040,724 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/10/18 16:05:12 | 000,042,968 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt39.sys -- (SunkFilt39)
DRV - [2004/10/15 11:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/09/24 20:14:40 | 002,276,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/06/17 17:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 17:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 17:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/03/17 17:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/15 21:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2001/08/17 23:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 23:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 23:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 23:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 23:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 22:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 22:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 22:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 22:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 22:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 22:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 22:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 22:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 22:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 22:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 15:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
DRV - [2000/07/24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://webmail.aol.com/37563/aol/en-us/Suite.aspx"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: vshareus@toolbar:1.0.0
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cb5c06b&v=6.010.006.004&i=23&tp=ab&iy=b&ychte=us&lng=en-US&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/06/28 07:33:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/10/26 08:08:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010/10/22 08:01:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/17 07:34:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/30 15:04:44 | 000,000,000 | ---D | M]

[2008/12/10 07:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/11/23 20:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions
[2008/12/10 07:27:07 | 000,000,000 | ---D | M] (Bible Blue Basic) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{0c2508e6-de4c-11db-8314-0800200c9a66}
[2010/04/28 12:45:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/10 10:54:27 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/12/10 07:26:43 | 000,000,000 | ---D | M] (Bible Fox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{646f1212-bb24-11db-8314-0800200c9a66}
[2010/06/26 08:57:41 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/09/03 15:48:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/04/10 10:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\firefox@tvunetworks.com
[2010/11/13 22:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\vshareus@toolbar
[2009/11/11 11:15:35 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\searchplugins\aol-search.xml
[2010/11/21 19:25:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/13 22:00:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/09/27 10:31:53 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2006/01/18 11:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2010/04/10 10:42:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [A Verizon App] C:\Program Files\Verizon Online\Help Support\VerizonSupport.exe (Verizon Internet Solutions)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe ()
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe ()
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Easy Dock] File not found
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127605169\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [ShowWnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKLM..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconEM.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\StartUp\FAXRX.lnk = C:\Program Files\Brother\Brmfl06a\FAXRX.exe (Brother Industries Ltd.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\StartUp\RCA Detective.lnk = C:\Documents and Settings\Owner\My Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67104767
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} http://plug-in.reallusion.com/CrazyTalk4.cab (CrazyTalk4 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} http://p.playfirst.com/play/game/cookingdash/CookingDashWeb.1.0.0.9.cab (CPlayFirstCookingDasControl Object)
O16 - DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} http://p.playfirst.com/play/game/fitness-dash/FitnessDashWeb.1.0.0.11.cab (CPlayFirstFitnessDasControl Object)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab (Reg Error: Key error.)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {4EC99A0B-E57C-4FBE-B9C4-8428424FBF88} http://supportcenter.verizon.net/euserv/jsp/VOLAWeb.cab (McciUtilsSpecialFolder Class)
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} http://mediaplayer.walmart.com/installer/install.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} http://vsp.closetmaid.com/vsp/cmaidctl_vsp.closetmaid.com_downloader.cab (Maid Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {B7A59580-B39D-4BF9-B968-1BFA25156691} http://www.reallusion.com/plug-in/rltts.cab (TTS Engine Control)
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} http://www.verizon.net/checkmypc/includes/MotivePreQual.cab (PreQualifier Class)
O16 - DPF: {C6D25826-96AE-462F-A852-BB33B882B723} http://duanereade.storefront.com/images/global/activex/SFImageUpload1_4.CAB (SFImageUpload1_4.ImageUpload)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} http://livenj02.custhelp.com/8102-b424h/rnl/java/RntX.cab (Live Collaboration)
O16 - DPF: {E9B80D94-D8BB-43CC-9138-75605A8D9666} http://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.50.cab (CPlayFirstWeddingDashControl Object)
O16 - DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} http://p.playfirst.com/play/game/parking-dash/parkingdash.1.0.0.15.cab (CPlayFirstParkingDasControl Object)
O16 - DPF: {F89EF74A-956B-4BD3-A066-4F23DF891982} http://www.betterphoto.com/_shared/uploadImageDragDrop/DragAndDropUploader2.cab (Drag and Drop Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/11 17:43:44 | 000,000,150 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O33 - MountPoints2\{6f478f8e-7818-11dc-9fbd-00038a000015}\Shell\AutoRun\command - "" = L:\system\viewer\Viewer.exe -- File not found
O33 - MountPoints2\{6f478f8e-7818-11dc-9fbd-00038a000015}\Shell\View your videos\command - "" = L:\system\viewer\Viewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/23 20:21:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/11/10 09:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SterlingMathFacts
[2010/11/02 10:40:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Yenka
[2010/11/02 10:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\Yenka
[2010/10/30 15:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/10/30 15:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/10/30 15:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/10/30 14:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/10/30 14:55:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/07/15 16:32:21 | 020,039,632 | ---- | C] (The GIMP Team ) -- C:\Program Files\gimp-2.6.10-i686-setup-1.exe
[2 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/23 20:36:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/23 20:21:55 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-4075189608-1584886648-645440501-1003.job
[2010/11/23 20:21:55 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4075189608-1584886648-645440501-1003.job
[2010/11/23 20:21:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/11/23 20:15:50 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/23 10:46:56 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\HiJackThis.lnk
[2010/11/23 09:11:11 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/21 18:28:11 | 000,012,320 | ---- | M] () -- C:\Documents and Settings\Owner\.recently-used.xbel
[2010/11/21 17:32:05 | 099,807,193 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/21 02:49:52 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\david biglots email schedule.xls
[2010/11/20 11:37:19 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/19 10:49:02 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sterling Math Facts.lnk
[2010/11/19 01:28:34 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-21 - 11-27-10.xls
[2010/11/19 01:02:26 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Template 1950.xls
[2010/11/19 00:50:39 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Scheduler 1950.xls
[2010/11/19 00:07:18 | 000,035,860 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BIG LOTS scheduler.gif
[2010/11/18 23:36:53 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-27-10 (version 1).xls
[2010/11/18 22:28:46 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-14 - 11-20-10.xls
[2010/11/18 12:30:33 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/11/18 12:30:20 | 000,005,324 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2010/11/18 08:53:10 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/13 11:33:59 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\nadineruiztestimony.doc
[2010/11/12 11:24:46 | 000,198,144 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Twin Valley 2010.doc
[2010/11/11 22:54:08 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-20-10 (version 1).xls
[2010/11/10 19:55:26 | 000,073,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2010/11/09 20:43:30 | 000,001,021 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2010/11/07 08:30:12 | 000,504,862 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/07 08:30:11 | 000,097,648 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/05 19:54:05 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-13-10 (version 1).xls
[2010/11/05 19:20:33 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-07 - 11-13-10.xls
[2010/11/01 17:51:17 | 000,187,875 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\zpWidQsl.htm.part
[2010/11/01 17:45:24 | 000,187,855 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\eZYEVqu2.htm.part
[2010/10/28 18:42:31 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 10-31 - 11-06-10.xls
[2010/10/28 18:13:24 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-6-10 (version 1).xls
[2010/10/28 07:51:05 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/27 17:56:36 | 000,049,269 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\David poster1.jpg
[2010/10/27 17:37:07 | 000,000,306 | ---- | M] () -- C:\WINDOWS\QTW.INI
[2 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/23 09:11:11 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/21 18:28:11 | 000,012,320 | ---- | C] () -- C:\Documents and Settings\Owner\.recently-used.xbel
[2010/11/21 02:49:52 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\david biglots email schedule.xls
[2010/11/19 01:00:14 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Template 1950.xls
[2010/11/19 00:13:44 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Scheduler 1950.xls
[2010/11/19 00:07:13 | 000,035,860 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BIG LOTS scheduler.gif
[2010/11/18 23:19:40 | 000,038,912 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-21 - 11-27-10.xls
[2010/11/18 19:54:56 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-27-10 (version 1).xls
[2010/11/13 11:33:58 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\nadineruiztestimony.doc
[2010/11/12 11:22:51 | 000,198,144 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Twin Valley 2010.doc
[2010/11/11 22:46:59 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-20-10 (version 1).xls
[2010/11/11 22:16:18 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-14 - 11-20-10.xls
[2010/11/11 08:02:48 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4075189608-1584886648-645440501-1003.job
[2010/11/05 19:22:18 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-13-10 (version 1).xls
[2010/11/05 19:19:31 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-07 - 11-13-10.xls
[2010/11/01 17:51:16 | 000,187,875 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\zpWidQsl.htm.part
[2010/11/01 17:45:21 | 000,187,855 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\eZYEVqu2.htm.part
[2010/10/28 18:35:40 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 10-31 - 11-06-10.xls
[2010/10/28 18:12:37 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-6-10 (version 1).xls
[2010/10/26 08:09:01 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/05/13 08:10:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat
[2010/04/29 19:37:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/12/23 22:18:29 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\housecall.guid.cache
[2009/05/18 16:52:49 | 000,000,669 | ---- | C] () -- C:\WINDOWS\SportballChallenge.ini
[2009/05/09 22:11:59 | 000,000,098 | ---- | C] () -- C:\WINDOWS\EasyRip.ini
[2008/11/17 18:50:11 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\1c64-ec47-1438-983d_6279rc
[2008/03/22 09:12:37 | 000,000,157 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2008/03/04 18:52:34 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2007/10/31 09:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/09/30 18:32:53 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/09/30 18:27:17 | 000,001,021 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007/09/30 18:27:17 | 000,000,153 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007/09/30 18:25:08 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007/09/30 18:23:01 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/05/26 09:19:22 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2007/05/17 13:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2007/05/08 19:58:07 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc
[2007/05/03 13:16:13 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\.mpid
[2006/12/20 10:00:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2006/12/20 10:00:02 | 000,000,147 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2006/12/20 10:00:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006/12/20 09:59:47 | 000,014,441 | ---- | C] () -- C:\WINDOWS\HL-5250DN.INI
[2006/12/20 09:59:12 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006/11/01 08:49:47 | 000,000,373 | ---- | C] () -- C:\WINDOWS\Film Factory Screen Saver.ini
[2006/07/18 19:23:22 | 000,002,169 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys
[2006/07/18 19:23:21 | 000,048,640 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2006/06/10 22:49:51 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2006/05/27 19:02:49 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
[2006/05/22 20:52:11 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ntl.ini
[2006/05/13 20:03:45 | 000,001,112 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ViewerApp.dat
[2006/05/06 08:00:10 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006/04/24 15:59:30 | 000,003,719 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/21 15:51:02 | 000,000,099 | ---- | C] () -- C:\WINDOWS\upst.ini
[2005/12/21 15:51:02 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/12/12 15:07:17 | 000,000,060 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/11/23 14:52:15 | 000,000,293 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2005/11/15 13:11:39 | 000,000,052 | ---- | C] () -- C:\WINDOWS\rkeeper.ini
[2005/11/15 12:52:08 | 000,094,720 | ---- | C] () -- C:\WINDOWS\System32\SH30W32.DLL
[2005/11/15 12:45:26 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005/11/13 17:50:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2005/11/04 07:46:16 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2005/10/27 08:18:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/10/20 11:13:32 | 000,000,234 | ---- | C] () -- C:\WINDOWS\KA.INI
[2005/09/04 19:15:03 | 000,314,880 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2005/09/01 11:14:48 | 000,000,206 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2005/08/10 17:21:10 | 000,001,256 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/07/02 12:23:06 | 000,000,881 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2005/06/23 14:59:37 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2005/06/17 11:23:15 | 000,017,611 | ---- | C] () -- C:\WINDOWS\MPTBox.INI
[2005/06/16 13:17:36 | 000,517,104 | ---- | C] () -- C:\WINDOWS\System32\LEAD45.DLL
[2005/06/16 13:13:12 | 000,000,009 | ---- | C] () -- C:\WINDOWS\X6470.INI
[2005/06/16 12:59:30 | 000,000,012 | ---- | C] () -- C:\WINDOWS\mcpStart.ini
[2005/06/16 12:53:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\SGEDIT.INI
[2005/06/16 11:26:58 | 000,005,324 | ---- | C] () -- C:\Documents and Settings\Owner\Application

