Logfile of random's system information tool 1.06 (written by random/random)
Run by user at 2009-07-26 04:06:03
Microsoft Windows XP Professional Service Pack 2
System drive C: has 39 GB (51%) free of 76 GB
Total RAM: 751 MB (4% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:07:04 AM, on 7/26/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\csrcs.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\Maxis Broadband\Maxis Broadband.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\PersonalAV\pav.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: (no name) - {A77D3539-581D-450C-9E44-A84C415A6172} - C:\WINDOWS\system32\msxmlm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\.MS32DLL.dll.vbs
O4 - HKLM\..\Run: [winboot] wscript.exe /E:vbs C:\WINDOWS\boot.ini
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [PersonalAV] C:\Program Files\PersonalAV\pav.exe
O4 - HKLM\..\Run: [MSDRV] NetFilter.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{B11FC9E0-176F-4952-9A1C-5B35088C1A95}: NameServer = 58.71.136.10 58.71.132.10
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: wbsys.dll c:\progra~1\bandoo\bndhook.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
End of file - 13914 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-606747145-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-606747145-839522115-1003UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{8B3571F5-AD92-404B-A6F7-DC23DDA369F2}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-09-22 66888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-03-14 908528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-06 279944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-11 1443112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-07-25 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll [2008-09-02 398776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-07-19 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-14 1004800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A77D3539-581D-450C-9E44-A84C415A6172}]
C:\WINDOWS\system32\msxmlm.dll [2009-07-26 379392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-07-13 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-17 669168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-07-13 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-19 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-19 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
BandooIEPlugin Class - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll [2009-06-17 1858496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2009-03-14 165616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-09-22 161096]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-06 279944]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-14 1004800]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-03-14 908528]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-07-13 259696]
{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - BearShare MediaBar - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll [2008-09-02 529848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"AudioDeck"=C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2005-09-06 450560]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-04 1848648]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-02-20 741376]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-07-13 1948440]
"MS32DLL"=C:\WINDOWS\.MS32DLL.dll.vbs []
"winboot"=wscript.exe /E:vbs C:\WINDOWS\boot.ini []
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-02 37888]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-19 136600]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]
"PersonalAV"=C:\Program Files\PersonalAV\pav.exe [2009-07-26 1896448]
"MSDRV"=C:\WINDOWS\system32\NetFilter.exe [2009-07-25 118784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"csrcs"=C:\WINDOWS\system32\csrcs.exe [2004-08-04 798462]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"STYLEXP"=C:\Program Files\TGTSoft\StyleXP\StyleXP.exe [2006-05-25 1372160]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"Google Update"=C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-13 133104]
"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-05-26 4351216]
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-13 68856]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2008-07-22 2772992]
