Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need more Help! Previous Scans Did Not Fix My System


  • This topic is locked This topic is locked
28 replies to this topic

#1 Out_of_Control

Out_of_Control

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 30 November 2010 - 06:09 PM

I am opening this topic because the course of actions (many attempted in the "Am I Infected?" forum)) did not resolve my issue. Quietman7 has assisted me in running many scans and while several viruses were found, they did not resolve my problem. Topic referenced is here: http://www.bleepingcomputer.com/forums/topic361717.html ~ OB Please note: I attempted to follow the PREP Guide but was unable to get DDS or GMER to run. DDS appeared to me to run to completion but totally froze the system when attempting to compile the report (my guess). GMER experienced a program check (ran it twice but experienced the problem on both runs)and could not be completed.

I am including the RSIT logs as directed by Quietman7
Log.TXT
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ron at 2010-11-30 16:33:43
Microsoft Windows XP Professional Service Pack 3
System drive C: has 30 GB (52%) free of 57 GB
Total RAM: 1535 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:34:24 PM, on 11/30/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\acs.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Dell\PowerNap\PowerNap.Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Apoint\Apoint.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Documents and Settings\Ron\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe
C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\softOSD\softOSD.exe
C:\Program Files\Dell\PowerNap\PowerNap.exe
C:\WINDOWS\system32\softLCP.exe
C:\Program Files\Dell\PowerNap\PowerNapWatcher.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\wirelesscm.exe
C:\PROGRA~1\IOGEAR\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\APPL\Program Files\Ding\Ding\Ding.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\APPL\TimeLeft3\TimeLeft.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Documents and Settings\Ron\Desktop\RSIT.exe
C:\Program Files\trend micro\Ron.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://support.dlink.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\APPL\Adobe9\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\APPL\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SansaDispatch] C:\Documents and Settings\Ron\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Desktop Clock-7] "C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe"
O4 - Startup: Desktop Clock-7.lnk = C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe
O4 - Startup: DING!.lnk = C:\APPL\Program Files\Ding\Ding\Ding.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: TimeLeft.lnk = C:\APPL\TimeLeft3\TimeLeft.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PowerNap.lnk = ?
O4 - Global Startup: PowerNapWatcher.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: Wireless Connection Manager.lnk = C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\wirelesscm.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229803568608
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229803526407
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\acs.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Dell Power Nap Service (dell_power_nap_service) - Unknown owner - C:\Program Files\Dell\PowerNap\PowerNap.Service.exe
O23 - Service: Google Update Service (gupdate1c9dbed27a7f0e0) (gupdate1c9dbed27a7f0e0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\PEV.cfxxe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: softOSD - EnTech Taiwan - C:\Program Files\softOSD\softOSD.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 13599 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Java Check.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-764733703-839522115-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-764733703-839522115-1003.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{07984967-8829-49BB-B4B8-C412C5B4DB1A}.job
C:\WINDOWS\tasks\ZAQWFCGZ.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-09-16 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-11-23 204048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-11-23 204048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2003-08-20 151552]
"ZCfgSvc.exe"=C:\WINDOWS\system32\ZCfgSvc.exe [2005-07-05 639040]
"PRONoMgr.exe"=C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe [2005-06-27 135168]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"CoolSwitch"=C:\WINDOWS\system32\taskswitch.exe [2002-03-19 45632]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2007-09-17 124200]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]
"McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2009-07-07 1176808]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-10 202256]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\APPL\Adobe9\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"QuickTime Task"=C:\APPL\QuickTime\qttask.exe [2010-09-08 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SansaDispatch"=C:\Documents and Settings\Ron\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe [2009-10-29 79872]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"Desktop Clock-7"=C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe [2010-07-10 135168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATT-SST_McciTrayApp]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bascstray]
BascsTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iRiver Updater]
C:\APPL\Program Files\iRiver\iRiver Manager\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\APPL\QuickTime\qttask.exe [2010-09-08 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\APPL\Spybot - Search & Destroy\TeaTimer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_13\bin\jusched.exe [2009-07-25 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\APPL\SuperAntiSpy\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AT&T Self Support Tool.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~1\DIGITA~1\DLG.exe [2003-10-29 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Reminder.lnk]
E:\APPL\PRINTM~1\Remind.exe [2007-09-09 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-05-28 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2004-05-28 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
E:\APPL\Kodak\KODAKE~1\bin\EASYSH~1.EXE -hx []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ron^Start Menu^Programs^Startup^DING!.lnk]
C:\APPL\SOUTHW~1\Ding\Ding.exe [2006-06-22 462848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Ati HotKey Poller"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth.lnk - C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
PowerNap.lnk - C:\WINDOWS\Installer\{68259209-C71D-44C7-900E-20BC0F7E0BF1}\_A45711B63B8E1DD683E50A.exe
PowerNapWatcher.lnk - C:\WINDOWS\Installer\{68259209-C71D-44C7-900E-20BC0F7E0BF1}\_8C3690E649AC58E83BCA00.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
Wireless Connection Manager.lnk - C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\wirelesscm.exe

C:\Documents and Settings\Ron\Start Menu\Programs\Startup
Desktop Clock-7.lnk - C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe
DING!.lnk - C:\APPL\Program Files\Ding\Ding\Ding.exe
OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
TimeLeft.lnk - C:\APPL\TimeLeft3\TimeLeft.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-11-10 47616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2001-09-24 45056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Sebring]
C:\WINDOWS\system32\LgNotify.dll [2005-07-05 188482]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\se32.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoWindowsUpdate"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\APPL\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="E:\APPL\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Disabled:EasyShare"
"C:\APPL\Turbo Tax 2007\TurboTax Deluxe 2007\32bit\ttax.exe"="C:\APPL\Turbo Tax 2007\TurboTax Deluxe 2007\32bit\ttax.exe:LocalSubNet:Disabled:TurboTax"
"C:\APPL\TaxYear2006\TurboTax Deluxe 2006\32bit\ttax.exe"="C:\APPL\TaxYear2006\TurboTax Deluxe 2006\32bit\ttax.exe:LocalSubNet:Disabled:TurboTax"
"C:\APPL\Turbo Tax 2007\TurboTax Deluxe 2007\32bit\updatemgr.exe"="C:\APPL\Turbo Tax 2007\TurboTax Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Disabled:TurboTax Update Manager"
"C:\APPL\TaxYear2006\TurboTax Deluxe 2006\32bit\updatemgr.exe"="C:\APPL\TaxYear2006\TurboTax Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Disabled:TurboTax Update Manager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-11-30 16:33:44 ----D---- C:\Program Files\trend micro
2010-11-30 16:33:43 ----D---- C:\rsit
2010-11-26 19:07:44 ----N---- C:\Avptool_All_Events_Nov 26.txt
2010-11-26 19:00:40 ----N---- C:\Avptool_Important_Nov 26.txt
2010-11-26 18:36:45 ----N---- C:\Avptool_Critical_Nov 26.txt
2010-11-24 20:25:33 ----D---- C:\Program Files\ESET
2010-11-20 14:25:03 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-11-19 11:07:26 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2010-11-17 15:37:19 ----N---- C:\WINDOWS\zip.exe
2010-11-17 15:37:19 ----N---- C:\WINDOWS\SWXCACLS.exe
2010-11-17 15:37:19 ----N---- C:\WINDOWS\SWSC.exe
2010-11-17 15:37:19 ----N---- C:\WINDOWS\SWREG.exe
2010-11-17 15:37:19 ----N---- C:\WINDOWS\sed.exe
2010-11-17 15:37:19 ----N---- C:\WINDOWS\PEV.exe
2010-11-17 15:37:19 ----N---- C:\WINDOWS\NIRCMD.exe
2010-11-17 15:37:19 ----N---- C:\WINDOWS\MBR.exe
2010-11-17 15:37:19 ----N---- C:\WINDOWS\grep.exe
2010-11-17 15:37:08 ----D---- C:\WINDOWS\ERDNT
2010-11-17 15:37:06 ----SD---- C:\ComboFix
2010-11-17 15:34:03 ----D---- C:\Qoobox
2010-11-16 15:12:38 ----D---- C:\Documents and Settings\Ron\Application Data\Malwarebytes
2010-11-16 15:12:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-11-12 05:48:53 ----RSH---- C:\WINDOWS\system32\rsvpm.dll
2010-11-08 10:26:28 ----N---- C:\WINDOWS\system32\brmfpmon.dll
2010-11-01 14:17:59 ----D---- C:\A_WadeFile