Data\wklnhst.dat
[2005/06/16 09:02:01 | 000,000,062 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2005/06/16 09:01:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/06/12 17:26:09 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/06/11 18:31:15 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/06/10 21:53:31 | 000,200,192 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/09 23:48:57 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/06/09 17:03:37 | 000,000,045 | ---- | C] () -- C:\WINDOWS\EPSONC86.ini
[2005/06/09 17:03:15 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2005/06/08 23:52:42 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2005/06/08 23:32:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2005/06/08 23:32:21 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/06/08 23:32:03 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2005/06/08 23:32:03 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2005/06/08 23:22:41 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/08/27 05:50:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/26 11:12:43 | 000,001,222 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/26 11:12:43 | 000,000,486 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 05:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/27 07:13:02 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib_dec.dll
[2002/12/18 15:10:36 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.DLL
[2002/03/04 09:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 291 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:39964175
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\runservice.exe -- (LicCtrlService)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/11/11 07:41:55 | 003,019,352 | ---- | M] () [Auto | Stopped] -- c:\Program Files\Common Files\Akamai\netsession_win_4176eef.dll -- (Akamai)
SRV - [2010/10/11 11:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/06 10:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/09/10 00:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Stopped] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2005/06/08 23:32:02 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2005/04/30 17:02:26 | 000,086,016 | ---- | M] (B.H.A Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\CA500AV.SYS -- (CA500AV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\MinBULK.sys -- (CA500AI)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 02:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/07 02:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 02:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 02:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2009/09/16 09:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 09:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 09:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 09:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/01/19 02:17:38 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/01/18 21:44:46 | 000,053,248 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2005/11/17 04:42:48 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/08/17 08:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM)
DRV - [2005/08/17 08:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 08:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 08:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/05/11 00:33:12 | 000,032,256 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2004/10/20 13:39:32 | 000,040,724 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004/10/18 16:05:12 | 000,042,968 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt39.sys -- (SunkFilt39)
DRV - [2004/10/15 11:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/09/24 20:14:40 | 002,276,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/06/17 17:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 17:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 17:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/03/17 17:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/15 21:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2001/08/17 23:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 23:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 23:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 23:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 23:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 22:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 22:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 22:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 22:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 22:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 22:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 22:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 22:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 22:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 22:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 15:49:32 | 000,019,968 | ---- | M] (Macronix International Co., Ltd. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxnic.sys -- (mxnic)
DRV - [2000/07/24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://webmail.aol.com/37563/aol/en-us/Suite.aspx"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: vshareus@toolbar:1.0.0
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cb5c06b&v=6.010.006.004&i=23&tp=ab&iy=b&ychte=us&lng=en-US&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/06/28 07:33:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/10/26 08:08:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010/10/22 08:01:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/17 07:34:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/30 15:04:44 | 000,000,000 | ---D | M]