"Uniblue RegistryBooster 2009"=C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-08-11 21741864]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll c:\progra~1\bandoo\bndhook.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-13 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=01000000
"NoRun"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\EA SPORTS\FIFA Online 2\FF2Client.exe"="C:\Program Files\EA SPORTS\FIFA Online 2\FF2Client.exe:*:Enabled:FIFA ONLINE"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05467155-7422-11de-87c0-001109d31c0c}]
shell\autopLay\command - E:\huxo.pif
shell\AutoRun\command - E:\huxo.pif
shell\exPlore\command - E:\huxo.pif
shell\oPen\command - E:\huxo.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05467156-7422-11de-87c0-001109d31c0c}]
shell\AutoRun\command - E:\usgerq.exe
shell\explore\command - E:\usgerq.exe
shell\open\command - E:\usgerq.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{116688c1-706b-11de-87b3-001109d31c0c}]
shell\AutoRun\command - F:\ksljqc.exe
shell\explore\command - F:\ksljqc.exe
shell\open\command - F:\ksljqc.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c67ccb8-4f5c-11de-8735-001109d31c0c}]
shell\AutoRun\command - E:\wzedms.exe
shell\explore\command - E:\wzedms.exe
shell\open\command - E:\wzedms.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c67ccbc-4f5c-11de-8735-001109d31c0c}]
shell\AutoRun\command - E:\ksljqc.exe
shell\explore\command - E:\ksljqc.exe
shell\open\command - E:\ksljqc.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c67ccf5-4f5c-11de-8735-001109d31c0c}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d4e3734-6e2f-11de-87a2-001109d31c0c}]
shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d4e3737-6e2f-11de-87a2-001109d31c0c}]
shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f01b770-5026-11de-873d-001109d31c0c}]
shell\AutoRun\command - E:\ksljqc.exe
shell\explore\command - E:\ksljqc.exe
shell\open\command - E:\ksljqc.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b30b6b0-6f8b-11de-87a9-001109d31c0c}]
shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b30b6b1-6f8b-11de-87a9-001109d31c0c}]
shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{654d92de-78cc-11de-87d2-001109d31c0c}]
shell\AutoRun\command - H:\usgerq.exe
shell\explore\command - H:\usgerq.exe
shell\open\command - H:\usgerq.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8682c81a-6f97-11de-87ac-001109d31c0c}]
shell\AutoRun\command - E:\usgerq.exe
shell\explore\command - E:\usgerq.exe
shell\open\command - E:\usgerq.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{997f0a5e-5a53-11de-8763-001109d31c0c}]
shell\AutoRun\command - E:\wzedms.exe
shell\explore\command - E:\wzedms.exe
shell\open\command - E:\wzedms.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1f1d722-7479-11de-87c2-001109d31c0c}]
shell\AutoRun\command - E:\ueunoe.exe
shell\explore\command - E:\ueunoe.exe
shell\open\command - E:\ueunoe.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e68e0ed2-6f87-11de-87a7-001109d31c0c}]
shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e68e0ed3-6f87-11de-87a7-001109d31c0c}]
shell\AutoRun\command - E:\AutoRun.exe
======List of files/folders created in the last 1 months======
2009-07-26 04:06:14 ----D---- C:\Program Files\trend micro
2009-07-26 04:06:03 ----D---- C:\rsit
2009-07-26 03:44:48 ----A---- C:\WINDOWS\system32\ndisapi.dll
2009-07-26 03:44:47 ----A---- C:\WINDOWS\system32\NetFilter.exe
2009-07-26 03:44:17 ----A---- C:\WINDOWS\system32\msxmlm.dll
2009-07-26 03:43:58 ----D---- C:\Program Files\Common Files\Uninstall
2009-07-26 03:43:01 ----D---- C:\Program Files\PersonalAV
2009-07-25 11:37:51 ----D---- C:\Documents and Settings\user\Application Data\Bandoo
2009-07-25 11:37:14 ----D---- C:\Documents and Settings\All Users\Application Data\Bandoo
2009-07-25 11:36:29 ----D---- C:\Program Files\Bandoo
2009-07-23 18:35:43 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-07-23 18:35:43 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-07-23 18:35:43 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-07-23 18:35:43 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-07-23 17:51:10 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll
2009-07-23 17:51:10 ----RA---- C:\WINDOWS\system32\lvcoinst.ini
2009-07-23 17:51:10 ----RA---- C:\WINDOWS\system32\lvci1110.dll
2009-07-23 17:51:09 ----RA---- C:\WINDOWS\system32\LVUI2.dll
2009-07-23 17:51:09 ----RA---- C:\WINDOWS\system32\lvcodec2.dll
