TechSpot

Update on the slow laptop

By skoscielak
Apr 18, 2012
Post New Reply
  1. Update on the slow Laptop

    My laptop running XP SP3 is super slow. It takes forever to load any programs. It takes forever to do anything. This is an old work computer. About 8 years old.


    I had 2 antivirus programs installed – Fixed, only Avast now.
    I ran ComboFix. It helped a lot but now back to slow.

    Any ideas for a good registry cleaner?
     
  2. skoscielak

    skoscielak TS Rookie Topic Starter Posts: 38

    Also FYI.
    I only have like 3 apps checked in msconfig. Also ran Cleaner.
     
  3. skos

    skos Banned Posts: 37

    The current Combofix log is:

    ComboFix 12-04-17.01 - SJK05CC 04/18/2012 8:59.2.1 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.441 [GMT -5:00]
    Running from: c:\documents and settings\sjk05cc\My Documents\Koscielak\Computer\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\TEMP
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-03-18 to 2012-04-18 )))))))))))))))))))))))))))))))
    .
    .
    2012-04-18 12:52 . 2012-04-18 13:33 -------- d-----w- c:\program files\PC Tools Security
    2012-04-18 12:36 . 2012-04-18 12:50 -------- d-----w- c:\documents and settings\sjk05cc\Application Data\GetRightToGo
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-03-15 01:30 . 2011-04-21 15:26 529562 ----a-w- c:\windows\system32\PerfStringBackup.TMP
    2012-02-28 02:07 . 2012-02-28 02:07 417440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-02-28 02:07 . 2011-07-04 02:41 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-02-26 18:18 . 2012-02-26 18:18 388096 ----a-r- c:\documents and settings\sjk05cc\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-02-25 20:05 . 2008-06-24 13:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2012-02-25 20:05 . 2010-05-28 23:35 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-02-23 16:23 . 2011-02-07 18:52 41184 ----a-w- c:\windows\avastSS.scr
    2012-02-23 16:23 . 2012-03-03 14:31 201352 ----a-w- c:\windows\system32\aswBoot.exe
    2012-02-23 16:12 . 2012-03-03 14:33 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-02-23 16:12 . 2012-03-03 14:33 337112 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2012-02-23 16:10 . 2012-03-03 14:33 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2012-02-23 16:10 . 2012-03-03 14:33 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2012-02-23 16:10 . 2012-03-03 14:33 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
    2012-02-23 16:10 . 2012-03-03 14:33 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
    2012-02-23 16:10 . 2012-03-03 14:33 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2012-02-23 16:07 . 2012-03-03 14:33 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
    2012-01-31 12:44 . 2012-02-25 21:02 237072 ------w- c:\windows\system32\MpSigStub.exe
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-03-03_06.17.12 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-07-29 13:05 . 2008-07-29 13:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
    + 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
    + 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
    + 2012-03-04 01:08 . 2012-04-18 00:43 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    - 2007-02-05 14:41 . 2012-03-03 01:01 65536 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
    + 2007-02-05 14:41 . 2012-04-18 00:43 65536 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
    + 2011-09-02 02:44 . 2012-04-18 00:43 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
    - 2011-09-02 02:44 . 2012-02-25 15:01 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
    + 2012-03-04 01:08 . 2012-04-18 00:43 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    + 2012-03-28 03:34 . 2012-03-28 03:34 22016 c:\windows\Installer\43644207.msi
    + 2012-03-03 14:59 . 2012-03-03 14:59 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\0eb3c18ec758534395684f3ca286a201\UIAutomationProvider.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 54784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\70c840dc13aae2e1323b13d7b27030ae\System.Xaml.Hosting.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\9bbefd2263d8f2169ab3695798208293\System.Windows.Presentation.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\9484262c4f1cfaace92aa9d1fee76025\System.Web.Routing.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\569a7210fae634e8827a1bd805922540\System.Web.DynamicData.Design.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\02068ef9dafba3308b13444b8f4e5940\System.Web.ApplicationServices.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\0d2eb147f2b4b13af1141810688e2d5f\System.Web.Abstractions.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c3831eb95ccf3904bab81a97a9b08ed3\System.ServiceModel.Channels.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\2ac3fd2abc9bb5eab553ef8e44ca77ca\System.ServiceModel.ServiceMoniker40.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\5c87f21925d5a61059ee68cef72841f4\System.AddIn.Contract.ni.dll