[2008/12/10 07:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/11/23 20:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions
[2008/12/10 07:27:07 | 000,000,000 | ---D | M] (Bible Blue Basic) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{0c2508e6-de4c-11db-8314-0800200c9a66}
[2010/04/28 12:45:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/10 10:54:27 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/12/10 07:26:43 | 000,000,000 | ---D | M] (Bible Fox) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{646f1212-bb24-11db-8314-0800200c9a66}
[2010/06/26 08:57:41 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/09/03 15:48:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/04/10 10:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\firefox@tvunetworks.com
[2010/11/13 22:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\extensions\vshareus@toolbar
[2009/11/11 11:15:35 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ee1z34lm.default\searchplugins\aol-search.xml
[2010/11/21 19:25:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/13 22:00:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/09/27 10:31:53 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2006/01/18 11:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npsnapfish.dll

O1 HOSTS File: ([2010/04/10 10:42:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [A Verizon App] C:\Program Files\Verizon Online\Help Support\VerizonSupport.exe (Verizon Internet Solutions)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe ()
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe ()
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Easy Dock] File not found
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127605169\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [ShowWnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKLM..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconEM.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\StartUp\FAXRX.lnk = C:\Program Files\Brother\Brmfl06a\FAXRX.exe (Brother Industries Ltd.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\StartUp\RCA Detective.lnk = C:\Documents and Settings\Owner\My Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67104767
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} http://plug-in.reallusion.com/CrazyTalk4.cab (CrazyTalk4 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} http://p.playfirst.com/play/game/cookingdash/CookingDashWeb.1.0.0.9.cab (CPlayFirstCookingDasControl Object)
O16 - DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} http://p.playfirst.com/play/game/fitness-dash/FitnessDashWeb.1.0.0.11.cab (CPlayFirstFitnessDasControl Object)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab (Reg Error: Key error.)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {4EC99A0B-E57C-4FBE-B9C4-8428424FBF88} http://supportcenter.verizon.net/euserv/jsp/VOLAWeb.cab (McciUtilsSpecialFolder Class)
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} http://mediaplayer.walmart.com/installer/install.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} http://vsp.closetmaid.com/vsp/cmaidctl_vsp.closetmaid.com_downloader.cab (Maid Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {B7A59580-B39D-4BF9-B968-1BFA25156691} http://www.reallusion.com/plug-in/rltts.cab (TTS Engine Control)
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} http://www.verizon.net/checkmypc/includes/MotivePreQual.cab (PreQualifier Class)
O16 - DPF: {C6D25826-96AE-462F-A852-BB33B882B723} http://duanereade.storefront.com/images/global/activex/SFImageUpload1_4.CAB (SFImageUpload1_4.ImageUpload)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} http://livenj02.custhelp.com/8102-b424h/rnl/java/RntX.cab (Live Collaboration)
O16 - DPF: {E9B80D94-D8BB-43CC-9138-75605A8D9666} http://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.50.cab (CPlayFirstWeddingDashControl Object)
O16 - DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} http://p.playfirst.com/play/game/parking-dash/parkingdash.1.0.0.15.cab (CPlayFirstParkingDasControl Object)
O16 - DPF: {F89EF74A-956B-4BD3-A066-4F23DF891982} http://www.betterphoto.com/_shared/uploadImageDragDrop/DragAndDropUploader2.cab (Drag and Drop Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/11 17:43:44 | 000,000,150 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/08 17:24:26 | 000,000,045 | -HS- | M] () - D:\autorun.inf.aug.8 -- [ FAT32 ]
O33 - MountPoints2\{6f478f8e-7818-11dc-9fbd-00038a000015}\Shell\AutoRun\command - "" = L:\system\viewer\Viewer.exe -- File not found
O33 - MountPoints2\{6f478f8e-7818-11dc-9fbd-00038a000015}\Shell\View your videos\command - "" = L:\system\viewer\Viewer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/23 20:21:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/11/10 09:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SterlingMathFacts
[2010/11/02 10:40:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Yenka
[2010/11/02 10:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\Yenka
[2010/10/30 15:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/10/30 15:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/10/30 15:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/10/30 14:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/10/30 14:55:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/07/15 16:32:21 | 020,039,632 | ---- | C] (The GIMP Team ) -- C:\Program Files\gimp-2.6.10-i686-setup-1.exe
[2 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/23 20:36:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/23 20:21:55 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-4075189608-1584886648-645440501-1003.job
[2010/11/23 20:21:55 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4075189608-1584886648-645440501-1003.job
[2010/11/23 20:21:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/11/23 20:15:50 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/23 10:46:56 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\HiJackThis.lnk
[2010/11/23 09:11:11 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/21 18:28:11 | 000,012,320 | ---- | M] () -- C:\Documents and Settings\Owner\.recently-used.xbel
[2010/11/21 17:32:05 | 099,807,193 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/21 02:49:52 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\david biglots email schedule.xls
[2010/11/20 11:37:19 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/19 10:49:02 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Sterling Math Facts.lnk
[2010/11/19 01:28:34 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-21 - 11-27-10.xls
[2010/11/19 01:02:26 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Template 1950.xls
[2010/11/19 00:50:39 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Scheduler 1950.xls
[2010/11/19 00:07:18 | 000,035,860 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BIG LOTS scheduler.gif
[2010/11/18 23:36:53 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-27-10 (version 1).xls
[2010/11/18 22:28:46 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-14 - 11-20-10.xls
[2010/11/18 12:30:33 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/11/18 12:30:20 | 000,005,324 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2010/11/18 08:53:10 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/11/13 11:33:59 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\nadineruiztestimony.doc
[2010/11/12 11:24:46 | 000,198,144 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Twin Valley 2010.doc
[2010/11/11 22:54:08 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-20-10 (version 1).xls
[2010/11/10 19:55:26 | 000,073,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2010/11/09 20:43:30 | 000,001,021 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2010/11/07 08:30:12 | 000,504,862 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/07 08:30:11 | 000,097,648 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/05 19:54:05 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-13-10 (version 1).xls
[2010/11/05 19:20:33 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-07 - 11-13-10.xls
[2010/11/01 17:51:17 | 000,187,875 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\zpWidQsl.htm.part
[2010/11/01 17:45:24 | 000,187,855 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\eZYEVqu2.htm.part
[2010/10/28 18:42:31 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 10-31 - 11-06-10.xls
[2010/10/28 18:13:24 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-6-10 (version 1).xls
[2010/10/28 07:51:05 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/27 17:56:36 | 000,049,269 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\David poster1.jpg
[2010/10/27 17:37:07 | 000,000,306 | ---- | M] () -- C:\WINDOWS\QTW.INI
[2 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/23 09:11:11 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/21 18:28:11 | 000,012,320 | ---- | C] () -- C:\Documents and Settings\Owner\.recently-used.xbel
[2010/11/21 02:49:52 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\david biglots email schedule.xls
[2010/11/19 01:00:14 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Template 1950.xls
[2010/11/19 00:13:44 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Scheduler 1950.xls
[2010/11/19 00:07:13 | 000,035,860 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BIG LOTS scheduler.gif
[2010/11/18 23:19:40 | 000,038,912 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-21 - 11-27-10.xls
[2010/11/18 19:54:56 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-27-10 (version 1).xls
[2010/11/13 11:33:58 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\nadineruiztestimony.doc
[2010/11/12 11:22:51 | 000,198,144 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Twin Valley 2010.doc
[2010/11/11 22:46:59 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-20-10 (version 1).xls
[2010/11/11 22:16:18 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-14 - 11-20-10.xls
[2010/11/11 08:02:48 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4075189608-1584886648-645440501-1003.job
[2010/11/05 19:22:18 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-13-10 (version 1).xls
[2010/11/05 19:19:31 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 11-07 - 11-13-10.xls
[2010/11/01 17:51:16 | 000,187,875 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\zpWidQsl.htm.part
[2010/11/01 17:45:21 | 000,187,855 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\eZYEVqu2.htm.part
[2010/10/28 18:35:40 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BL Mgr Sched- 10-31 - 11-06-10.xls
[2010/10/28 18:12:37 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\NEW-BIG LOTS-SCHEDULE#1950-11-6-10 (version 1).xls
[2010/10/26 08:09:01 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/05/13 08:10:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\prvlcl.dat
[2010/04/29 19:37:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/12/23 22:18:29 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\housecall.guid.cache
[2009/05/18 16:52:49 | 000,000,669 | ---- | C] () -- C:\WINDOWS\SportballChallenge.ini
[2009/05/09 22:11:59 | 000,000,098 | ---- | C] () -- C:\WINDOWS\EasyRip.ini
[2008/11/17 18:50:11 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\1c64-ec47-1438-983d_6279rc
[2008/03/22 09:12:37 | 000,000,157 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2008/03/04 18:52:34 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2007/10/31 09:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/09/30 18:32:53 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/09/30 18:27:17 | 000,001,021 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007/09/30 18:27:17 | 000,000,153 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007/09/30 18:25:08 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007/09/30 18:23:01 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/05/26 09:19:22 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2007/05/17 13:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2007/05/08 19:58:07 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc
[2007/05/03 13:16:13 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\.mpid
[2006/12/20 10:00:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2006/12/20 10:00:02 | 000,000,147 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2006/12/20 10:00:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2006/12/20 09:59:47 | 000,014,441 | ---- | C] () -- C:\WINDOWS\HL-5250DN.INI
[2006/12/20 09:59:12 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006/11/01 08:49:47 | 000,000,373 | ---- | C] () -- C:\WINDOWS\Film Factory Screen Saver.ini
[2006/07/18 19:23:22 | 000,002,169 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys
[2006/07/18 19:23:21 | 000,048,640 | ---- | C] () -- C:\WINDOWS\mmfs.dll
[2006/06/10 22:49:51 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2006/05/27 19:02:49 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
[2006/05/22 20:52:11 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ntl.ini
[2006/05/13 20:03:45 | 000,001,112 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ViewerApp.dat
[2006/05/06 08:00:10 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006/04/24 15:59:30 | 000,003,719 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/12/21 15:51:02 | 000,000,099 | ---- | C] () -- C:\WINDOWS\upst.ini
[2005/12/21 15:51:02 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/12/12 15:07:17 | 000,000,060 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/11/23 14:52:15 | 000,000,293 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2005/11/15 13:11:39 | 000,000,052 | ---- | C] () -- C:\WINDOWS\rkeeper.ini
[2005/11/15 12:52:08 | 000,094,720 | ---- | C] () -- C:\WINDOWS\System32\SH30W32.DLL
[2005/11/15 12:45:26 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005/11/13 17:50:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2005/11/04 07:46:16 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2005/10/27 08:18:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/10/20 11:13:32 | 000,000,234 | ---- | C] () -- C:\WINDOWS\KA.INI
[2005/09/04 19:15:03 | 000,314,880 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2005/09/01 11:14:48 | 000,000,206 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2005/08/10 17:21:10 | 000,001,256 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/07/02 12:23:06 | 000,000,881 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2005/06/23 14:59:37 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2005/06/17 11:23:15 | 000,017,611 | ---- | C] () -- C:\WINDOWS\MPTBox.INI
[2005/06/16 13:17:36 | 000,517,104 | ---- | C] () -- C:\WINDOWS\System32\LEAD45.DLL
[2005/06/16 13:13:12 | 000,000,009 | ---- | C] () -- C:\WINDOWS\X6470.INI
[2005/06/16 12:59:30 | 000,000,012 | ---- | C] () -- C:\WINDOWS\mcpStart.ini
[2005/06/16 12:53:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\SGEDIT.INI
[2005/06/16 11:26:58 | 000,005,324 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2005/06/16 09:02:01 | 000,000,062 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2005/06/16 09:01:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2005/06/12 17:26:09 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/06/11 18:31:15 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/06/10 21:53:31 | 000,200,192 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/09 23:48:57 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/06/09 17:03:37 | 000,000,045 | ---- | C] () -- C:\WINDOWS\EPSONC86.ini
[2005/06/09 17:03:15 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\EAL32.INI
[2005/06/08 23:52:42 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2005/06/08 23:32:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2005/06/08 23:32:21 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/06/08 23:32:03 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2005/06/08 23:32:03 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2005/06/08 23:22:41 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/08/27 05:50:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/26 11:12:43 | 000,001,222 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/26 11:12:43 | 000,000,486 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2004/08/26 05:54:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/27 07:13:02 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib_dec.dll
[2002/12/18 15:10:36 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.DLL
[2002/03/04 09:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 291 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:39964175
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C31F31E6