======List of files/folders modified in the last 1 months======

2010-11-30 16:34:05 ----D---- C:\WINDOWS\Temp
2010-11-30 16:33:56 ----D---- C:\WINDOWS\Prefetch
2010-11-30 16:33:44 ----RD---- C:\Program Files
2010-11-30 15:03:55 ----D---- C:\WINDOWS\system32
2010-11-30 14:31:55 ----D---- C:\MDT
2010-11-30 14:31:29 ----SHD---- C:\WINDOWS\CSC
2010-11-30 14:18:23 ----D---- C:\WINDOWS
2010-11-30 13:53:30 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-30 11:36:59 ----D---- C:\WINDOWS\system32\NtmsData
2010-11-30 09:31:47 ----D---- C:\WINDOWS\repair
2010-11-30 09:31:32 ----D---- C:\WINDOWS\Registration
2010-11-30 08:59:00 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-11-28 19:18:28 ----D---- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2010-11-28 19:17:52 ----D---- C:\Documents and Settings\Ron\Application Data\ZoomBrowser EX
2010-11-27 21:58:51 ----D---- C:\APPL
2010-11-27 18:32:21 ----D---- C:\WINDOWS\system32\drivers
2010-11-26 09:55:12 ----SHD---- C:\System Volume Information
2010-11-26 09:53:04 ----HD---- C:\WINDOWS\inf
2010-11-24 20:25:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-24 15:46:18 ----D---- C:\Documents and Settings\All Users\Application Data\ArcSoft
2010-11-24 15:46:09 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-23 20:35:58 ----D---- C:\Program Files\Google
2010-11-23 20:27:34 ----SHD---- C:\WINDOWS\Installer
2010-11-23 20:27:32 ----HD---- C:\Config.Msi
2010-11-23 20:27:29 ----D---- C:\WINDOWS\Help
2010-11-23 20:27:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-11-23 20:26:51 ----D---- C:\Program Files\Common Files
2010-11-23 20:24:46 ----RSD---- C:\WINDOWS\assembly
2010-11-23 20:22:51 ----D---- C:\WINDOWS\WinSxS
2010-11-23 20:11:56 ----D---- C:\Documents and Settings\Ron\Application Data\Sammsoft
2010-11-23 07:39:21 ----D---- C:\Documents and Settings\Ron\Application Data\SmartDraw
2010-11-21 17:49:48 ----N---- C:\WINDOWS\crw.ini
2010-11-21 17:39:51 ----D---- C:\Documents and Settings\All Users\Application Data\CPH Shepherds Staff
2010-11-20 15:42:04 ----SH---- C:\boot.ini
2010-11-17 15:56:16 ----N---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-17 07:34:33 ----D---- C:\WINDOWS\network diagnostic
2010-11-16 15:50:33 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-11-16 15:48:30 ----SD---- C:\WINDOWS\Tasks
2010-11-14 14:21:57 ----D---- C:\temp
2010-11-12 15:19:55 ----D---- C:\WINDOWS\system32\Restore
2010-11-11 08:34:47 ----D---- C:\WINDOWS\Debug
2010-11-10 12:38:31 ----D---- C:\WINDOWS\Microsoft.NET
2010-11-10 12:33:47 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-11-10 12:25:05 ----N---- C:\WINDOWS\system32\MRT.exe
2010-10-31 18:11:56 ----N---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2007-07-23 14576]
R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2007-07-23 99808]
R0 IFP800;iriver Internet Audio Player IFP-800; C:\WINDOWS\system32\drivers\ifp800.sys [2004-03-29 14531]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-06-16 44944]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-07-23 30064]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2009-09-16 214664]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2010-07-15 120136]
R1 OMCI;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2003-01-07 17217]
R1 se32;EnTech softEngine; C:\WINDOWS\System32\Drivers\se32.sys [2007-05-03 12112]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-01-21 17801]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 BASFND;BASFND; \??\C:\WINDOWS\system32\Drivers\BASFND.sys []
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\Drivers\DLABMFSM.SYS [2007-07-23 37360]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\Drivers\DLABOIOM.SYS [2007-07-23 32848]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\Drivers\DLADResM.SYS [2007-07-23 9104]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS [2007-07-23 108752]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS [2007-07-23 27216]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\Drivers\DLAPoolM.SYS [2007-07-23 16304]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS [2007-07-23 98448]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS [2007-07-23 93552]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-07-23 52000]
R2 FAD;FAD; \??\C:\WINDOWS\system32\Drivers\FADXP32.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-06-17 10970]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2003-08-21 94600]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-11-10 1406464]
R3 b57w2k;Broadcom 570x Gigabit Integrated Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-21 175360]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-04-12 329837]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-04-12 30427]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-04-12 854538]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-04-12 148932]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-04-12 47811]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-04-12 65784]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2009-08-26 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-08-26 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS [2005-05-03 1033728]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-05-03 208384]
R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2007-07-07 57376]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-09-16 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-09-16 35272]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2009-09-16 40552]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 OZSCR;O2Micro SmartCardBus Smartcard Reader; C:\WINDOWS\system32\DRIVERS\ozscr.sys [2005-04-21 92550]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-20 21248]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\STAC97.sys [2004-11-15 264440]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-03 705408]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-05-14 57216]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2004-12-13 39904]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-06-21 547072]
S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-07-03 1063936]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 n558;N558 Bluetooth USB Filter Driver; C:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 O2SCBUS;O2Micro SmartCardBus Reader; C:\WINDOWS\system32\DRIVERS\ozscr.sys [2005-04-21 92550]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 w70n51;Intel® PRO/Wireless 7100 Adapter Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w70n51.sys [2005-07-26 662400]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ACS;Atheros Configuration Service; C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\acs.exe [2007-03-21 364629]
R2 BAsfIpM;Broadcom ASF IP monitoring service v6.0.3; C:\WINDOWS\system32\basfipm.exe [2003-04-17 77824]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe [2006-04-12 266295]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2009-09-08 96334]
R2 dell_power_nap_service;Dell Power Nap Service; C:\Program Files\Dell\PowerNap\PowerNap.Service.exe [2009-03-05 11776]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-12-08 93320]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2010-06-10 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]
R2 RegSrvc;RegSrvc; C:\WINDOWS\system32\RegSrvc.exe [2005-07-05 122880]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\WINDOWS\system32\S24EvMon.exe [2005-07-05 421955]
R2 softOSD;softOSD; C:\Program Files\softOSD\softOSD.exe [2009-02-21 281144]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-09-16 606736]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9dbed27a7f0e0;Google Update Service (gupdate1c9dbed27a7f0e0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-23 133104]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\PEV.cfxxe [2010-04-26 256512]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-09-16 365072]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [2003-04-29 139264]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-11-10 389120]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Info.TXT
info.txt logfile of random's system information tool 1.08 2010-11-30 16:34:28