    + 2012-03-03 14:57 . 2012-03-03 14:57 37376 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Workflow.#\6a8da5dd61b1fcfed27f84047a3e2bad\Microsoft.Workflow.Compiler.ni.exe
    + 2012-03-03 14:57 . 2012-03-03 14:57 11776 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\552a460a8bcf608aecc6418db0d40216\Microsoft.VisualC.ni.dll
    + 2012-03-03 14:55 . 2012-03-03 14:55 44544 c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\01254caa0efc15b5cd48fb3178018701\Accessibility.ni.dll
    + 2012-03-03 14:55 . 2012-03-03 14:55 9728 c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\b9b6069e6da06eb57e89cc544397f735\dfsvc.ni.exe
    + 2008-07-29 13:05 . 2008-07-29 13:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
    + 2008-07-29 08:54 . 2008-07-29 08:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
    + 2012-03-03 20:47 . 2010-11-29 17:38 180224 c:\windows\system32\QTCF.dll
    + 2012-04-18 12:53 . 2012-04-18 12:53 228352 c:\windows\Installer\421b2e.msi
    + 2012-03-03 15:05 . 2012-03-03 15:05 399360 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\4daf91c66e01c3dd92b239feacaa8245\XamlBuildTask.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 353792 c:\windows\assembly\NativeImages_v4.0.30319_32\WsatConfig\3c0d21e75c9a48aba6fba3ddff0fcf39\WsatConfig.ni.exe
    + 2012-03-03 15:05 . 2012-03-03 15:05 245760 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\cc063533b04f9420d1aa571a36d1fabd\WindowsFormsIntegration.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 195584 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\5786f917a7b62d63ca8dd5b47aaf9610\UIAutomationTypes.ni.dll
    + 2012-03-03 15:05 . 2012-03-03 15:05 481792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\ece129234f9ba9ad856d0e77e4849137\UIAutomationClient.ni.dll
    + 2012-03-03 14:57 . 2012-03-03 14:57 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8eca92a64c232f34b5b559625b022369\System.Xml.Linq.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 187904 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\18419dd13ced512c5f8dc15a79a601eb\System.Windows.Input.Manipulations.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 192512 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\4cb0c81cca997d9fbecda9a1824f2fdb\System.Windows.Forms.DataVisualization.Design.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 218624 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\770e21411a66352a12b5d3f1e47e972e\System.Web.RegularExpressions.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 858112 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\2e2096834f67f11a362be1e5c0da4d54\System.Web.Extensions.Design.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 332288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\0d511c8f1da06cc18f2da9b593042841\System.Web.Entity.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 296448 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\c69974f79eb0c96357fbf031df6d8ed0\System.Web.Entity.Design.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 705536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\a1d43a413800a3fa024cba9161c34c44\System.Web.DynamicData.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 256512 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\8fbe244f1f9ad9ce887c125bae44a50b\System.Web.DataVisualization.Design.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 645632 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dd9dbf82e44454689976a49a9e4ddb6d\System.Transactions.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 220672 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
    + 2012-03-03 15:02 . 2012-03-03 15:02 421888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\9e32918462a2d0c786fbf21a873cc358\System.ServiceModel.Activation.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\76a5d670ce969c0c65a905b7303d4bbf\System.ServiceModel.Routing.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 310272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 767488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dc1f0dbf1d3ba856eccec90b62b55d79\System.Runtime.Remoting.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 239616 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\565496636c549f7f72fff7db554685b6\System.Runtime.Caching.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 651264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd5c866d2462dd913ed0a0287396aa50\System.Net.ni.dll
