Update on the slow laptop

skoscielak

Posts: 42   +0
Update on the slow Laptop

[FONT=Verdana]My laptop running XP SP3 is super slow. It takes forever to load any programs. It takes forever to do anything. This is an old work computer. About 8 years old.[/FONT]
[FONT=Verdana] [/FONT]
[FONT=Verdana] [/FONT]
[FONT=Verdana]I had 2 antivirus programs installed – Fixed, only Avast now.[/FONT]
[FONT=Verdana]I ran [/FONT][FONT=Verdana]ComboFix. [/FONT][FONT=Verdana]It helped a lot but now back to slow.[/FONT]
[FONT=Verdana] [/FONT]
[FONT=Verdana]Any ideas for a good [/FONT]registry cleaner?
 
The current Combofix log is:

ComboFix 12-04-17.01 - SJK05CC 04/18/2012 8:59.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.441 [GMT -5:00]
Running from: c:\documents and settings\sjk05cc\My Documents\Koscielak\Computer\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
.
.
((((((((((((((((((((((((( Files Created from 2012-03-18 to 2012-04-18 )))))))))))))))))))))))))))))))
.
.
2012-04-18 12:52 . 2012-04-18 13:33 -------- d-----w- c:\program files\PC Tools Security
2012-04-18 12:36 . 2012-04-18 12:50 -------- d-----w- c:\documents and settings\sjk05cc\Application Data\GetRightToGo
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-15 01:30 . 2011-04-21 15:26 529562 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-02-28 02:07 . 2012-02-28 02:07 417440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-02-28 02:07 . 2011-07-04 02:41 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-26 18:18 . 2012-02-26 18:18 388096 ----a-r- c:\documents and settings\sjk05cc\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-02-25 20:05 . 2008-06-24 13:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-02-25 20:05 . 2010-05-28 23:35 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-23 16:23 . 2011-02-07 18:52 41184 ----a-w- c:\windows\avastSS.scr
2012-02-23 16:23 . 2012-03-03 14:31 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-02-23 16:12 . 2012-03-03 14:33 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-23 16:12 . 2012-03-03 14:33 337112 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-02-23 16:10 . 2012-03-03 14:33 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-02-23 16:10 . 2012-03-03 14:33 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-02-23 16:10 . 2012-03-03 14:33 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-02-23 16:10 . 2012-03-03 14:33 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-02-23 16:10 . 2012-03-03 14:33 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-23 16:07 . 2012-03-03 14:33 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-01-31 12:44 . 2012-02-25 21:02 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-03_06.17.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-29 13:05 . 2008-07-29 13:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2012-03-04 01:08 . 2012-04-18 00:43 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-02-05 14:41 . 2012-03-03 01:01 65536 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2007-02-05 14:41 . 2012-04-18 00:43 65536 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-09-02 02:44 . 2012-04-18 00:43 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
- 2011-09-02 02:44 . 2012-02-25 15:01 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2012-03-04 01:08 . 2012-04-18 00:43 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-03-28 03:34 . 2012-03-28 03:34 22016 c:\windows\Installer\43644207.msi
+ 2012-03-03 14:59 . 2012-03-03 14:59 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\0eb3c18ec758534395684f3ca286a201\UIAutomationProvider.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 54784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\70c840dc13aae2e1323b13d7b27030ae\System.Xaml.Hosting.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\9bbefd2263d8f2169ab3695798208293\System.Windows.Presentation.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\9484262c4f1cfaace92aa9d1fee76025\System.Web.Routing.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\569a7210fae634e8827a1bd805922540\System.Web.DynamicData.Design.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\02068ef9dafba3308b13444b8f4e5940\System.Web.ApplicationServices.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\0d2eb147f2b4b13af1141810688e2d5f\System.Web.Abstractions.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c3831eb95ccf3904bab81a97a9b08ed3\System.ServiceModel.Channels.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\2ac3fd2abc9bb5eab553ef8e44ca77ca\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\5c87f21925d5a61059ee68cef72841f4\System.AddIn.Contract.ni.dll
+ 2012-03-03 14:57 . 2012-03-03 14:57 37376 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Workflow.#\6a8da5dd61b1fcfed27f84047a3e2bad\Microsoft.Workflow.Compiler.ni.exe
+ 2012-03-03 14:57 . 2012-03-03 14:57 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\552a460a8bcf608aecc6418db0d40216\Microsoft.VisualC.ni.dll
+ 2012-03-03 14:55 . 2012-03-03 14:55 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\01254caa0efc15b5cd48fb3178018701\Accessibility.ni.dll
+ 2012-03-03 14:55 . 2012-03-03 14:55 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\b9b6069e6da06eb57e89cc544397f735\dfsvc.ni.exe