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Photoshop 5.0 Limited Edition-->C:\WINDOWS\UNINST.EXE -fc:\appl\adobe\DeIsL1.isu -cc:\appl\adobe\Uninst.dll
Adobe Photoshop Elements 2.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Appl\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Appl\Adobe\Photoshop Elements 2\Uninst.dll"
Adobe Reader 9.4.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
Alt-Tab Task Switcher Powertoy for Windows XP-->MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147}
AnswerWorks 4.0 Runtime - English-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x9 -1Funhouse
ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x9 -1PhotoBook
ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x9 -1ScrapBook
ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x9 -1Slimline
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A484D9E8-166E-41B0-8F5E-4C3965D2DE84}\Setup.exe" -l0x9
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Broadcom Advanced Control Suite-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{89EE857B-8970-4F9F-AB58-A1C873AC72B3} /l1033
Broadcom ASF Management Applications-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{25D24E84-64A9-40D2-85CF-540B1C4A6D52} /l1033
Broadcom Gigabit Integrated Controller-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{BE6890C7-31EF-478C-812E-1E2899ABFCA9} /l1033
Calendar Printing Assistant for Microsoft Office Outlook 2007-->MsiExec.exe /X{90120000-00A7-0409-0000-0000000FF1CE}
Canon Camera Access Library-->"C:\Program Files\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon G.726 WMP-Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\APPL\Canon_ZoomBrowserEX\G726Decoder\G726DecUnInstall.ini"
Canon mini260 User Registration-->C:\Program Files\Canon\IJEREG\mini260\UNINST.EXE
Canon mini260-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_mini260\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_mini260 /L0x0009
Canon MOV Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files\Canon\Canon MOV Decoder150\CanonMOVDecoderUnInstall.ini"
Canon MOV Encoder-->"C:\Program Files\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files\Canon\Canon MOV Encoder\CanonMOVEncoderUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\APPL\Canon_ZoomBrowserEX\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\APPL\Canon_ZoomBrowserEX\RAW Image Task\Uninst.ini"
Canon Utilities CameraWindow DC 8-->"C:\Program Files\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC8\Uninst.ini"
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\APPL\Canon_ZoomBrowserEX\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities CameraWindow DC-->"C:\Program Files\Common Files\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini"
Canon Utilities CameraWindow-->"C:\Program Files\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities Easy-PhotoPrint-->C:\APPL\MiniPixma Ptr\uninst.exe uninst.ini
Canon Utilities MyCamera DC-->"C:\Program Files\Common Files\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCameraDC\Uninst.ini"
Canon Utilities MyCamera-->"C:\Program Files\Common Files\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities RemoteCapture DC-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureDC\Uninst.ini"
Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\APPL\Canon_ZoomBrowserEX\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\APPL\Canon_ZoomBrowserEX\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"
CCleaner-->"C:\APPL\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant D480 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{820F2EBF-0AEC-46F1-9DCD-66CAAD8344D3}" "1033" "0"
Desktop Clock-7 1.12-->"C:\APPL\Clock\Desktop Clock-7\unins000.exe"
DiMAGE Scan Dual4 ver.1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F00F343-7562-4F03-B3C3-F9360E2DA333}\Setup.exe" -l0x9
DING!-->MsiExec.exe /X{84031A18-BA9A-4156-A74F-E05B52DDFCE2}
D-Link Wireless G WNA-1330-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AFF5BD64-6AD5-435F-8171-1DCE8B1D23CF}\setup.exe" -l0x9 -removeonly
D-Link WNA-1330 Notebook Adapter-->C:\Program Files\InstallShield Installation Information\{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}\setup.exe -runfromtemp -l0x0009 -removeonly
doPDF 7.1 printer-->"C:\APPL\doPDF 7\unins000.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
EZ-DepositSlip Serivce Pack 1-->"C:\Documents and Settings\All Users\Application Data\{8348123F-43F4-426A-892E-38B5CCBBBC45}\DepositSP.exe" REMOVE=TRUE MODIFY=FALSE
EZ-DepositSlip Serivce Pack 1-->C:\Documents and Settings\All Users\Application Data\{8348123F-43F4-426A-892E-38B5CCBBBC45}\DepositSP.exe
EZ-DepositSlip-->"C:\Documents and Settings\All Users\Application Data\{9449906A-32A2-4A76-BCEC-C0B1FF25C416}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB932716-v2)-->"C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB945060-v3)-->"C:\WINDOWS\$NtUninstallKB945060-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
HP Unload DLL Patch-->MsiExec.exe /X{595D0DE8-C38A-4432-B851-47DECC1A99BD}
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
IOGEAR Bluetooth Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
iRiver Manager-->C:\APPL\iriver\iRiverUninstall.exe
iRiver Updater-->C:\APPL\iriver\Updater\uninst.exe
Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
Java™ 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013F0}
Java™ 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
McAfee Virtual Technician-->MsiExec.exe /I{49FA793C-785E-47E9-93DF-BD442B0B45D1}
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Base Smart Card Cryptographic Service Provider Package-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OUTLOOKR /dll OSETUP.DLL
Microsoft Office Outlook 2007-->MsiExec.exe /X{91120000-001A-0000-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint 2003 Template Pack 3-->MsiExec.exe /I{90AD0409-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE}
Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE}
Microsoft Office XP Professional-->MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\Setup.exe" -l0x9 ControlPanel
Mozilla Firefox (3.6.12)-->C:\APPL\Firefox36_12\uninstall\helper.exe
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Musicnotes Player V1.23.2-->"C:\APPL\Program Files\Musicnotes\Player\unins000.exe"
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_eng_us.exe
Nokia PC Suite-->MsiExec.exe /I{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
PC Connectivity Solution-->MsiExec.exe /I{089DD780-DB3F-4CDB-A0C2-111360247298}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x9 -cluninstall
PowerNap-->MsiExec.exe /X{68259209-C71D-44C7-900E-20BC0F7E0BF1}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Roxio Activation Module-->MsiExec.exe /I{07159635-9DFE-4105-BFC0-2817DB540C68}
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ED8-B104-03393876DFDF}
Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1033" "0"
Security Update for Microsoft Office Outlook 2007 (KB2288953)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {8B772E1C-7C05-42D2-839D-3EC2D39EFF22}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1033" "0"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
Shepherd's Staff 7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C83FA60-F8F3-11D3-AD98-005004AAF7BE}\setup.exe"
Sibelius Scorch (Firefox, Opera, Netscape only)-->MsiExec.exe /I{10ABE49D-343A-463E-9753-C4C5A05ECEF9}
SigmaTel AC97 Audio Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7959721D-8268-4565-9E0E-C41A9F4848A9}\setup.exe" -l0x9 -nodialog -uninstall
softOSD Client-->C:\Program Files\softOSD\uninstall.exe -s
Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
SudoCue-->MsiExec.exe /I{4B83D37C-0B99-4E71-B6DB-95F41510BD89}
TBS WMP Plug-in-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{13515135-48BB-4184-8C1F-2FAE0138E200}
The Print Shop® 6.0 Deluxe-->C:\WINDOWS\UNINST.EXE -f"C:\APPL\PROGRA~1\PRINTS~1\THEPRI~1.0DE\DeIsL1.isu" -c"C:\APPL\PROGRA~1\PRINTS~1\THEPRI~1.0DE\psfinst.dll"
TimeLeft-->"C:\APPL\TimeLeft3\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1033" "0"
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft OneNote 2010 (KB2288640)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{521AB5E8-5FFF-45C8-B750-6967F8C0A2B9}" "1033" "0"
Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{E966C940-CC8C-4EC0-8D84-ED27AC20D53C}" "1033" "0"
Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}" "1033" "0"
Update for Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe"
Update for Outlook 2007 Junk Email Filter (KB2443839)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {E8CFA21A-2D44-446D-8324-ADFA3C9FCAD2}
Update for Windows Internet Explorer 8 (KB2362765)-->"C:\WINDOWS\ie8updates\KB2362765-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB973874)-->"C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB980302)-->"C:\WINDOWS\ie8updates\KB980302-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB982632)-->"C:\WINDOWS\ie8updates\KB982632-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB982664)-->"C:\WINDOWS\ie8updates\KB982664-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Update for Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
WebIQ Technology Engine-->MsiExec.exe /X{5FDFCCA0-59EC-4162-B0B8-632EEE3DF787}
Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
Windows Driver Package - Nokia Modem (06/09/2010 4.5)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_D745A35E775153D4241BCAFD53B508006B129D5F\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_303CF1FED5DA0A0063DA86B4F733C34AA8C8B2C1\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Management Framework Core-->"C:\WINDOWS\$968930Uinstall_KB968930$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows PowerShell™ 1.0 MUI pack-->"C:\WINDOWS\$NtUninstallKB926141$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip-->"C:\APPL\WinZip\WINZIP32.EXE" /uninstall