< End of report >

OTL Extras logfile created on: 11/23/2010 8:37:11 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

485.00 Mb Total Physical Memory | 284.00 Mb Available Physical Memory | 59.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.83 Gb Total Space | 74.35 Gb Free Space | 51.33% Space Free | Partition Type: NTFS
Drive D: | 4.20 Gb Total Space | 1.62 Gb Free Space | 38.43% Space Free | Partition Type: FAT32

Computer Name: BIBLE | User Name: Owner | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1035:TCP" = 1035:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:java -- (Sun Microsystems, Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Common Files\AOL\1127605169\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1127605169\ee\AOLServiceHost.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL -- (America Online Inc.)
"C:\Program Files\Common Files\AOL\1127605169\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1127605169\ee\aolsoftware.exe:*:Enabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\1127605169\ee\aim6.exe" = C:\Program Files\Common Files\AOL\1127605169\ee\aim6.exe:*:Enabled:AIM -- (America Online, Inc.)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Disabled:SopCast Main Application -- (www.sopcast.com)
"C:\Documents and Settings\Owner\Application Data\SopCast\adv\SopAdver.exe" = C:\Documents and Settings\Owner\Application Data\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{008EF266-872C-4D71-9D9D-C4A9B9B733D7}" = PlayLinc
"{0323CB96-221A-4042-84A3-93EDE47099FC}" = AVG 2011
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{0B59A227-CAC2-4688-8759-580B4DC5F220}" = BlackBerry Device Software v4.5.0 for the BlackBerry 8330 smartphone
"{0D048BE8-AE02-4CB5-A428-616B9848E4A7}" = BlackBerry Desktop Software 4.3
"{15CCBC5D-66A7-4131-8D36-E05F27B0E68F}" = Sibelius Scorch (ActiveX Only)
"{1A258E63-8DF5-4ADB-9832-38A0121D65EB}" = AVG 2011
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{1E85CABF-0984-482A-BF5D-E9AC4BF33694}" = Basic Facts Worksheet Factory
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25EF03E6-F17B-11D6-88EA-000476CD2443}" = Verizon Online Help & Support
"{265C893D-9D3D-4CE6-A317-9FFF1C6C9C44}" = RealProducer Basic 11
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{31C2F32D-C5DD-4583-8181-B48591CA231C}" = RapidPlayer v4.0 ActiveX Control
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AE242D6-608E-4067-8BC1-89B8A957A531}" = OverDrive Media Console
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{5AB7AA30-9A34-4FDB-B0B0-ECE134E030B0}" = Sterling Math Facts
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E4D4E0B-02F6-46C1-BAE5-1B6B2E486A7B}" = Microsoft Office Live Meeting 2007
"{71C97545-E547-4A8B-B0C8-61FF853270AC}" = PaperPort
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}" = Brother MFL-Pro Suite
"{9B687071-76A3-11D9-B807-00055DE8348F}" = VTech Laptop PC Program
"{9E5AE5C0-423C-4F4F-823B-57781C2B77F5}" = RTC Client API v1.2 Setup
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A7DB362E-16DC-4E29-8A34-E74381E00B5B}" = Adobe Shockwave Player
"{AB4862FB-0396-4E75-A523-850577EBFC73}" = Security Advisor
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BADFDEC0-0F36-4390-BF01-048179FB171B}" = Brother HL-5250DN
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4FCA2BC-AFAC-4444-9B15-DBAF914E0566}" = Switched-On Schoolhouse 2007 - Home Edition
"{C797EAF2-707A-4239-BDF3-F2672314A734}" = First Step Guide
"{C880E328-DA82-47F2-B429-3E42C73C7549}" = muvee autoProducer 6.1 Seagate Edition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D4A2EF65-9888-4EFF-8EA0-A2D2C3152A29}" = Samsung USB Driver (MCCI 4.34) WHQL v3.4
"{D95877BE-0165-42EC-B558-727F9F41372C}" = oobeFlagNetscape0
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SOSHOME22)
"{E33956B7-301C-429D-9E6C-2C12EACB8A62}" = NWZ-E340 WALKMAN Guide
"{E3EABDC7-B7A6-4269-AFB9-2A09A90E4EA0}" = Lincmediaplayer
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F87A8E11-02A4-4875-A3A5-5961081B0E4E}" = OpenOffice.org 2.4
"{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}" = ImageMixer VCD2
"{FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4}" = Byki
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = Multimedia Keyboard Driver
"3ivx D4 4.5.1 Decoder" = 3ivx D4 4.5.1 Decoder (remove only)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Akamai" = Akamai NetSession Interface
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"AVG" = AVG 2011
"BlackBerry_{0D048BE8-AE02-4CB5-A428-616B9848E4A7}" = BlackBerry Desktop Software 4.3
"Byki Express" = Byki Express
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"CombiMovie (Freeware)_is1" = CombiMovie Version 1.31
"DebugMode Wink" = DebugMode Wink
"Diner Dash Hometown Hero - Gourmet" = Diner Dash Hometown Hero - Gourmet
"Doggie Dash" = Doggie Dash
"EB88B6218325D2AB47CFFBF7170236B60A6198FF" = Windows Driver Package - Microsoft Corporation (usbvideo) Image (05/25/2007 1.0.3656.0)
"Film Factory" = Film Factory
"Free YouTube Uploader_is1" = Free YouTube Uploader version 1.4
"getPlus(R)_ocx" = getPlus(R)_ocx
"High Achiever Grammar" = High Achiever Grammar
"Homeworkhelp.com Algebra 1" = Homeworkhelp.com Algebra 1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"InterActual Player" = InterActual Player
"Lizard Safeguard - PDF Viewer_is1" = Lizard Safeguard - PDF Viewer 2.5.86
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"oggcodecs" = oggcodecs 0.71.0946
"Parking Dash" = Parking Dash (remove only)
"Photo Viewer" = Photo Viewer 2.3
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"Powerbullet Presenter free v1.35_is1" = Powerbullet Presenter
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"QuickTime32" = QuickTime for Windows (32-bit)
"RadialpointClientGateway_is1" = Verizon Servicepoint 1.5.20
"RCA Detective™_is1" = RCA Detective™ 2.0.0.99
"RCA easyRip_is1" = RCA easyRip 2.1.7.0
"RCA easyRip™_is1" = RCA easyRip™ 1.4.6.0
"RealPlayer 12.0" = RealPlayer
"ResumeMaker" = ResumeMaker
"Robinson Curriculum" = Robinson Curriculum 2.29D
"SecureRedirClient" = RUMBA SecureRedirector Client
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SopCast" = SopCast 1.1.2
"StartWrite50" = StartWrite
"Veetle TV" = Veetle TV 0.9.17
"Verizon SmartCall" = Verizon SmartCall
"VZBB" = Verizon Broadband Toolbar
"Wedding Dash" = Wedding Dash
"WIC" = Windows Imaging Component
"Wild Things! by Wild Ginger Software, Inc." = Wild Things! by Wild Ginger Software, Inc.
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.10
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yenka" = Yenka

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/15/2010 4:31:13 PM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3951, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/15/2010 4:37:15 PM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/16/2010 10:59:26 PM | Computer Name = BIBLE | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3951, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.

Error - 11/16/2010 11:07:31 PM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3951, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/17/2010 9:21:19 AM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/17/2010 9:21:22 AM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/17/2010 6:40:55 PM | Computer Name = BIBLE | Source = Application Error | ID = 1000
Description = Faulting application sonytray.exe, version 1.0.31121.1, faulting module
user32.dll, version 5.1.2600.5512, fault address 0x00014acd.

Error - 11/18/2010 11:24:44 AM | Computer Name = BIBLE | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sterlingmathfacts.exe, P2 1.1.3.0, P3 4ca31af1,
P4 system, P5 2.0.0.0, P6 4ba85929, P7 1248, P8 48, P9 system.invalidoperationexception,
P10 NIL.

Error - 11/19/2010 11:39:08 AM | Computer Name = BIBLE | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sterlingmathfacts.exe, P2 1.1.3.0, P3 4ca31af1,
P4 system, P5 2.0.0.0, P6 4ba85929, P7 1248, P8 48, P9 system.invalidoperationexception,
P10 NIL.

Error - 11/19/2010 11:41:27 AM | Computer Name = BIBLE | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sterlingmathfacts.exe, P2 1.1.3.0, P3 4ca31af1,
P4 system, P5 2.0.0.0, P6 4ba85929, P7 1248, P8 48, P9 system.invalidoperationexception,
P10 NIL.

[ System Events ]
Error - 10/4/2010 7:17:22 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/4/2010 4:59:41 PM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/5/2010 6:35:26 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/5/2010 6:36:15 AM | Computer Name = BIBLE | Source = DCOM | ID = 10010
Description = The server {F0CF7D37-4806-4F17-BE08-51C14F9C7DC5} did not register
with DCOM within the required timeout.

Error - 10/5/2010 6:43:06 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.

Error - 10/6/2010 7:18:23 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/7/2010 8:20:08 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/8/2010 8:42:17 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/9/2010 3:08:56 PM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/10/2010 7:59:58 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2