+ 2008-07-29 13:05 . 2008-07-29 13:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 08:54 . 2008-07-29 08:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2012-03-03 20:47 . 2010-11-29 17:38 180224 c:\windows\system32\QTCF.dll
+ 2012-04-18 12:53 . 2012-04-18 12:53 228352 c:\windows\Installer\421b2e.msi
+ 2012-03-03 15:05 . 2012-03-03 15:05 399360 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\4daf91c66e01c3dd92b239feacaa8245\XamlBuildTask.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 353792 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\3c0d21e75c9a48aba6fba3ddff0fcf39\WsatConfig.ni.exe
+ 2012-03-03 15:05 . 2012-03-03 15:05 245760 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\cc063533b04f9420d1aa571a36d1fabd\WindowsFormsIntegration.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 195584 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\5786f917a7b62d63ca8dd5b47aaf9610\UIAutomationTypes.ni.dll
+ 2012-03-03 15:05 . 2012-03-03 15:05 481792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\ece129234f9ba9ad856d0e77e4849137\UIAutomationClient.ni.dll
+ 2012-03-03 14:57 . 2012-03-03 14:57 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8eca92a64c232f34b5b559625b022369\System.Xml.Linq.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 187904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\18419dd13ced512c5f8dc15a79a601eb\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 192512 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\4cb0c81cca997d9fbecda9a1824f2fdb\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 218624 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\770e21411a66352a12b5d3f1e47e972e\System.Web.RegularExpressions.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 858112 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\2e2096834f67f11a362be1e5c0da4d54\System.Web.Extensions.Design.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 332288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\0d511c8f1da06cc18f2da9b593042841\System.Web.Entity.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 296448 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\c69974f79eb0c96357fbf031df6d8ed0\System.Web.Entity.Design.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 705536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\a1d43a413800a3fa024cba9161c34c44\System.Web.DynamicData.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 256512 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\8fbe244f1f9ad9ce887c125bae44a50b\System.Web.DataVisualization.Design.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 645632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dd9dbf82e44454689976a49a9e4ddb6d\System.Transactions.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 220672 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
+ 2012-03-03 15:02 . 2012-03-03 15:02 421888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\9e32918462a2d0c786fbf21a873cc358\System.ServiceModel.Activation.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\76a5d670ce969c0c65a905b7303d4bbf\System.ServiceModel.Routing.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 310272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 767488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dc1f0dbf1d3ba856eccec90b62b55d79\System.Runtime.Remoting.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 239616 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\565496636c549f7f72fff7db554685b6\System.Runtime.Caching.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 651264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd5c866d2462dd913ed0a0287396aa50\System.Net.ni.dll
+ 2012-03-03 15:02 . 2012-03-03 15:02 625152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\3ab3e80af8e5e95a5a62092cc9293c91\System.Messaging.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 392704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\8b5fe7aff54a7aed07287257a9b8e420\System.Management.Instrumentation.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 405504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\150da10324f2811a48da58d3496bbe10\System.IO.Log.ni.dll
+ 2012-03-03 15:02 . 2012-03-03 15:02 228352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\386f41f744eedacd1517c8a15750a48b\System.IdentityModel.Selectors.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 230912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.Wrapper.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 784896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 461824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\7f4419b6f829a2485d83b3c3e7b26a97\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 911872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\46a7f51ef1a9d917598b96f7a758a459\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 112128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\36342e6024e2844502d0bdaa9d30971a\System.Device.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 499712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\ec884cc78d6c5bb67bc2c819b1f00ee5\System.Data.Services.Design.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\caecc65b5c0ede0fe0d55b9f48ada80f\System.Data.DataSetExtensions.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 145920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\aea1d325200e1a7b1ee7ec86fba33db4\System.Configuration.Install.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 193536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\7d8e51e92fede804332703770695afdb\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 613888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\767e70aec1ffb52f95c2b07c08fa0781\System.AddIn.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 402944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\8594d07d18330843968d649ed6ef6166\System.Activities.DurableInstancing.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 316928 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\38f0d77629891e7808424103aaef0728\SMSvcHost.ni.exe