======Security center information======

AV: McAfee VirusScan
FW: McAfee Personal Firewall

======System event log======

Computer Name: D600-LAPTOP
Event Code: 4
Message: Broadcom 570x Gigabit Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.

Record Number: 99779
Source Name: b57w2k
Time Written: 20101101121243.000000-300
Event Type: warning
User:

Computer Name: D600-LAPTOP
Event Code: 7031
Message: The McAfee Real-time Scanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Record Number: 99761
Source Name: Service Control Manager
Time Written: 20101101095201.000000-300
Event Type: error
User:

Computer Name: D600-LAPTOP
Event Code: 4
Message: Broadcom 570x Gigabit Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.

Record Number: 99752
Source Name: b57w2k
Time Written: 20101101094939.000000-300
Event Type: warning
User:

Computer Name: D600-LAPTOP
Event Code: 4
Message: Broadcom 570x Gigabit Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.

Record Number: 99690
Source Name: b57w2k
Time Written: 20101031073028.000000-300
Event Type: warning
User:

Computer Name: D600-LAPTOP
Event Code: 20
Message: Printer Driver Amyuni Document Converter 400 for Windows NT x86 Version-3 was added or updated. Files:- acpdf400.dll, acpdfui400.dll, acfpdf.txt.

Record Number: 99550
Source Name: Print
Time Written: 20101028214350.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: D600-LAPTOP
Event Code: 36
Message: Outlook Search has encountered an error and is temporarily disabling indexing for store E:\Outlook\archive.pst (error=0x80040886).

Record Number: 44588
Source Name: Outlook
Time Written: 20100716172027.000000-300
Event Type: warning
User:

Computer Name: D600-LAPTOP
Event Code: 36
Message: Outlook Search has encountered an error and is temporarily disabling indexing for store E:\Outlook\archive.pst (error=0x80040886).

Record Number: 44585
Source Name: Outlook
Time Written: 20100716153737.000000-300
Event Type: warning
User:

Computer Name: D600-LAPTOP
Event Code: 3036
Message: The content source <mapi://{s-1-5-21-1935655697-764733703-839522115-1003}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
A server error occurred. Check that the server is available. (0x80041206)


Record Number: 44582
Source Name: Windows Search Service
Time Written: 20100716122138.000000-300
Event Type: warning
User:

Computer Name: D600-LAPTOP
Event Code: 36
Message: Outlook Search has encountered an error and is temporarily disabling indexing for store E:\Outlook\archive.pst (error=0x80040886).

Record Number: 44581
Source Name: Outlook
Time Written: 20100716121924.000000-300
Event Type: warning
User:

Computer Name: D600-LAPTOP
Event Code: 36
Message: Outlook Search has encountered an error and is temporarily disabling indexing for store E:\Outlook\archive.pst (error=0x80040886).

Record Number: 44577
Source Name: Outlook
Time Written: 20100716120057.000000-300
Event Type: warning
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\APPL\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 9 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0905
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Please advise as to actions or direction to pursue.

Edited by Orange Blossom, 30 November 2010 - 11:08 PM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Instructor
  • 33,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:02 AM

Posted 07 December 2010 - 08:23 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
[If I have helped you fix your PC then please donate. Thanks
jetian6yw.jpg
m0le is a proud member of UNITE

#3 Out_of_Control

Out_of_Control
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 08 December 2010 - 11:10 AM

I am here and eagerly awaiting your assistance! I am having problems almost consistently now.

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Instructor
  • 33,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:02 AM

Posted 08 December 2010 - 06:53 PM

This sounds like a nasty one. Please run MBRCheck

Please download MBRCheck to your desktop.

1. Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
2. It will open a black window, please do not fix anything (if it gives you an option).
3. Exit that window and it will produce a log (MBRCheck_date_time).
4. Please post that log when you reply.
[If I have helped you fix your PC then please donate. Thanks
jetian6yw.jpg
m0le is a proud member of UNITE

#5 Out_of_Control

Out_of_Control
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 08 December 2010 - 11:31 PM