< End of report >

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1035:TCP" = 1035:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:java -- (Sun Microsystems, Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Common Files\AOL\1127605169\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1127605169\ee\AOLServiceHost.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL -- (America Online Inc.)
"C:\Program Files\Common Files\AOL\1127605169\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1127605169\ee\aolsoftware.exe:*:Enabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\1127605169\ee\aim6.exe" = C:\Program Files\Common Files\AOL\1127605169\ee\aim6.exe:*:Enabled:AIM -- (America Online, Inc.)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Disabled:SopCast Main Application -- (www.sopcast.com)
"C:\Documents and Settings\Owner\Application Data\SopCast\adv\SopAdver.exe" = C:\Documents and Settings\Owner\Application Data\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{008EF266-872C-4D71-9D9D-C4A9B9B733D7}" = PlayLinc
"{0323CB96-221A-4042-84A3-93EDE47099FC}" = AVG 2011
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{0B59A227-CAC2-4688-8759-580B4DC5F220}" = BlackBerry Device Software v4.5.0 for the BlackBerry 8330 smartphone
"{0D048BE8-AE02-4CB5-A428-616B9848E4A7}" = BlackBerry Desktop Software 4.3
"{15CCBC5D-66A7-4131-8D36-E05F27B0E68F}" = Sibelius Scorch (ActiveX Only)
"{1A258E63-8DF5-4ADB-9832-38A0121D65EB}" = AVG 2011
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{1E85CABF-0984-482A-BF5D-E9AC4BF33694}" = Basic Facts Worksheet Factory
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25EF03E6-F17B-11D6-88EA-000476CD2443}" = Verizon Online Help & Support
"{265C893D-9D3D-4CE6-A317-9FFF1C6C9C44}" = RealProducer Basic 11
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{31C2F32D-C5DD-4583-8181-B48591CA231C}" = RapidPlayer v4.0 ActiveX Control
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AE242D6-608E-4067-8BC1-89B8A957A531}" = OverDrive Media Console
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{5AB7AA30-9A34-4FDB-B0B0-ECE134E030B0}" = Sterling Math Facts
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E4D4E0B-02F6-46C1-BAE5-1B6B2E486A7B}" = Microsoft Office Live Meeting 2007
"{71C97545-E547-4A8B-B0C8-61FF853270AC}" = PaperPort
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}" = Brother MFL-Pro Suite
"{9B687071-76A3-11D9-B807-00055DE8348F}" = VTech Laptop PC Program
"{9E5AE5C0-423C-4F4F-823B-57781C2B77F5}" = RTC Client API v1.2 Setup
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A7DB362E-16DC-4E29-8A34-E74381E00B5B}" = Adobe Shockwave Player
"{AB4862FB-0396-4E75-A523-850577EBFC73}" = Security Advisor
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BADFDEC0-0F36-4390-BF01-048179FB171B}" = Brother HL-5250DN
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4FCA2BC-AFAC-4444-9B15-DBAF914E0566}" = Switched-On Schoolhouse 2007 - Home Edition
"{C797EAF2-707A-4239-BDF3-F2672314A734}" = First Step Guide
"{C880E328-DA82-47F2-B429-3E42C73C7549}" = muvee autoProducer 6.1 Seagate Edition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D4A2EF65-9888-4EFF-8EA0-A2D2C3152A29}" = Samsung USB Driver (MCCI 4.34) WHQL v3.4
"{D95877BE-0165-42EC-B558-727F9F41372C}" = oobeFlagNetscape0
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SOSHOME22)
"{E33956B7-301C-429D-9E6C-2C12EACB8A62}" = NWZ-E340 WALKMAN Guide
"{E3EABDC7-B7A6-4269-AFB9-2A09A90E4EA0}" = Lincmediaplayer
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F87A8E11-02A4-4875-A3A5-5961081B0E4E}" = OpenOffice.org 2.4
"{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}" = ImageMixer VCD2
"{FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4}" = Byki
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = Multimedia Keyboard Driver
"3ivx D4 4.5.1 Decoder" = 3ivx D4 4.5.1 Decoder (remove only)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Akamai" = Akamai NetSession Interface
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"AVG" = AVG 2011
"BlackBerry_{0D048BE8-AE02-4CB5-A428-616B9848E4A7}" = BlackBerry Desktop Software 4.3
"Byki Express" = Byki Express
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"CombiMovie (Freeware)_is1" = CombiMovie Version 1.31
"DebugMode Wink" = DebugMode Wink
"Diner Dash Hometown Hero - Gourmet" = Diner Dash Hometown Hero - Gourmet
"Doggie Dash" = Doggie Dash
"EB88B6218325D2AB47CFFBF7170236B60A6198FF" = Windows Driver Package - Microsoft Corporation (usbvideo) Image (05/25/2007 1.0.3656.0)
"Film Factory" = Film Factory
"Free YouTube Uploader_is1" = Free YouTube Uploader version 1.4
"getPlus(R)_ocx" = getPlus(R)_ocx
"High Achiever Grammar" = High Achiever Grammar
"Homeworkhelp.com Algebra 1" = Homeworkhelp.com Algebra 1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"InterActual Player" = InterActual Player
"Lizard Safeguard - PDF Viewer_is1" = Lizard Safeguard - PDF Viewer 2.5.86
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"oggcodecs" = oggcodecs 0.71.0946
"Parking Dash" = Parking Dash (remove only)
"Photo Viewer" = Photo Viewer 2.3
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"Powerbullet Presenter free v1.35_is1" = Powerbullet Presenter
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"QuickTime32" = QuickTime for Windows (32-bit)
"RadialpointClientGateway_is1" = Verizon Servicepoint 1.5.20
"RCA Detective™_is1" = RCA Detective™ 2.0.0.99
"RCA easyRip_is1" = RCA easyRip 2.1.7.0
"RCA easyRip™_is1" = RCA easyRip™ 1.4.6.0
"RealPlayer 12.0" = RealPlayer
"ResumeMaker" = ResumeMaker
"Robinson Curriculum" = Robinson Curriculum 2.29D
"SecureRedirClient" = RUMBA SecureRedirector Client
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SopCast" = SopCast 1.1.2
"StartWrite50" = StartWrite
"Veetle TV" = Veetle TV 0.9.17
"Verizon SmartCall" = Verizon SmartCall
"VZBB" = Verizon Broadband Toolbar
"Wedding Dash" = Wedding Dash
"WIC" = Windows Imaging Component
"Wild Things! by Wild Ginger Software, Inc." = Wild Things! by Wild Ginger Software, Inc.
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.10
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yenka" = Yenka

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/15/2010 4:31:13 PM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3951, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/15/2010 4:37:15 PM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/16/2010 10:59:26 PM | Computer Name = BIBLE | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3951, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.

Error - 11/16/2010 11:07:31 PM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3951, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/17/2010 9:21:19 AM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/17/2010 9:21:22 AM | Computer Name = BIBLE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/17/2010 6:40:55 PM | Computer Name = BIBLE | Source = Application Error | ID = 1000
Description = Faulting application sonytray.exe, version 1.0.31121.1, faulting module
user32.dll, version 5.1.2600.5512, fault address 0x00014acd.

Error - 11/18/2010 11:24:44 AM | Computer Name = BIBLE | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sterlingmathfacts.exe, P2 1.1.3.0, P3 4ca31af1,
P4 system, P5 2.0.0.0, P6 4ba85929, P7 1248, P8 48, P9 system.invalidoperationexception,
P10 NIL.

Error - 11/19/2010 11:39:08 AM | Computer Name = BIBLE | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sterlingmathfacts.exe, P2 1.1.3.0, P3 4ca31af1,
P4 system, P5 2.0.0.0, P6 4ba85929, P7 1248, P8 48, P9 system.invalidoperationexception,
P10 NIL.

Error - 11/19/2010 11:41:27 AM | Computer Name = BIBLE | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sterlingmathfacts.exe, P2 1.1.3.0, P3 4ca31af1,
P4 system, P5 2.0.0.0, P6 4ba85929, P7 1248, P8 48, P9 system.invalidoperationexception,
P10 NIL.

[ System Events ]
Error - 10/4/2010 7:17:22 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/4/2010 4:59:41 PM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/5/2010 6:35:26 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/5/2010 6:36:15 AM | Computer Name = BIBLE | Source = DCOM | ID = 10010
Description = The server {F0CF7D37-4806-4F17-BE08-51C14F9C7DC5} did not register
with DCOM within the required timeout.

Error - 10/5/2010 6:43:06 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.

Error - 10/6/2010 7:18:23 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/7/2010 8:20:08 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/8/2010 8:42:17 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/9/2010 3:08:56 PM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2

Error - 10/10/2010 7:59:58 AM | Computer Name = BIBLE | Source = Service Control Manager | ID = 7000
Description = The LicCtrl Service service failed to start due to the following error:
%%2


< End of report >

Hello.

• Download combofix from here
  Link 1
  Link 2
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

I cant seem to disable avg. I even tried uninstalling it but when i run combofix it says that avg is still installed.