    + 2012-03-03 15:02 . 2012-03-03 15:02 625152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\3ab3e80af8e5e95a5a62092cc9293c91\System.Messaging.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 392704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\8b5fe7aff54a7aed07287257a9b8e420\System.Management.Instrumentation.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 405504 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\150da10324f2811a48da58d3496bbe10\System.IO.Log.ni.dll
    + 2012-03-03 15:02 . 2012-03-03 15:02 228352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\386f41f744eedacd1517c8a15750a48b\System.IdentityModel.Selectors.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 230912 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.Wrapper.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 784896 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 461824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\7f4419b6f829a2485d83b3c3e7b26a97\System.DirectoryServices.Protocols.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 911872 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\46a7f51ef1a9d917598b96f7a758a459\System.DirectoryServices.AccountManagement.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 112128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\36342e6024e2844502d0bdaa9d30971a\System.Device.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 499712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\ec884cc78d6c5bb67bc2c819b1f00ee5\System.Data.Services.Design.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\caecc65b5c0ede0fe0d55b9f48ada80f\System.Data.DataSetExtensions.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 145920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\aea1d325200e1a7b1ee7ec86fba33db4\System.Configuration.Install.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 193536 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\7d8e51e92fede804332703770695afdb\System.ComponentModel.DataAnnotations.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 613888 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\767e70aec1ffb52f95c2b07c08fa0781\System.AddIn.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 402944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\8594d07d18330843968d649ed6ef6166\System.Activities.DurableInstancing.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 316928 c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\38f0d77629891e7808424103aaef0728\SMSvcHost.ni.exe
    + 2012-03-03 14:58 . 2012-03-03 14:58 142336 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4d2a51c03b27e615ff9f1c430f2014ba\SMDiagnostics.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 273920 c:\windows\assembly\NativeImages_v4.0.30319_32\MSBuild\aa25092606e5e9826db7a7bd0adb9b2b\MSBuild.ni.exe
    + 2012-03-03 14:57 . 2012-03-03 14:57 302080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\d4c6420fbb9cf71828f6d24f7d2c93f3\Microsoft.VisualBasic.Compatibility.Data.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 418304 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5f595338c63c2fdb5a171760c29d5bcf\Microsoft.Transactions.Bridge.Dtc.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 629248 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Uti#\b384b96460ad28697e8990e56b0234d8\Microsoft.Build.Utilities.v4.0.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 257536 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\11ef4be6ee227fce3725d6df534297a4\Microsoft.Build.Framework.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 135680 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Con#\837fa037ca302e7432ea9913ae453e70\Microsoft.Build.Conversion.v4.0.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 193024 c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\d2574c8ae333ff959be2e0d83121ad10\CustomMarshalers.ni.dll
    + 2012-03-03 14:55 . 2012-03-03 14:55 471040 c:\windows\assembly\NativeImages_v4.0.30319_32\ComSvcConfig\51819c709096229ee187a7feee395d9f\ComSvcConfig.ni.exe
    + 2012-03-03 14:55 . 2012-03-03 14:55 842752 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\03bf63d8ea6622a32b9a3fc6851801a9\AspNetMMCExt.ni.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
    + 2008-07-29 13:05 . 2008-07-29 13:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
    + 2012-03-03 15:05 . 2012-03-03 15:05 1055744 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\5904383f7c86f1374a14198872dfa7d8\UIAutomationClientsideProviders.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 1776640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
    + 2012-03-03 15:05 . 2012-03-03 15:05 1203712 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\ad9facc364268611cc4ca65f77caeddd\System.WorkflowServices.ni.dll
    + 2012-03-03 15:05 . 2012-03-03 15:05 1956352 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\be049b8fe1bf23daab7e76159a7e00dd\System.Workflow.Runtime.ni.dll