+ 2012-03-03 14:58 . 2012-03-03 14:58 142336 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4d2a51c03b27e615ff9f1c430f2014ba\SMDiagnostics.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 273920 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\aa25092606e5e9826db7a7bd0adb9b2b\MSBuild.ni.exe
+ 2012-03-03 14:57 . 2012-03-03 14:57 302080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\d4c6420fbb9cf71828f6d24f7d2c93f3\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 418304 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5f595338c63c2fdb5a171760c29d5bcf\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 629248 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\b384b96460ad28697e8990e56b0234d8\Microsoft.Build.Utilities.v4.0.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 257536 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\11ef4be6ee227fce3725d6df534297a4\Microsoft.Build.Framework.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 135680 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\837fa037ca302e7432ea9913ae453e70\Microsoft.Build.Conversion.v4.0.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 193024 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\d2574c8ae333ff959be2e0d83121ad10\CustomMarshalers.ni.dll
+ 2012-03-03 14:55 . 2012-03-03 14:55 471040 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\51819c709096229ee187a7feee395d9f\ComSvcConfig.ni.exe
+ 2012-03-03 14:55 . 2012-03-03 14:55 842752 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\03bf63d8ea6622a32b9a3fc6851801a9\AspNetMMCExt.ni.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2012-03-03 15:05 . 2012-03-03 15:05 1055744 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\5904383f7c86f1374a14198872dfa7d8\UIAutomationClientsideProviders.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 1776640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
+ 2012-03-03 15:05 . 2012-03-03 15:05 1203712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\ad9facc364268611cc4ca65f77caeddd\System.WorkflowServices.ni.dll
+ 2012-03-03 15:05 . 2012-03-03 15:05 1956352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\be049b8fe1bf23daab7e76159a7e00dd\System.Workflow.Runtime.ni.dll
+ 2012-03-03 15:05 . 2012-03-03 15:05 4428800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\467bcaca5f4d2914922f62772ea4ea7d\System.Workflow.ComponentModel.ni.dll
+ 2012-03-03 15:05 . 2012-03-03 15:05 2839552 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\544e73a3f3f2daea050f03e4c94e9a6d\System.Workflow.Activities.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 4496384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\9cf13572472dc2efe8f3b7c2ab6198d3\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 1864704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\149f2dcb9c9706e592d1980a945850c2\System.Web.Services.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 2324992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\c7b1290bb35d3e3c53d20e5928c9fa73\System.Web.Mobile.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 3078144 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\0f643b7bd4525c3165733f6988bdbfe2\System.Web.Extensions.ni.dll
+ 2012-03-03 15:04 . 2012-03-03 15:04 4429312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\9df99ed350ef0a43fbcc1b9e586f1c7f\System.Web.DataVisualization.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 1992192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\61a931da70f8078539a51cef3888d02d\System.Speech.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 1127424 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dbf07cb14b4dcc210cdf8b5d90a12a56\System.ServiceModel.Discovery.ni.dll
+ 2012-03-03 15:02 . 2012-03-03 15:02 1388032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\52481fccddb053768631c640d5059d4b\System.ServiceModel.Activities.ni.dll
+ 2012-03-03 15:02 . 2012-03-03 15:02 1046528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\51c60db370e050d9cdcac17060aaac53\System.ServiceModel.Web.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 2625024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 1011200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f3989d3e9cb8904e4edf23ede5adb6c1\System.Runtime.DurableInstancing.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 1047040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\eb9369fc9393d29afe51e45cb49aa4be\System.Printing.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 1159168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