I can only log into my comp using safe-mode, if this helps

I scanned the comp with malwarebytes'and it didnt find anything here is the log.

Malwarebytes' Anti-Malware 1.42
Database version: 3289
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

11/26/2010 10:57:37 AM
mbam-log-2010-11-26 (10-57-37).txt

Scan type: Quick Scan
Objects scanned: 117884
Time elapsed: 4 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I tried running combofix in safe mode again, it told me that there was a newer version of combofix available, if I wanted to install the newer version. I said yes so now when i went to run combofix no waring about avg running came up. Should I go ahead and run combofix, I dont want to mess up the comp as it stated if combofix runs with avg running.

Combofix still gives me a warning about avg...please advise...

Hello.
Please uninstall AVG if needed, then run Combofix.

After I uninstalled avg it asked to restart the comp which is what I did But of course it froze on the windows screen so I am guessing that it didn't get to reload, So now in safe mode I do not seem to find avg on my comp but combofix says that it is still running....please advise

Hello.

Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan.

Post the new log when done.

I clicked the update tab and it asked me to restart the comp in order to update. The problem is that my comp does not start. when I turn it on it freezes will its loading on the windows screen. This is what happened with removing avg. it asked to reboot the comp but it never rebooted. I went ahead and ran malwarebytes anyway will post the log when it is done scanning....

Here is the new mbam file

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

11/27/2010 9:15:46 PM
mbam-log-2010-11-27 (21-15-46).txt

Scan type: Quick scan
Objects scanned: 129835
Time elapsed: 6 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\cmaidctlapp.maidctrl.1 (Adware.ClosetMaid) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\SCRRUN.DLL (Malware.Packer.Gen) -> No action taken.

I went ahead and had mbam fix it here is the new file


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5205

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

11/28/2010 10:07:09 AM
mbam-log-2010-11-28 (10-07-09).txt

Scan type: Quick scan
Objects scanned: 156640
Time elapsed: 6 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\cmaidctlapp.maidctrl.1 (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\SCRRUN.DLL (Malware.Packer.Gen) -> Quarantined and deleted successfully.

Hello

Please download TDSSKiller from here and save it to your Desktop.

• Doubleclick TDSSKiller.exe to run the tool
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply
  

Note:It will also create a log in the C:\ directory.