    + 2012-03-03 15:05 . 2012-03-03 15:05 4428800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\467bcaca5f4d2914922f62772ea4ea7d\System.Workflow.ComponentModel.ni.dll
    + 2012-03-03 15:05 . 2012-03-03 15:05 2839552 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\544e73a3f3f2daea050f03e4c94e9a6d\System.Workflow.Activities.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 4496384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\9cf13572472dc2efe8f3b7c2ab6198d3\System.Windows.Forms.DataVisualization.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 1864704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\149f2dcb9c9706e592d1980a945850c2\System.Web.Services.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 2324992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\c7b1290bb35d3e3c53d20e5928c9fa73\System.Web.Mobile.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 3078144 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\0f643b7bd4525c3165733f6988bdbfe2\System.Web.Extensions.ni.dll
    + 2012-03-03 15:04 . 2012-03-03 15:04 4429312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\9df99ed350ef0a43fbcc1b9e586f1c7f\System.Web.DataVisualization.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 1992192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\61a931da70f8078539a51cef3888d02d\System.Speech.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 1127424 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dbf07cb14b4dcc210cdf8b5d90a12a56\System.ServiceModel.Discovery.ni.dll
    + 2012-03-03 15:02 . 2012-03-03 15:02 1388032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\52481fccddb053768631c640d5059d4b\System.ServiceModel.Activities.ni.dll
    + 2012-03-03 15:02 . 2012-03-03 15:02 1046528 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\51c60db370e050d9cdcac17060aaac53\System.ServiceModel.Web.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 2625024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 1011200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f3989d3e9cb8904e4edf23ede5adb6c1\System.Runtime.DurableInstancing.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 1047040 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\eb9369fc9393d29afe51e45cb49aa4be\System.Printing.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 1159168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\6a6f4be744ed5bc5273cbcf0fcf303e3\System.Management.ni.dll
    + 2012-03-03 15:02 . 2012-03-03 15:02 1065984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\9eac876f58a3ebca8878b8654efdc817\System.IdentityModel.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 1151488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\5166bf93ac5239837c9c92b58d183ea6\System.DirectoryServices.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 1872384 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\90fd7fc9fbf5f4eed9135996b515a38a\System.Deployment.ni.dll
    + 2012-03-03 15:02 . 2012-03-03 15:02 2008576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Services\62f067f8572551df931b3ee6493383d7\System.Data.Services.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 1332736 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\685c7df1332a74aaa899f2bdb3beabc3\System.Data.Services.Client.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 1183744 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\db33744fb49e77c7233adb50f07fe62a\System.Data.OracleClient.ni.dll
    + 2012-03-03 15:01 . 2012-03-03 15:01 1398272 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity.#\7bab044e648dfea461b73dc898150539\System.Data.Entity.Design.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 4103168 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\931ad0783c03deb967760d5c2387274a\System.Activities.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 3691520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\a57e34a36f38a007aa24f1bd07a167ab\System.Activities.Presentation.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 1506304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\607df7a11c3334146664bc74130bc38f\System.Activities.Core.Presentation.ni.dll
    + 2012-03-03 14:59 . 2012-03-03 14:59 2842624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\42f0e1a4e3081c50503d74ebc0540a60\ReachFramework.ni.dll
    + 2012-03-03 14:57 . 2012-03-03 14:57 1622528 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\15578874ee1464dc6a3545d4be842e59\PresentationUI.ni.dll
    + 2012-03-03 14:57 . 2012-03-03 14:57 1467904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationBuildTa#\d0e67f49781c157069bc3298454354bd\PresentationBuildTasks.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 1819648 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\e8ab3b63bade82c3522613f2b1240c0d\Microsoft.VisualBasic.ni.dll