+ 2012-03-03 15:02 . 2012-03-03 15:02 1065984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\9eac876f58a3ebca8878b8654efdc817\System.IdentityModel.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 1151488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\5166bf93ac5239837c9c92b58d183ea6\System.DirectoryServices.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 1872384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\90fd7fc9fbf5f4eed9135996b515a38a\System.Deployment.ni.dll
+ 2012-03-03 15:02 . 2012-03-03 15:02 2008576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Services\62f067f8572551df931b3ee6493383d7\System.Data.Services.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 1332736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\685c7df1332a74aaa899f2bdb3beabc3\System.Data.Services.Client.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 1183744 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\db33744fb49e77c7233adb50f07fe62a\System.Data.OracleClient.ni.dll
+ 2012-03-03 15:01 . 2012-03-03 15:01 1398272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity.#\7bab044e648dfea461b73dc898150539\System.Data.Entity.Design.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 4103168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\931ad0783c03deb967760d5c2387274a\System.Activities.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 3691520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\a57e34a36f38a007aa24f1bd07a167ab\System.Activities.Presentation.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 1506304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\607df7a11c3334146664bc74130bc38f\System.Activities.Core.Presentation.ni.dll
+ 2012-03-03 14:59 . 2012-03-03 14:59 2842624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\42f0e1a4e3081c50503d74ebc0540a60\ReachFramework.ni.dll
+ 2012-03-03 14:57 . 2012-03-03 14:57 1622528 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\15578874ee1464dc6a3545d4be842e59\PresentationUI.ni.dll
+ 2012-03-03 14:57 . 2012-03-03 14:57 1467904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationBuildTa#\d0e67f49781c157069bc3298454354bd\PresentationBuildTasks.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 1819648 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e8ab3b63bade82c3522613f2b1240c0d\Microsoft.VisualBasic.ni.dll
+ 2012-03-03 14:57 . 2012-03-03 14:57 1135104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\6f82f181d36fcd0e1fd5f09a22e0b8db\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-03-03 14:57 . 2012-03-03 14:57 1167872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2eef2f34c0295f1fe5d6d4441f9e790b\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 1079808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9952f66fc592ffc21b024803c8c955fd\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-03 15:03 . 2012-03-03 15:03 2441728 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\08b2c2639708ab20748653185d6b67be\Microsoft.JScript.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 4226560 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\3bfb841477d28ca866b91211f50199bb\Microsoft.Build.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 2850816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\8973265600edd2135ecf5e369a087dfb\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-03-03 14:56 . 2012-03-03 14:56 1914368 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Eng#\7cfd4a64a95807ee7cb6ae50cfabd93c\Microsoft.Build.Engine.ni.dll
+ 2012-03-03 14:58 . 2012-03-03 14:58 11912704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\a70842538614699d690561ef5f43598b\System.Web.ni.dll
+ 2012-03-03 15:02 . 2012-03-03 15:02 17919488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\250b525aa8c17327216e102569c0d766\System.ServiceModel.ni.dll
+ 2012-03-03 15:01 . 2012-03-03 15:01 13273600 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\642a7b3d47828fb0070a55cfeb58f42b\System.Data.Entity.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-02-23 16:23 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-30 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZCfgSvc.exe"="c:\windows\system32\ZCfgSvc.exe" [2005-07-05 639040]
"Anti-phishing Domain Advisor"="c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-12-07 217256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-23 4031368]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-05 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ckpNotify]
2004-04-01 22:48 24668 ---ha-w- c:\windows\system32\ckpNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2005-07-05 06:33 188482 ---ha-w- c:\windows\system32\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1123561945-1715567821-839522115-2218\Scripts\Logon\0\0]
"Script"=\\northamerica.gbcglobal.local\SysVol\northamerica.gbcglobal.local\scripts\SMSINST.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1123561945-1715567821-839522115-2218\Scripts\Logon\1\0]
"Script"=\\northamerica.gbcglobal.local\SysVol\northamerica.gbcglobal.local\scripts\DST_Patch.bat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^sjk05cc^Start Menu^Programs^Startup^eFax 4.4.lnk]
path=c:\documents and settings\sjk05cc\Start Menu\Programs\Startup\eFax 4.4.lnk