The log from MBRcheck:
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 172):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EE000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF75A8000 ACPI.sys
0xF7989000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7597000 pci.sys
0xF75F7000 isapnp.sys
0xF789B000 compbatt.sys
0xF789F000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF798B000 intelide.sys
0xF74D9000 pcmcia.sys
0xF7607000 MountMgr.sys
0xF74BA000 ftdisk.sys
0xF770F000 PartMgr.sys
0xF7617000 VolSnap.sys
0xF74A2000 atapi.sys
0xF7717000 cercsr6.sys
0xF748A000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xF7627000 disk.sys
0xF7637000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF746A000 fltmgr.sys
0xF7458000 sr.sys
0xF798D000 DLACDBHM.SYS
0xF7441000 DRVMCDB.SYS
0xF7647000 PxHelp20.sys
0xF742A000 KSecDD.sys
0xF7413000 WudfPf.sys
0xF78A3000 ifp800.sys
0xF798F000 \WINDOWS\system32\drivers\USBD.SYS
0xF7B52000 Ntfs.sys
0xF786A000 NDIS.sys
0xF7850000 Mup.sys
0xF7657000 agp440.sys
0xBA760000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF793B000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xB9B04000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xB9AF0000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF77AF000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB9ACC000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF77B7000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB9AA1000 \SystemRoot\system32\DRIVERS\b57xp32.sys
0xB9A8A000 \SystemRoot\system32\DRIVERS\ozscr.sys
0xF7943000 \SystemRoot\system32\DRIVERS\SMCLIB.SYS
0xBA750000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB9A73000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0xF77BF000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF77C7000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA740000 \SystemRoot\system32\DRIVERS\serial.sys
0xF794B000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB9A5F000 \SystemRoot\system32\DRIVERS\parport.sys
0xBA730000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA720000 \SystemRoot\System32\Drivers\AFS2K.SYS
0xF77CF000 \SystemRoot\system32\drivers\pfc.sys
0xBA710000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7677000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB9A3C000 \SystemRoot\system32\DRIVERS\ks.sys
0xB99FB000 \SystemRoot\system32\drivers\STAC97.sys
0xB99D7000 \SystemRoot\system32\drivers\portcls.sys
0xB9DEC000 \SystemRoot\system32\drivers\drmk.sys
0xB99A4000 \SystemRoot\system32\DRIVERS\HSFHWICH.sys
0xB98A7000 \SystemRoot\system32\DRIVERS\HSF_DPV.SYS
0xB97FA000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF77D7000 \SystemRoot\System32\Drivers\Modem.SYS
0xB972D000 \SystemRoot\system32\DRIVERS\btkrnl.sys
0xB9DDC000 \SystemRoot\system32\DRIVERS\jswscimd.sys
0xF7A65000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF79B7000 \SystemRoot\System32\Drivers\RootMdm.sys
0xB9DCC000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA7F8000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB9716000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB9DBC000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB9DAC000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF77DF000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB9705000 \SystemRoot\system32\DRIVERS\psched.sys
0xB9D9C000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF77E7000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF77EF000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB96D5000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB9D8C000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF79BB000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB9677000 \SystemRoot\system32\DRIVERS\update.sys
0xBA7DC000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF77F7000 \SystemRoot\system32\DRIVERS\omci.sys
0xB9D7C000 \SystemRoot\system32\DRIVERS\wsimd.sys
0xB9600000 \SystemRoot\system32\drivers\btaudio.sys
0xB9D6C000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7697000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79C1000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7A91000 \SystemRoot\System32\Drivers\Null.SYS
0xF79C3000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7817000 \SystemRoot\System32\Drivers\DLARTL_M.SYS
0xF781F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF772F000 \SystemRoot\System32\drivers\vga.sys
0xF79C5000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79C7000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7737000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF773F000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB9EC1000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB7475000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB741C000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB73F5000 \SystemRoot\System32\Drivers\Mpfp.sys
0xF76C7000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0xB73CD000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB73AB000 \SystemRoot\System32\drivers\afd.sys
0xF76D7000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF7747000 \SystemRoot\System32\Drivers\se32.sys
0xB7380000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB72E8000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB72B5000 \SystemRoot\system32\drivers\mfehidk.sys
0xB728F000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF76E7000 \SystemRoot\System32\Drivers\Fips.SYS
0xF76F7000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF7547000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF775F000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB9673000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF7537000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7527000 \SystemRoot\System32\Drivers\btwusb.sys
0xF7767000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB966B000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB965F000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xF777F000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xF7787000 \SystemRoot\system32\DRIVERS\HPZius12.sys
0xF7517000 \SystemRoot\system32\DRIVERS\HPZid412.sys
0xB965B000 \SystemRoot\system32\DRIVERS\HPZipr12.sys
0xF778F000 \SystemRoot\system32\DRIVERS\btport.sys
0xB7271000 \SystemRoot\system32\DRIVERS\btwdndis.sys
0xF7507000 \SystemRoot\system32\DRIVERS\btwhid.sys
0xB7259000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79F7000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB7504000 \SystemRoot\System32\drivers\Dxapi.sys
0xF7797000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7A7D000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF054000 \SystemRoot\System32\ati2cqag.dll
0xBF08E000 \SystemRoot\System32\atikvmag.dll
0xBF0C4000 \SystemRoot\System32\ati3duag.dll
0xBF32B000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xF7557000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
0xF7A93000 \SystemRoot\System32\Drivers\DLADResM.SYS
0xB50B0000 \SystemRoot\System32\Drivers\DLAIFS_M.SYS
0xB74E0000 \SystemRoot\System32\Drivers\DLAOPIOM.SYS
0xB512D000 \SystemRoot\System32\Drivers\DLAPoolM.SYS
0xB74D8000 \SystemRoot\System32\Drivers\DLABMFSM.SYS
0xB74D0000 \SystemRoot\System32\Drivers\DLABOIOM.SYS
0xB5072000 \SystemRoot\System32\Drivers\DLAUDFAM.SYS
0xB505B000 \SystemRoot\System32\Drivers\DLAUDF_M.SYS
0xB503F000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xB503B000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xB4F8F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB4D0E000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF79B3000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB4E07000 \SystemRoot\System32\Drivers\Aspi32.SYS
0xF79B5000 \??\C:\WINDOWS\system32\Drivers\BASFND.sys
0xB74C8000 \??\C:\WINDOWS\system32\drivers\btserial.sys
0xB4E53000 \??\C:\WINDOWS\system32\Drivers\FADXP32.sys
0xB4B15000 \SystemRoot\System32\Drivers\HTTP.sys
0xB4A95000 \SystemRoot\system32\DRIVERS\srv.sys
0xB49A5000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xF7777000 \SystemRoot\system32\drivers\mfebopk.sys
0xB4533000 \SystemRoot\system32\drivers\mfeavfk.sys
0xB41D6000 \SystemRoot\system32\drivers\wdmaud.sys
0xB47D5000 \SystemRoot\system32\drivers\sysaudio.sys
0xB3815000 \SystemRoot\system32\drivers\mfesmfk.sys
0xB9667000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0xB33E8000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 74):
0 System Idle Process
4 System
968 C:\WINDOWS\system32\smss.exe
1096 csrss.exe
1128 C:\WINDOWS\system32\winlogon.exe
1472 C:\WINDOWS\system32\services.exe
1484 C:\WINDOWS\system32\lsass.exe
1684 C:\WINDOWS\system32\svchost.exe
1740 svchost.exe
1984 C:\WINDOWS\system32\svchost.exe
2028 C:\WINDOWS\system32\svchost.exe
264 C:\WINDOWS\system32\S24EvMon.exe
464 svchost.exe
512 svchost.exe
816 C:\WINDOWS\system32\spoolsv.exe
840 C:\WINDOWS\system32\rundll32.exe
872 scardsvr.exe
896 C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\acs.exe
628 svchost.exe
1080 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
1092 C:\WINDOWS\system32\BAsfIpM.exe
1104 svchost.exe
1168 C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
1232 C:\Program Files\Dell\PowerNap\PowerNap.Service.exe
1324 C:\Program Files\Java\jre6\bin\jqs.exe
1392 C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
1420 C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
120 C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
192 C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
380 C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
440 C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
572 C:\Program Files\McAfee\MPF\MpfSrv.exe
1000 C:\WINDOWS\system32\RegSrvc.exe
1928 C:\Program Files\softOSD\softOSD.exe
2744 C:\WINDOWS\system32\svchost.exe
2980 C:\WINDOWS\system32\MsPMSPSv.exe
3032 C:\WINDOWS\system32\searchindexer.exe
3104 C:\WINDOWS\system32\svchost.exe
4068 C:\Program Files\Canon\CAL\CALMAIN.exe
2224 C:\WINDOWS\system32\ZCfgSvc.exe
2552 alg.exe
2828 C:\WINDOWS\explorer.exe
2732 C:\WINDOWS\system32\rundll32.exe
3188 C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
3428 C:\WINDOWS\system32\1XConfig.exe
3980 C:\WINDOWS\system32\softLCP.exe
1792 C:\Program Files\Apoint\Apoint.exe
1272 C:\WINDOWS\system32\wbem\wmiapsrv.exe
656 C:\WINDOWS\system32\rundll32.exe
2228 C:\WINDOWS\system32\TaskSwitch.exe
2240 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
2472 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
2560 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
2780 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
3496 C:\Program Files\Apoint\ApntEx.exe
3552 C:\Documents and Settings\Ron\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
3584 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
3672 C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe
3524 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
2300 C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe
1196 C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
3780 C:\Program Files\Dell\PowerNap\PowerNap.exe
2464 C:\Program Files\Dell\PowerNap\PowerNapWatcher.exe
2672 C:\Program Files\Windows Desktop Search\WindowsSearch.exe
3624 C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\wirelesscm.exe
3864 C:\PROGRA~1\IOGEAR\BLUETO~1\BTSTAC~1.EXE
2572 C:\APPL\Program Files\Ding\Ding\Ding.exe
2148 C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
3180 C:\APPL\TimeLeft3\TimeLeft.exe
4088 C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
2204 OSPPSVC.EXE
2588 C:\WINDOWS\system32\searchprotocolhost.exe
3384 searchfilterhost.exe
4508 C:\Documents and Settings\Ron\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: FUJITSUMHV2060AH, Rev: 000000A0
PhysicalDrive1 Model Number: Maxtor2, Rev: 0344