It said that no threats were found... here is the log

2010/11/28 19:51:21.0687 TDSS rootkit removing tool 2.4.9.0 Nov 26 2010 15:38:31
2010/11/28 19:51:21.0687 ================================================================================
2010/11/28 19:51:21.0687 SystemInfo:
2010/11/28 19:51:21.0687
2010/11/28 19:51:21.0687 OS Version: 5.1.2600 ServicePack: 3.0
2010/11/28 19:51:21.0687 Product type: Workstation
2010/11/28 19:51:21.0687 ComputerName: BIBLE
2010/11/28 19:51:21.0687 UserName: Owner
2010/11/28 19:51:21.0687 Windows directory: C:\WINDOWS
2010/11/28 19:51:21.0687 System windows directory: C:\WINDOWS
2010/11/28 19:51:21.0687 Processor architecture: Intel x86
2010/11/28 19:51:21.0687 Number of processors: 1
2010/11/28 19:51:21.0687 Page size: 0x1000
2010/11/28 19:51:21.0687 Boot type: Safe boot with network
2010/11/28 19:51:21.0687 ================================================================================
2010/11/28 19:51:22.0046 Initialize success
2010/11/28 19:51:29.0562 ================================================================================
2010/11/28 19:51:29.0562 Scan started
2010/11/28 19:51:29.0562 Mode: Manual;
2010/11/28 19:51:29.0562 ================================================================================
2010/11/28 19:51:32.0343 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2010/11/28 19:51:32.0421 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/11/28 19:51:32.0750 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/11/28 19:51:32.0796 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2010/11/28 19:51:32.0875 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/11/28 19:51:32.0968 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/11/28 19:51:33.0015 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/11/28 19:51:33.0062 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2010/11/28 19:51:33.0109 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2010/11/28 19:51:33.0156 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2010/11/28 19:51:33.0187 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2010/11/28 19:51:33.0250 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2010/11/28 19:51:33.0296 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2010/11/28 19:51:33.0343 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2010/11/28 19:51:33.0390 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2010/11/28 19:51:33.0468 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/11/28 19:51:33.0484 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2010/11/28 19:51:33.0531 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2010/11/28 19:51:33.0578 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2010/11/28 19:51:33.0671 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/11/28 19:51:33.0734 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/11/28 19:51:33.0843 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/11/28 19:51:33.0906 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/11/28 19:51:33.0984 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/11/28 19:51:34.0125 BrPar (2fe6d5be0629f706197b30c0aa05de30) C:\WINDOWS\System32\drivers\BrPar.sys
2010/11/28 19:51:34.0203 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
2010/11/28 19:51:34.0250 BrSerIf (d48c13f4a409aee8dafaddac81e34557) C:\WINDOWS\system32\Drivers\BrSerIf.sys
2010/11/28 19:51:34.0296 BrUsbSer (8fa0ac830a8312912a3aa0c0431cba0d) C:\WINDOWS\system32\Drivers\BrUsbSer.sys
2010/11/28 19:51:34.0421 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2010/11/28 19:51:34.0453 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/11/28 19:51:34.0500 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/11/28 19:51:34.0531 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2010/11/28 19:51:34.0593 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/11/28 19:51:34.0625 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/11/28 19:51:34.0718 cdrbsdrv (248349293ca42ee5db61dc1fd85a2f49) C:\WINDOWS\system32\drivers\cdrbsdrv.sys
2010/11/28 19:51:34.0781 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/11/28 19:51:34.0906 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2010/11/28 19:51:34.0984 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2010/11/28 19:51:35.0031 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2010/11/28 19:51:35.0093 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2010/11/28 19:51:35.0156 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/11/28 19:51:35.0250 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/11/28 19:51:35.0375 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/11/28 19:51:35.0453 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/11/28 19:51:35.0531 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/11/28 19:51:35.0625 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2010/11/28 19:51:35.0671 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/11/28 19:51:35.0750 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/11/28 19:51:35.0843 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/11/28 19:51:35.0921 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/11/28 19:51:35.0984 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/11/28 19:51:36.0046 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/11/28 19:51:36.0125 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/11/28 19:51:36.0218 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/11/28 19:51:36.0265 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/11/28 19:51:36.0359 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/11/28 19:51:36.0406 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/11/28 19:51:36.0484 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
2010/11/28 19:51:36.0562 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/11/28 19:51:36.0656 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/11/28 19:51:36.0734 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2010/11/28 19:51:36.0812 HSFHWBS2 (33dfc0afa95f9a2c753ff2adb7d4a21f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2010/11/28 19:51:36.0921 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2010/11/28 19:51:37.0046 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/11/28 19:51:37.0171 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/11/28 19:51:37.0218 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2010/11/28 19:51:37.0281 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/11/28 19:51:37.0406 ialm (0acebb31989cbf9a5663fe4a33d28d21) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2010/11/28 19:51:37.0500 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/11/28 19:51:37.0578 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2010/11/28 19:51:37.0718 IntcAzAudAddService (c60b77a9eac40774556201a736e050a8) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/11/28 19:51:37.0828 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/11/28 19:51:37.0906 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/11/28 19:51:37.0984 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/11/28 19:51:38.0046 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/11/28 19:51:38.0109 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/11/28 19:51:38.0156 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/11/28 19:51:38.0234 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/11/28 19:51:38.0312 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/11/28 19:51:38.0375 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/11/28 19:51:38.0406 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/11/28 19:51:38.0468 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/11/28 19:51:38.0562 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/11/28 19:51:38.0765 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/11/28 19:51:38.0843 mfeavfk (bafdd5e28baea99d7f4772af2f5ec7ee) C:\WINDOWS\system32\drivers\mfeavfk.sys
2010/11/28 19:51:38.0890 mfebopk (1d003e3056a43d881597d6763e83b943) C:\WINDOWS\system32\drivers\mfebopk.sys
2010/11/28 19:51:38.0968 mfehidk (3f138a1c8a0659f329f242d1e389b2cf) C:\WINDOWS\system32\drivers\mfehidk.sys
2010/11/28 19:51:39.0046 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
2010/11/28 19:51:39.0109 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
2010/11/28 19:51:39.0218 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/11/28 19:51:39.0312 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/11/28 19:51:39.0359 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/11/28 19:51:39.0453 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/11/28 19:51:39.0500 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2010/11/28 19:51:39.0546 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/11/28 19:51:39.0640 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/11/28 19:51:39.0781 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/11/28 19:51:39.0859 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/11/28 19:51:39.0906 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/11/28 19:51:39.0937 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/11/28 19:51:40.0000 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/11/28 19:51:40.0078 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/11/28 19:51:40.0125 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/11/28 19:51:40.0187 mxnic (e1cdf20697d992cf83ff86dd04df1285) C:\WINDOWS\system32\DRIVERS\mxnic.sys