backup=c:\windows\pss\eFax 4.4.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 07:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 13:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2010-07-29 07:47 95576 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2011-03-15 02:09 2565520 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2011-03-28 17:40 1611160 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.4]
2010-07-02 18:24 95744 ----a-w- c:\program files\eFax Messenger 4.4\J2GDllCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX]
2011-01-15 22:48 452016 ----a-w- c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-07-30 15:47 289064 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 20:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-10-30 13:47 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2011-03-09 12:30 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SR_WatchDog"=2 (0x2)
"SR_Service"=2 (0x2)
"Bonjour Service"=2 (0x2)
"YahooAUService"=2 (0x2)
"idsvc"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"TomTomHOMEService"=2 (0x2)
"ServiceLayer"=3 (0x3)
"SeaPort"=2 (0x2)
"S24EventMonitor"=2 (0x2)
"ose"=3 (0x3)
"MDM"=2 (0x2)
"MatSvc"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"gusvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"FsUsbExService"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"WudfSvc"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"UPS"=3 (0x3)
"TrkWks"=2 (0x2)
"Fax"=2 (0x2)
"avast! Antivirus"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CheckPoint\\SecuRemote\\bin\\SR_GUI.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:mad:xpsp2res.dll,-22009
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3/3/2012 9:33 AM 610648]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3/3/2012 9:33 AM 337112]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2010 1:25 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 1:41 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [6/29/2010 12:48 PM 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/3/2012 9:33 AM 20696]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2/26/2012 10:59 AM 652360]
R2 Scap;SecureClient Application Policy Module;c:\windows\system32\drivers\scap.sys [5/30/2008 6:03 PM 17424]
R2 VPN-1;VPN-1 Module;c:\windows\system32\drivers\vpn.sys [5/30/2008 6:03 PM 670128]
R3 FW1;SecuRemote Miniport;c:\windows\system32\drivers\fw.sys [5/30/2008 6:03 PM 2041744]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/17/2010 9:01 AM 20464]
R3 OZSCR;O2Micro SmartCardBus Smartcard Reader;c:\windows\system32\drivers\ozscr.sys [4/21/2005 10:58 PM 92550]
R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\drivers\stdriver32.sys [7/11/2010 4:06 PM 49208]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S0 vqgs;vqgs;c:\windows\system32\drivers\olwil.sys --> c:\windows\system32\drivers\olwil.sys [?]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\SUPERAntiSpyware\SABKUTIL.sys --> c:\program files\SUPERAntiSpyware\SABKUTIL.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2/27/2012 9:07 PM 253600]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [9/6/2011 4:34 PM 36608]
S3 OMVA;VPN-1 SecureClient Adapter;c:\windows\system32\drivers\OMVA.sys [5/30/2008 6:03 PM 14924]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
S4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [9/6/2011 4:34 PM 238952]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/30/2010 8:47 AM 135664]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/30/2010 8:47 AM 135664]
S4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [3/9/2011 7:30 AM 92592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-28 02:07]
.
2012-04-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
.
2010-08-26 c:\windows\Tasks\expressburnShakeIcon.job
- c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-08-26 01:09]
.
2010-08-26 c:\windows\Tasks\expressripDowngrade.job
- c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2010-07-11 21:08]
.
2010-09-01 c:\windows\Tasks\expressripShakeIcon.job
- c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2010-07-11 21:08]
.
2012-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 13:47]
.
2012-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 13:47]
.
2010-07-21 c:\windows\Tasks\soundtapShakeIcon.job
- c:\program files\NCH Swift Sound\SoundTap\soundtap.exe [2010-07-11 21:07]
.
2011-09-18 c:\windows\Tasks\switchShakeIcon.job
- c:\program files\NCH Swift Sound\Switch\switch.exe [2010-07-11 21:05]
.
2010-07-21 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-07-11 21:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://myacco/
uInternet Settings,ProxyOverride = *.local
Trusted Zone: adobe.com
Trusted Zone: computerforum.com
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\v4.update
Trusted Zone: microsoft.com\www
TCP: DhcpNameServer = 192.168.1.254
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-18 09:10
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1000)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LgNotify.dll
.
- - - - - - - > 'explorer.exe'(648)
c:\windows\system32\WININET.dll
c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-04-18 09:16:18
ComboFix-quarantined-files.txt 2012-04-18 14:16
ComboFix2.txt 2012-03-03 06:40
.
Pre-Run: 1,421,660,160 bytes free
Post-Run: 1,468,817,408 bytes free
.
- - End Of File - - 67A0ECF8698511E4A1877121670B5EF3
 
Back