Size Device Name MBR Status
--------------------------------------------
55 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: CEECB0630DEB98A912C967BD5561D0F2BFE7D8C6


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Instructor
  • 33,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:02 AM

Posted 11 December 2010 - 08:06 PM

Please run Combofix

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Comfix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
[If I have helped you fix your PC then please donate. Thanks
jetian6yw.jpg
m0le is a proud member of UNITE

#7 Out_of_Control

Out_of_Control
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 11 December 2010 - 10:54 PM

I experienced 2 problems in attempting to implement the actions you requested:
1) The instructions and dialog specify that the AntiVirus/Security system be stopped or inactive. In fact, your instructions reference McAfee and state that you right click on the McAfee icon and click on exit. There is no exit or termination for the AT&T McAfee security version. I set all protections to "Not protected" and the Comfix dialog still detects McAfee protection. I need help in resolving that.
2) Secondarily, when I continued (assuming that the McAfee protection was truly inactive per my settings), the dialog stated it was going to install the "Recovery Console" and then stated that the internet is needed and was not connected which is not true. Everything seems to say that if you do this wrong, you can harm your system and I am concerned that these warnings are indications my system is not working well with the comfix.exe script. Suggestions?

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Instructor
  • 33,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:02 AM

Posted 12 December 2010 - 05:17 AM

Combofix is a powerful tool and we don't encourage anyone to sue it without supervision. However, you are being asked to use it under supervision and with the support of both myself, countless malware team members, the BC staff and the developer of the tool itself. I know it might be a little scary but you are perfectly safe.

If Combofix is interfered with by an antivirus then the tool might not work correctly


Please uninstall McAfee

Do this from the Control Panel in Add/Remove Programs


Then run this uninstaller to clean up anything missed

Uninstall McAfee using this tool


Then go ahead and run Combofix. The first scan can be done with the recovery console, if you need to have it for a next run then we can download it and drag it into Combofix for it to be installed so don't worry.
[If I have helped you fix your PC then please donate. Thanks
jetian6yw.jpg
m0le is a proud member of UNITE

#9 Out_of_Control

Out_of_Control
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 12 December 2010 - 03:40 PM

I have good confidence you know what you are doing. The reason I am cautious is that this is the only computer I have and if the computer is significantly altered by these diagnostic processes, I would have no way to communicate with you as regards to recovery. I am not familiar with Console Recovery and would need your assistance in using the facility. Not a show stopper but certainly one that says I need to do "due diligence" in ensuring that I am not committing a gross error that would get us into an unrecoverable error.

Before I move forward (execute the steps you have asked me to complete), please answer this question for me. Given it is usually a couple of days before between my completed response and your suggested next step, is it appropriate for me to reinstall the AT&T McAfee security immediately after I complete the ComboFix run and posting of logs?

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Instructor
  • 33,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:02 AM

Posted 12 December 2010 - 03:49 PM

I understand your caution, it is a powerful program with large, serious warnings plastered over it.

I cannot guarantee that your PC won't suffer problems but the program itself is less likely to cause them than the malware. In some cases it can stop you rebooting. If this happens we have a number of emergency recovery options but if after running Combofix it does stop booting then the damage would eventually cause this issue whether we ran Combofix or not. I would like to stress that nothing I have seen so far would suggest that a non-booting PC would result from this run.

I will, of course, guide you through the recovery console if needed.

I would prefer you did not reinstall McAfee at this time. The main reason is that it is likely that the infection will immobilise it. It seems strange but not having an antivirus on board during the fix is preferable.
[If I have helped you fix your PC then please donate. Thanks
jetian6yw.jpg
m0le is a proud member of UNITE

#11 Out_of_Control

Out_of_Control
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 12 December 2010 - 06:53 PM

I removed the McAfee Security via the Control Panel Add/Remove Software function. I also ran the McAfee cleanup tool you referenced to in your last recommendation. That appeared to run successful and without error. However, running the Comfix.exe resulted in a blue dialog window that advised me that it was running and scanning for infected files. It also stated that it could take 10 minutes but could result in running twice that long. Nothing more appeared in the dialog window and with nothing happening after about 20 minutes, I attempted a cntrl-alt-delete to see if any process was actually running. No response but my cursor would still work. I left the system run for another 30 minutes. After the 30 minute wait, the cursor was froze as was the entire system. I forced a power down and rebooted. Any suggestions?

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Instructor
  • 33,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:02 AM

Posted 12 December 2010 - 07:11 PM

Yes, Combofix appears to be getting stopped from running.

Please run RKill first and then try Combofix again#

Download and Run RKill

Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • Please post the resulting log in your next reply.

Edited by m0le, 12 December 2010 - 07:24 PM.
Incorrect instructions posted

[If I have helped you fix your PC then please donate. Thanks
jetian6yw.jpg
m0le is a proud member of UNITE

#13 Out_of_Control

Out_of_Control
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 12 December 2010 - 08:50 PM

Rkill log follows:
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 12/12/2010 at 19:24:17.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:

C:\Documents and Settings\Ron\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe


Rkill completed on 12/12/2010 at 19:24:21.

Comfix.exe ran and stop as before. However, I did notice that my desktop clock disappeared right before the scan activity stopped. After about a minute the icon for Desktop Clock-7 also disappeared. Everything was then stopped and froze.

#14 m0le

m0le

    Can U Dig It?