2009-07-23 17:51:05 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-07-23 17:49:24 ----R---- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2009-07-23 17:43:38 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2009-07-23 17:43:28 ----D---- C:\Program Files\Logitech
2009-07-23 17:43:28 ----D---- C:\Program Files\Common Files\LogiShrd
2009-07-23 17:40:19 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2009-07-23 08:01:59 ----A---- C:\WINDOWS\system32\rqssdftem.exe
2009-07-22 23:29:25 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-07-21 23:25:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-07-21 23:25:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-07-21 23:25:37 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-07-21 23:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-07-21 23:25:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-07-21 23:25:14 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-07-21 23:24:42 ----D---- C:\WINDOWS\ie8updates
2009-07-21 23:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-07-21 23:24:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-21 23:23:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-07-21 23:23:42 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-07-21 23:23:35 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-07-21 23:23:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-07-21 23:23:19 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-07-21 23:23:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-07-21 23:22:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-07-21 23:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-07-21 23:22:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-07-21 23:21:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-07-21 23:21:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-07-21 23:21:25 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-07-21 23:21:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-07-21 23:21:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-07-21 23:20:56 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-07-21 23:20:49 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2009-07-21 23:20:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-07-21 23:20:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-07-21 23:20:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-07-21 23:20:19 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-21 23:20:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-07-21 23:20:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-07-21 23:20:00 ----D---- C:\Program Files\MSXML 4.0
2009-07-21 23:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-07-21 19:37:18 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-07-21 19:19:49 ----D---- C:\Program Files\Common Files\Real
2009-07-21 19:19:11 ----D---- C:\Program Files\Real
2009-07-21 18:55:13 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2009-07-20 22:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-07-20 22:55:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-20 22:55:36 ----D---- C:\WINDOWS\system32\PreInstall
2009-07-20 22:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-07-20 22:55:25 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-07-20 22:55:24 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-20 18:44:50 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-07-19 14:15:50 ----A---- C:\WINDOWS\system32\javaws.exe
2009-07-19 14:15:50 ----A---- C:\WINDOWS\system32\javaw.exe
2009-07-19 14:15:50 ----A---- C:\WINDOWS\system32\java.exe
2009-07-19 14:15:35 ----D---- C:\Program Files\Java
2009-07-18 19:04:34 ----D---- C:\Documents and Settings\user\Application Data\Winamp
2009-07-17 19:36:58 ----D---- C:\WINDOWS\speech
2009-07-17 19:36:50 ----D---- C:\Program Files\Talking Dictionary
2009-07-17 17:43:31 ----D---- C:\Documents and Settings\user\Application Data\Uniblue
2009-07-17 16:59:28 ----D---- C:\Program Files\NCBuy
2009-07-16 21:48:56 ----D---- C:\Documents and Settings\user\Application Data\Media Player Classic
2009-07-16 21:48:35 ----D---- C:\Program Files\Real Alternative
2009-07-16 21:48:35 ----D---- C:\Documents and Settings\user\Application Data\Real
2009-07-16 21:48:35 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-07-16 18:47:57 ----D---- C:\Intel
2009-07-16 18:26:22 ----D---- C:\Program Files\SystemRequirementsLab
2009-07-16 18:26:08 ----D---- C:\Documents and Settings\user\Application Data\SystemRequirementsLab