    + 2012-03-03 14:57 . 2012-03-03 14:57 1135104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\6f82f181d36fcd0e1fd5f09a22e0b8db\Microsoft.VisualBasic.Compatibility.ni.dll
    + 2012-03-03 14:57 . 2012-03-03 14:57 1167872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\2eef2f34c0295f1fe5d6d4441f9e790b\Microsoft.VisualBasic.Activities.Compiler.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 1079808 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9952f66fc592ffc21b024803c8c955fd\Microsoft.Transactions.Bridge.ni.dll
    + 2012-03-03 15:03 . 2012-03-03 15:03 2441728 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\08b2c2639708ab20748653185d6b67be\Microsoft.JScript.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 4226560 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\3bfb841477d28ca866b91211f50199bb\Microsoft.Build.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 2850816 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\8973265600edd2135ecf5e369a087dfb\Microsoft.Build.Tasks.v4.0.ni.dll
    + 2012-03-03 14:56 . 2012-03-03 14:56 1914368 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Eng#\7cfd4a64a95807ee7cb6ae50cfabd93c\Microsoft.Build.Engine.ni.dll
    + 2012-03-03 14:58 . 2012-03-03 14:58 11912704 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\a70842538614699d690561ef5f43598b\System.Web.ni.dll
    + 2012-03-03 15:02 . 2012-03-03 15:02 17919488 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\250b525aa8c17327216e102569c0d766\System.ServiceModel.ni.dll
    + 2012-03-03 15:01 . 2012-03-03 15:01 13273600 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\642a7b3d47828fb0070a55cfeb58f42b\System.Data.Entity.ni.dll
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-02-23 16:23 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-30 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ZCfgSvc.exe"="c:\windows\system32\ZCfgSvc.exe" [2005-07-05 639040]
    "Anti-phishing Domain Advisor"="c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-12-07 217256]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-23 4031368]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-05 113024]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ckpNotify]
    2004-04-01 22:48 24668 ---ha-w- c:\windows\system32\ckpNotify.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
    2005-07-05 06:33 188482 ---ha-w- c:\windows\system32\LgNotify.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1123561945-1715567821-839522115-2218\Scripts\Logon\0\0]
    "Script"=\\northamerica.gbcglobal.local\SysVol\northamerica.gbcglobal.local\scripts\SMSINST.bat
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1123561945-1715567821-839522115-2218\Scripts\Logon\1\0]
    "Script"=\\northamerica.gbcglobal.local\SysVol\northamerica.gbcglobal.local\scripts\DST_Patch.bat
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^sjk05cc^Start Menu^Programs^Startup^eFax 4.4.lnk]
    path=c:\documents and settings\sjk05cc\Start Menu\Programs\Startup\eFax 4.4.lnk
    backup=c:\windows\pss\eFax 4.4.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2008-10-15 07:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
    2011-09-27 13:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
    2010-07-29 07:47 95576 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
    2011-03-15 02:09 2565520 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
    2011-03-28 17:40 1611160 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.4]
    2010-07-02 18:24 95744 ----a-w- c:\program files\eFax Messenger 4.4\J2GDllCmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX]
    2011-01-15 22:48 452016 ----a-w- c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2008-07-30 15:47 289064 ----a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2012-01-18 20:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2010-10-30 13:47 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    2011-03-09 12:30 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "SR_WatchDog"=2 (0x2)
    "SR_Service"=2 (0x2)
    "Bonjour Service"=2 (0x2)
    "YahooAUService"=2 (0x2)
    "idsvc"=3 (0x3)
    "Apple Mobile Device"=2 (0x2)
    "TomTomHOMEService"=2 (0x2)
    "ServiceLayer"=3 (0x3)
    "SeaPort"=2 (0x2)
    "S24EventMonitor"=2 (0x2)
    "ose"=3 (0x3)
    "MDM"=2 (0x2)
    "MatSvc"=3 (0x3)
    "JavaQuickStarterService"=2 (0x2)
    "gusvc"=3 (0x3)
    "gupdatem"=3 (0x3)
    "gupdate"=2 (0x2)
    "FsUsbExService"=2 (0x2)
    "Ati HotKey Poller"=2 (0x2)
    "WudfSvc"=3 (0x3)
    "WmdmPmSN"=3 (0x3)
    "UPS"=3 (0x3)
    "TrkWks"=2 (0x2)
    "Fax"=2 (0x2)
    "avast! Antivirus"=2 (0x2)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\CheckPoint\\SecuRemote\\bin\\SR_GUI.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