  • Malware Response Instructor
  • 33,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:02 AM

Posted 12 December 2010 - 08:58 PM

Please run OTL, a scanner with removal ability. The first run will just scan your machine

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

[If I have helped you fix your PC then please donate. Thanks
jetian6yw.jpg
m0le is a proud member of UNITE

#15 Out_of_Control

Out_of_Control
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 12 December 2010 - 09:17 PM

OTL.Txt
OTL logfile created on: 12/12/2010 8:04:47 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ron\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 1000 2400 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 28.57 Gb Free Space | 51.12% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 57.44 Gb Free Space | 38.53% Space Free | Partition Type: NTFS

Computer Name: D600-LAPTOP | User Name: Ron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ron\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\APPL\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe ()
PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Documents and Settings\Ron\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Dell\PowerNap\PowerNapWatcher.exe (Imfinity Pte Ltd)
PRC - C:\Program Files\Dell\PowerNap\PowerNap.exe (Dell)
PRC - C:\Program Files\Dell\PowerNap\PowerNap.Service.exe ()
PRC - C:\Program Files\softOSD\softOSD.exe (EnTech Taiwan)
PRC - C:\WINDOWS\system32\softLCP.exe (EnTech Taiwan)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\wirelesscm.exe ( )
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\acs.exe (Atheros)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\APPL\Program Files\Ding\Ding\Ding.exe (Southwest Airlines)
PRC - C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\IOGEAR\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\system32\ZCfgSvc.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
PRC - C:\WINDOWS\system32\1XConfig.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\BAsfIpM.exe (Broadcom Corp.)
PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\TaskSwitch.exe ()


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Ron\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (PEVSystemStart) -- C:\ComFix\PEV.cfx File not found
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (dell_power_nap_service) -- C:\Program Files\Dell\PowerNap\PowerNap.Service.exe ()
SRV - (softOSD) -- C:\Program Files\softOSD\softOSD.exe (EnTech Taiwan)
SRV - (ACS) -- C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\acs.exe (Atheros)
SRV - (btwdins) -- C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (S24EventMonitor) -- C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) -- C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (NetSvc) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (BAsfIpM) -- C:\WINDOWS\system32\BAsfIpM.exe (Broadcom Corp.)


========== Driver Services (SafeList) ==========

DRV - (PCAMPR5) -- C:\WINDOWS\System32\PCAMPR5.SYS File not found
DRV - (MRESP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS File not found
DRV - (MREMP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS File not found
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (n558) -- C:\WINDOWS\system32\drivers\n558.sys ()
DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (JSWSCIMD) -- C:\WINDOWS\system32\drivers\jswscimd.sys (Atheros Communications, Inc.)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.)
DRV - (se32) -- C:\WINDOWS\system32\drivers\se32.sys (EnTech Taiwan)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (w70n51) Intel® -- C:\WINDOWS\system32\drivers\w70n51.sys (Intel® Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (OZSCR) -- C:\WINDOWS\system32\drivers\ozscr.sys (O2Micro)
DRV - (O2SCBUS) -- C:\WINDOWS\system32\drivers\ozscr.sys (O2Micro)
DRV - (MRENDIS5) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
DRV - (MREMPR5) -- C:\Program Files\Common Files\Motive\MREMPR5.sys (Motive, Inc.)
DRV - (STAC97) Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.)
DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (IFP800) -- C:\WINDOWS\system32\drivers\ifp800.sys (iRiver, Inc.)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (BASFND) -- C:\WINDOWS\system32\drivers\BASFND.sys (Broadcom Corporation)
DRV - (FAD) -- C:\WINDOWS\system32\drivers\FADXP32.sys (Broadcom Corporation)
DRV - (OMCI) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)
DRV - (NAL) -- C:\WINDOWS\system32\drivers\iqvw32.sys (Intel Corporation )
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.cnn.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13
FF - prefs.js..extensions.enabledItems: {6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}:1.8.67
FF - prefs.js..extensions.enabledItems: {81514210-E22A-4e69-93D5-E1EFD45B4620}:0.3.10.01.23
FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.67


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/25 09:46:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/07/06 12:23:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/05/29 07:08:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\APPL\Firefox36_12\components [2010/12/12 07:46:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\APPL\Firefox36_12\plugins [2010/12/12 07:46:53 | 000,000,000 | ---D | M]

[2008/06/20 14:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Mozilla\Extensions
[2008/06/20 14:33:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/12/12 17:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions
[2009/06/22 17:39:34 | 000,000,000 | ---D | M] (Clear Private Data... +) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{0dd39226-2650-404d-a43d-ffd906b35a9e}
[2010/05/11 09:10:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/27 21:17:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
[2010/11/27 21:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}
[2010/01/28 14:48:53 | 000,000,000 | ---D | M] (Past Modern) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{81514210-E22A-4e69-93D5-E1EFD45B4620}