2009-07-16 18:25:51 ----D---- C:\WINDOWS\Sun
2009-07-15 21:45:00 ----A---- C:\WINDOWS\FOE2.ini
2009-07-15 21:27:57 ----D---- C:\Program Files\Common Files\INCA Shared
2009-07-14 22:19:30 ----D---- C:\Program Files\Electronic Arts
2009-07-14 21:32:15 ----D---- C:\Documents and Settings\user\Application Data\LimeWire
2009-07-14 21:15:50 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-07-14 21:10:46 ----D---- C:\Documents and Settings\user\Application Data\Sun
2009-07-14 19:42:44 ----D---- C:\Documents and Settings\All Users\Application Data\2C7D
2009-07-14 19:40:52 ----D---- C:\Program Files\BearShare Applications
2009-07-14 19:39:47 ----D---- C:\Program Files\LimeWire
2009-07-14 17:43:23 ----D---- C:\Program Files\Common Files\NSV
2009-07-14 17:11:43 ----D---- C:\WINDOWS\WBEM
2009-07-13 22:25:40 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-07-13 22:23:23 ----D---- C:\5b5732ea14608427adf38bc6
2009-07-13 22:18:43 ----HDC---- C:\WINDOWS\ie8
2009-07-13 22:18:43 ----D---- C:\WINDOWS\system32\en-US
2009-07-13 22:15:37 ----HD---- C:\WINDOWS\msdownld.tmp
2009-07-13 22:15:01 ----D---- C:\21231e204402afb20f6d
2009-07-13 21:31:00 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-07-13 18:10:23 ----D---- C:\Documents and Settings\user\Application Data\skypePM
2009-07-13 17:39:12 ----A---- C:\WINDOWS\wb.ini
2009-07-13 17:39:10 ----D---- C:\Program Files\Common Files\Stardock
2009-07-13 17:25:21 ----A---- C:\WINDOWS\_MSRSTRT.EXE
2009-07-13 16:59:54 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2009-07-13 16:55:28 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-07-13 16:51:57 ----D---- C:\Documents and Settings\user\Application Data\VersionTracker Pro
2009-07-13 16:36:32 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2009-07-12 20:16:20 ----D---- C:\Program Files\Winamp
2009-07-11 23:28:03 ----D---- C:\Program Files\Maxis Broadband
2009-07-04 16:01:11 ----D---- C:\Program Files\Common Files\DirectX
2009-07-03 20:49:30 ----D---- C:\Documents and Settings\user\Application Data\GRETECH
2009-07-03 17:33:50 ----D---- C:\Documents and Settings\user\Application Data\Yahoo!
2009-07-03 17:33:50 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-07-03 17:33:47 ----D---- C:\Program Files\Yahoo!
2009-07-03 17:33:41 ----D---- C:\Program Files\FLV Player
2009-07-03 17:28:42 ----D---- C:\Program Files\GRETECH
2009-07-03 17:23:18 ----D---- C:\Program Files\Joe's Programs
2009-07-03 17:05:05 ----A---- C:\WINDOWS\system32\wbsys.dll
2009-07-03 17:05:03 ----D---- C:\Program Files\AlienGUIse
2009-07-03 17:04:39 ----D---- C:\Documents and Settings\user\Application Data\WinRAR
2009-07-03 17:01:39 ----D---- C:\Program Files\WinRAR
2009-07-03 17:01:06 ----D---- C:\Program Files\TGTSoft
2009-07-02 17:55:22 ----D---- C:\Program Files\Mozilla Firefox
2009-07-02 17:55:21 ----D---- C:\Documents and Settings\user\Application Data\Mozilla
2009-07-02 17:55:20 ----D---- C:\Program Files\AskSearch
2009-07-02 17:55:20 ----D---- C:\Program Files\AskBarDis
2009-06-28 20:47:01 ----D---- C:\Documents and Settings\user\Application Data\Help
2009-06-28 20:43:19 ----D---- C:\Program Files\EACOM
2009-06-28 20:40:40 ----D---- C:\Program Files\EA SPORTS
2009-06-27 23:49:56 ----D---- C:\WINDOWS\system32\appmgmt
======List of files/folders modified in the last 1 months======
2009-07-26 04:06:14 ----D---- C:\Program Files
2009-07-26 04:05:29 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-26 03:57:42 ----D---- C:\WINDOWS\Temp
2009-07-26 03:44:48 ----D---- C:\WINDOWS\system32
2009-07-26 03:44:47 ----D---- C:\WINDOWS\system32\drivers
2009-07-26 03:43:58 ----D---- C:\Program Files\Common Files
2009-07-26 03:36:24 ----D---- C:\Documents and Settings\user\Application Data\Skype
2009-07-26 01:55:41 ----D---- C:\WINDOWS\SoftwareDistribution
2009-07-26 01:23:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-25 14:06:30 ----HD---- C:\$AVG8.VAULT$
2009-07-25 14:06:07 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-07-25 13:26:38 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-25 11:25:11 ----D---- C:\WINDOWS\Prefetch
2009-07-25 10:06:33 ----D---- C:\WINDOWS
2009-07-24 15:12:26 ----SD---- C:\WINDOWS\Tasks
2009-07-23 17:52:50 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-23 17:52:12 ----SHD---- C:\WINDOWS\Installer
2009-07-23 17:52:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-23 17:51:09 ----D---- C:\WINDOWS\twain_32
2009-07-23 17:51:01 ----HD---- C:\WINDOWS\inf