    "c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
    "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:*:Disabled:mad:xpsp2res.dll,-22009
    .
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3/3/2012 9:33 AM 610648]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3/3/2012 9:33 AM 337112]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2010 1:25 PM 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 1:41 PM 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [6/29/2010 12:48 PM 116608]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/3/2012 9:33 AM 20696]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2/26/2012 10:59 AM 652360]
    R2 Scap;SecureClient Application Policy Module;c:\windows\system32\drivers\scap.sys [5/30/2008 6:03 PM 17424]
    R2 VPN-1;VPN-1 Module;c:\windows\system32\drivers\vpn.sys [5/30/2008 6:03 PM 670128]
    R3 FW1;SecuRemote Miniport;c:\windows\system32\drivers\fw.sys [5/30/2008 6:03 PM 2041744]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/17/2010 9:01 AM 20464]
    R3 OZSCR;O2Micro SmartCardBus Smartcard Reader;c:\windows\system32\drivers\ozscr.sys [4/21/2005 10:58 PM 92550]
    R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\drivers\stdriver32.sys [7/11/2010 4:06 PM 49208]
    S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
    S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
    S0 vqgs;vqgs;c:\windows\system32\drivers\olwil.sys --> c:\windows\system32\drivers\olwil.sys [?]
    S1 SABKUTIL;SABKUTIL;\??\c:\program files\SUPERAntiSpyware\SABKUTIL.sys --> c:\program files\SUPERAntiSpyware\SABKUTIL.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2/27/2012 9:07 PM 253600]
    S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [9/6/2011 4:34 PM 36608]
    S3 OMVA;VPN-1 SecureClient Adapter;c:\windows\system32\drivers\OMVA.sys [5/30/2008 6:03 PM 14924]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
    S4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [9/6/2011 4:34 PM 238952]
    S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/30/2010 8:47 AM 135664]
    S4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/30/2010 8:47 AM 135664]
    S4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [3/9/2011 7:30 AM 92592]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-28 02:07]
    .
    2012-04-18 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
    .
    2010-08-26 c:\windows\Tasks\expressburnShakeIcon.job
    - c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-08-26 01:09]
    .
    2010-08-26 c:\windows\Tasks\expressripDowngrade.job
    - c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2010-07-11 21:08]
    .
    2010-09-01 c:\windows\Tasks\expressripShakeIcon.job
    - c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2010-07-11 21:08]
    .
    2012-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 13:47]
    .
    2012-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 13:47]
    .
    2010-07-21 c:\windows\Tasks\soundtapShakeIcon.job
    - c:\program files\NCH Swift Sound\SoundTap\soundtap.exe [2010-07-11 21:07]
    .
    2011-09-18 c:\windows\Tasks\switchShakeIcon.job
    - c:\program files\NCH Swift Sound\Switch\switch.exe [2010-07-11 21:05]
    .
    2010-07-21 c:\windows\Tasks\wavepadShakeIcon.job
    - c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-07-11 21:06]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uInternet Connection Wizard,ShellNext = hxxp://myacco/
    uInternet Settings,ProxyOverride = *.local
    Trusted Zone: adobe.com
    Trusted Zone: computerforum.com
    Trusted Zone: microsoft.com\update
    Trusted Zone: microsoft.com\v4.update
    Trusted Zone: microsoft.com\www
    TCP: DhcpNameServer = 192.168.1.254
    DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-04-18 09:10
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    .
    C:\avast! sandbox
    .
    scan completed successfully
    hidden files: 1
    .
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(1000)
    c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    c:\windows\system32\WININET.dll
    c:\windows\system32\Ati2evxx.dll
    c:\windows\system32\LgNotify.dll
    .
    - - - - - - - > 'explorer.exe'(648)
    c:\windows\system32\WININET.dll
    c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.dll
    c:\windows\system32\ieframe.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Completion time: 2012-04-18 09:16:18
    ComboFix-quarantined-files.txt 2012-04-18 14:16
    ComboFix2.txt 2012-03-03 06:40
    .
    Pre-Run: 1,421,660,160 bytes free
    Post-Run: 1,468,817,408 bytes free
    .
    - - End Of File - - 67A0ECF8698511E4A1877121670B5EF3
     
  4. Tmagic650

    Tmagic650 TS Ambassador Posts: 17,244   +234

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...