2010/11/28 19:51:40.0234 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/11/28 19:51:40.0296 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/11/28 19:51:40.0359 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/11/28 19:51:40.0406 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/11/28 19:51:40.0468 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/11/28 19:51:40.0515 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/11/28 19:51:40.0562 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/11/28 19:51:40.0609 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/11/28 19:51:40.0671 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/11/28 19:51:40.0812 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/11/28 19:51:40.0890 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/11/28 19:51:40.0953 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/11/28 19:51:41.0062 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/11/28 19:51:41.0187 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/11/28 19:51:41.0359 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/11/28 19:51:41.0406 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/11/28 19:51:41.0468 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/11/28 19:51:41.0546 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
2010/11/28 19:51:41.0593 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/11/28 19:51:41.0640 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/11/28 19:51:41.0687 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/11/28 19:51:41.0765 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/11/28 19:51:41.0875 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/11/28 19:51:41.0937 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/11/28 19:51:42.0125 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2010/11/28 19:51:42.0171 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2010/11/28 19:51:42.0296 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/11/28 19:51:42.0375 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/11/28 19:51:42.0421 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/11/28 19:51:42.0500 PxHelp20 (81088114178112618b1c414a65e50f7c) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2010/11/28 19:51:42.0546 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2010/11/28 19:51:42.0562 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2010/11/28 19:51:42.0609 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2010/11/28 19:51:42.0656 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2010/11/28 19:51:42.0687 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2010/11/28 19:51:42.0765 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/11/28 19:51:42.0843 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/11/28 19:51:42.0890 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/11/28 19:51:42.0937 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/11/28 19:51:42.0984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/11/28 19:51:43.0015 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/11/28 19:51:43.0093 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/11/28 19:51:43.0187 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/11/28 19:51:43.0281 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/11/28 19:51:43.0375 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\WINDOWS\system32\Drivers\RimUsb.sys
2010/11/28 19:51:43.0453 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2010/11/28 19:51:43.0500 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2010/11/28 19:51:43.0671 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/11/28 19:51:43.0765 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/11/28 19:51:43.0828 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/11/28 19:51:43.0953 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/11/28 19:51:44.0109 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2010/11/28 19:51:44.0171 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/11/28 19:51:44.0296 sonypvs1 (dfadfc2c86662f40759bf02add27d569) C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
2010/11/28 19:51:44.0375 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2010/11/28 19:51:44.0421 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2010/11/28 19:51:44.0500 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/11/28 19:51:44.0562 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/11/28 19:51:44.0656 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/11/28 19:51:44.0718 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
2010/11/28 19:51:44.0796 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
2010/11/28 19:51:44.0859 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
2010/11/28 19:51:44.0921 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\WINDOWS\system32\DRIVERS\sscdserd.sys
2010/11/28 19:51:45.0000 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/11/28 19:51:45.0078 SunkFilt (9152dc78005a58a17e79390aa0853bb1) C:\WINDOWS\System32\Drivers\sunkfilt.sys
2010/11/28 19:51:45.0140 SunkFilt39 (ed67900e1553b2fc56daa64aab4b304f) C:\WINDOWS\System32\Drivers\sunkfilt39.sys
2010/11/28 19:51:45.0281 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/11/28 19:51:45.0343 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/11/28 19:51:45.0453 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2010/11/28 19:51:45.0500 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2010/11/28 19:51:45.0546 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2010/11/28 19:51:45.0593 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2010/11/28 19:51:45.0640 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/11/28 19:51:45.0703 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/11/28 19:51:45.0796 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/11/28 19:51:45.0859 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/11/28 19:51:45.0921 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/11/28 19:51:45.0984 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2010/11/28 19:51:46.0078 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/11/28 19:51:46.0125 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2010/11/28 19:51:46.0203 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/11/28 19:51:46.0296 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/11/28 19:51:46.0359 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/11/28 19:51:46.0421 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/11/28 19:51:46.0468 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/11/28 19:51:46.0500 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/11/28 19:51:46.0531 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/11/28 19:51:46.0593 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/11/28 19:51:46.0640 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
2010/11/28 19:51:46.0703 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/11/28 19:51:46.0734 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2010/11/28 19:51:46.0781 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2010/11/28 19:51:46.0812 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/11/28 19:51:46.0921 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/11/28 19:51:47.0000 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2010/11/28 19:51:47.0093 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/11/28 19:51:47.0218 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2010/11/28 19:51:47.0453 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2010/11/28 19:51:47.0546 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/11/28 19:51:47.0625 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/11/28 19:51:47.0671 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/11/28 19:51:47.0765 WUSB54GPV4SRV (70aeec67e87a2002e6b2cc353d56e222) C:\WINDOWS\system32\DRIVERS\rt2500usb.sys
2010/11/28 19:51:47.0953 ================================================================================
2010/11/28 19:51:47.0953 Scan finished
2010/11/28 19:51:47.0953 ================================================================================

Hello.
Still having problems? Aside from your bad hardware that could use upgrading.

yes I am...it still freezes when i turn it on..i can only use the comp on safe mode..when i turn it on it freezes on the screen that says windows.. i hope you are understanding me...

Yeah.
The freezing is more than likely caused by the hardware issue, you have very little RAM to be able to run nowadays software on this machine.

If you consider a hardware upgrade, that should put everything right.

OK, then my question would be why is it possible for me to run the machine on safe mode and why did this happen over night. One day my machine was fine and the next day it no longer works????????

It's more than likely caused by just temp files, day after day more and more temp files build up, and with the lack of hardware you have, it can have a really bad effect.

Is there a way in safemode to delete these temp files to see if this will fix the problem?

It's not all temp files though, it's down to HDD management, how well you look after your HDD.

besides buying new comp how can I fix his one?

Hello.
Please give this thread a read and do some of the things shown here.
http://www.pchelpforum.com/new-hijackthis-logs/77549-pc-runs-slow-may-not-malware-related.html

Like I said, better hardware and HDD Management is the key now. Try some of the above and let me know if there is any difference.

Thank you I will try those things

Thank you so much for your help. I went ahead and did a system restore
(factory) comp is working fine now, now all i need to do is to update all the important programs. This will hold me off till I buy a new comp. Of course now I have to fix this laptop. i think my next computer will be a mac these viruses are insane.