2009-07-23 17:49:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-23 17:47:54 ----SD---- C:\Documents and Settings\user\Application Data\Microsoft
2009-07-23 17:45:14 ----D---- C:\Program Files\Common Files\InstallShield
2009-07-22 07:28:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-22 07:24:16 ----D---- C:\WINDOWS\system32\wbem
2009-07-22 07:24:15 ----D---- C:\WINDOWS\AppPatch
2009-07-21 23:25:49 ----A---- C:\WINDOWS\imsins.BAK
2009-07-21 23:25:31 ----D---- C:\Program Files\Messenger
2009-07-21 23:24:51 ----D---- C:\Program Files\Internet Explorer
2009-07-21 23:23:36 ----D---- C:\WINDOWS\WinSxS
2009-07-21 19:37:15 ----D---- C:\WINDOWS\Debug
2009-07-20 18:45:09 ----D---- C:\WINDOWS\Help
2009-07-19 16:07:21 ----D---- C:\WINDOWS\system32\Macromed
2009-07-19 12:35:44 ----D---- C:\WINDOWS\Minidump
2009-07-19 10:15:02 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-07-18 16:13:05 ----D---- C:\Documents and Settings\user\Application Data\Macromedia
2009-07-16 21:08:39 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2009-07-14 21:33:18 ----D---- C:\WINDOWS\system32\DirectX
2009-07-13 22:26:01 ----D---- C:\WINDOWS\Media
2009-07-13 22:18:12 ----D---- C:\Program Files\Google
2009-07-13 16:55:16 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-07-03 17:01:39 ----D---- C:\WINDOWS\Resources
2009-07-02 17:46:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-06-29 22:16:27 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2009-06-27 13:23:48 ----A---- C:\WINDOWS\entpack.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-25 335752]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-13 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-07-13 108552]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 StyleXPHelper;StyleXPHelper; \??\C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe []
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101376]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-07-19 41752]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-07-19 1278104]
R3 S3Psddr;S3Psddr; C:\WINDOWS\system32\DRIVERS\s3gnbm.sys [2003-04-21 166784]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-08-03 202112]
S1 NDISRD;NDISRD; C:\WINDOWS\system32\drivers\NDISRD.sys [2009-06-22 24576]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 S3SavageNB;S3SavageNB; C:\WINDOWS\system32\DRIVERS\s3gnbm.sys [2003-04-21 166784]
S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\WINDOWS\system32\DRIVERS\s616bus.sys [2007-04-03 83208]
S3 s616mdfl;Sony Ericsson Device 616 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s616mdfl.sys [2007-04-03 15112]
S3 s616mdm;Sony Ericsson Device 616 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s616mdm.sys [2007-04-03 108680]
S3 s616mgmt;Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s616mgmt.sys [2007-04-03 100360]
S3 s616nd5;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS); C:\WINDOWS\system32\DRIVERS\s616nd5.sys [2007-04-03 23176]
S3 s616obex;Sony Ericsson Device 616 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s616obex.sys [2007-04-03 98568]
S3 s616unic;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM); C:\WINDOWS\system32\DRIVERS\s616unic.sys [2007-04-03 99080]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-11-10 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-11-10 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-11-10 97184]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-11-10 88688]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-11-10 18704]
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys [2006-11-10 86560]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-11-10 90800]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-13 298776]
R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2009-06-17 1513920]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-23 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-19 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752]
R2 StyleXPService;StyleXPService; C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe [2006-05-25 372736]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-10 602392]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-20 141848]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-13 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-03-30 2735133]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Account business contact manager emails pop up in outlook 2007