O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\APPL\Adobe9\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe (Intel® Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\APPL\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe (Intel Corporation)
O4 - HKCU..\Run: [Desktop Clock-7] C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe ()
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [SansaDispatch] C:\Documents and Settings\Ron\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PowerNap.lnk = C:\WINDOWS\Installer\{68259209-C71D-44C7-900E-20BC0F7E0BF1}\_A45711B63B8E1DD683E50A.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PowerNapWatcher.lnk = C:\WINDOWS\Installer\{68259209-C71D-44C7-900E-20BC0F7E0BF1}\_8C3690E649AC58E83BCA00.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk = C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\wirelesscm.exe ( )
O4 - Startup: C:\Documents and Settings\Ron\Start Menu\Programs\Startup\Desktop Clock-7.lnk = C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe ()
O4 - Startup: C:\Documents and Settings\Ron\Start Menu\Programs\Startup\DING!.lnk = C:\APPL\Program Files\Ding\Ding\Ding.exe (Southwest Airlines)
O4 - Startup: C:\Documents and Settings\Ron\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Ron\Start Menu\Programs\Startup\TimeLeft.lnk = C:\APPL\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([oas.support] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([oas.support] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([support] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([support] https in Trusted sites)
O15 - HKCU\..Trusted Domains: motive.com ([pattta.att] https in Trusted sites)
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229803568608 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229803526407 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Sebring: DllName - C:\WINDOWS\system32\LgNotify.dll - C:\WINDOWS\system32\LgNotify.dll (Intel Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ron\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ron\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/09 18:45:17 | 000,000,609 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O32 - AutoRun File - [2007/10/11 14:46:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c0aa7c22-a0fb-11df-850b-000f1fa4478a}\Shell - "" = AutoRun
O33 - MountPoints2\{c0aa7c22-a0fb-11df-850b-000f1fa4478a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c0aa7c22-a0fb-11df-850b-000f1fa4478a}\Shell\AutoRun\command - "" = G:\WIN\setup.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\WIN\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/12 20:01:26 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ron\Desktop\OTL.exe
[2010/12/12 19:25:21 | 000,000,000 | --SD | C] -- C:\ComFix
[2010/12/12 16:28:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/12/01 09:51:50 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/01 09:51:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/01 09:51:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/01 09:11:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ron\Recent
[2010/11/30 16:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/11/30 16:33:43 | 000,000,000 | ---D | C] -- C:\rsit
[2010/11/24 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/11/20 14:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/11/19 11:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/11/17 15:37:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/11/17 15:37:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/11/17 15:37:19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/11/17 15:37:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/11/17 15:37:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/11/17 15:34:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/16 15:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ron\Application Data\Malwarebytes
[2010/11/16 15:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/11/15 19:18:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Ron\Local Settings\Application Data\.#
[2007/10/18 14:32:17 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[2004/03/01 14:58:18 | 000,561,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\dao360.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/12 20:03:40 | 000,271,360 | ---- | M] () -- C:\Documents and Settings\Ron\My Documents\archive.pst
[2010/12/12 20:01:58 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2010.lnk
[2010/12/12 20:01:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ron\Desktop\OTL.exe
[2010/12/12 19:59:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/12 19:56:31 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Ron\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2010/12/12 19:56:17 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\OneNote 2010.lnk
[2010/12/12 19:52:31 | 000,002,477 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Excel 2010.lnk
[2010/12/12 19:43:34 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{07984967-8829-49BB-B4B8-C412C5B4DB1A}.job
[2010/12/12 19:42:07 | 000,002,351 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PowerNapWatcher.lnk
[2010/12/12 19:42:04 | 000,002,327 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PowerNap.lnk
[2010/12/12 19:41:55 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/12 19:41:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/12 19:41:49 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/12 19:41:47 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-764733703-839522115-1003.job
[2010/12/12 19:39:21 | 000,000,296 | -HS- | M] () -- C:\WINDOWS\tasks\ZAQWFCGZ.job
[2010/12/12 19:39:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/12 19:23:20 | 000,660,752 | ---- | M] () -- C:\Documents and Settings\Ron\Desktop\rkill.scr
[2010/12/12 16:28:38 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2010/12/12 16:24:04 | 003,988,679 | R--- | M] () -- C:\Documents and Settings\Ron\Desktop\ComFix.exe
[2010/12/12 16:03:41 | 001,373,616 | ---- | M] () -- C:\Documents and Settings\Ron\Desktop\MCPR.exe
[2010/12/12 14:21:01 | 000,002,475 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Access.lnk
[2010/12/12 14:03:34 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Calendar Print.lnk
[2010/12/09 21:03:00 | 000,000,248 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2010/12/09 16:15:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/09 11:37:01 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-764733703-839522115-1003.job
[2010/12/08 22:24:16 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Ron\Desktop\MBRCheck.exe
[2010/12/06 13:41:11 | 000,527,072 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/06 13:41:11 | 000,096,380 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/02 12:45:10 | 000,000,041 | ---- | M] () -- C:\WINDOWS\crw.ini
[2010/12/01 09:50:01 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\Java Check.job
[2010/11/30 14:04:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ron\defogger_reenable
[2010/11/30 14:03:33 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Ron\Desktop\Defogger.exe
[2010/11/24 20:21:36 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/20 15:42:04 | 000,000,245 | ---- | M] () -- C:\Boot.bak
[2010/11/19 08:45:50 | 000,001,568 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/14 14:20:03 | 000,082,432 | ---- | M] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/13 14:41:42 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/13 14:41:41 | 000,001,474 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/12 19:23:19 | 000,660,752 | ---- | C] () -- C:\Documents and Settings\Ron\Desktop\rkill.scr
[2010/12/12 16:28:38 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2010/12/12 16:28:35 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/12/12 16:03:47 | 001,373,616 | ---- | C] () -- C:\Documents and Settings\Ron\Desktop\MCPR.exe
[2010/12/11 21:21:37 | 003,988,679 | R--- | C] () -- C:\Documents and Settings\Ron\Desktop\ComFix.exe
[2010/12/08 22:23:44 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Ron\Desktop\MBRCheck.exe
[2010/11/30 14:04:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ron\defogger_reenable
[2010/11/30 14:03:33 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Ron\Desktop\Defogger.exe
[2010/11/19 08:45:50 | 000,001,568 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/17 15:37:19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/11/17 15:37:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/11/17 15:37:19 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/11/17 15:37:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/11/17 15:37:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/11/12 05:48:53 | 000,105,984 | RHS- | C] () -- C:\WINDOWS\System32\rsvpm.dll
[2010/08/13 19:24:47 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI
[2010/08/13 10:44:50 | 004,103,104 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/28 17:30:18 | 000,000,023 | ---- | C] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\kodakpcd.ini
[2010/06/01 20:00:12 | 000,000,160 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/09/12 12:15:21 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\FASTWiz.log
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/11 14:02:03 | 000,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/09/18 20:05:12 | 000,000,208 | ---- | C] () -- C:\WINDOWS\HpBestModeUpdatePatchLog.ini
[2008/09/18 16:39:50 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008/07/10 18:00:02 | 000,000,678 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/06/27 14:03:50 | 000,027,208 | ---- | C] () -- C:\Documents and Settings\Ron\Application Data\Personal Address Book.ADR
[2008/06/23 19:19:45 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2008/06/23 19:19:45 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2008/01/24 17:08:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\Inst2891.dll
[2007/11/23 10:57:44 | 000,000,003 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2007/11/16 13:15:32 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/22 16:09:58 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/10/18 14:42:39 | 000,000,041 | ---- | C] () -- C:\WINDOWS\crw.ini
[2007/10/18 14:32:18 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[2007/10/18 14:32:18 | 000,054,272 | ---- | C] () -- C:\WINDOWS\System32\P2irdao.dll
[2007/10/18 14:32:18 | 000,050,176 | ---- | C] () -- C:\WINDOWS\System32\P2ctdao.dll
[2007/10/18 14:32:18 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\P2bbnd.dll
[2007/10/18 14:31:48 | 000,000,801 | ---- | C] () -- C:\WINDOWS\staff32.ini
[2007/10/13 17:29:46 | 000,005,804 | ---- | C] () -- C:\Documents and Settings\Ron\Application Data\HPCOM_48BitScanUpdate.log
[2007/10/13 17:29:46 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/10/13 08:08:06 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/10/11 19:51:34 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\fusioncache.dat
[2007/10/11 19:31:30 | 000,023,795 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/10/11 16:19:00 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/11 09:34:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/15 06:27:18 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\n558.sys
[2007/04/13 12:36:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\softcoin.dll
[2007/04/13 12:36:00 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\gencoin.dll
[2006/04/12 09:23:54 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/07/05 00:37:14 | 000,045,124 | ---- | C] () -- C:\WINDOWS\System32\LsaWrApi.dll
[2005/07/05 00:29:16 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\ShellNav.dll
[2005/07/05 00:27:42 | 000,532,549 | ---- | C] () -- C:\WINDOWS\System32\C1XStngs.dll
[2005/07/05 00:26:40 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\D8021Xps.dll
[2005/01/13 02:00:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/01/13 02:00:10 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/09/24 06:59:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll

========== LOP Check ==========

[2010/10/15 11:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2009/09/12 17:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2007/10/13 10:02:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/12/09 14:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPH Shepherds Staff
[2010/07/06 12:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/12/09 15:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2008/09/16 17:29:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/11/29 15:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2007/10/13 07:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/07/10 18:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2009/08/14 18:34:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8348123F-43F4-426A-892E-38B5CCBBBC45}
[2009/07/12 20:08:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{9449906A-32A2-4A76-BCEC-C0B1FF25C416}
[2007/10/11 21:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Axaware
[2010/04/19 05:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Dropbox
[2007/12/22 17:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\ICAClient
[2008/11/18 20:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\LG Electronics
[2008/09/16 17:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\NCH Swift Sound
[2010/03/12 19:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\NesterSoft
[2010/01/27 16:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Nokia
[2007/10/29 16:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\OfficeUpdate12
[2009/07/25 18:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\OpenOffice.org
[2009/12/30 17:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\PC Suite
[2010/11/23 20:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Sammsoft
[2009/10/29 17:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\SanDisk
[2010/06/26 12:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Skinux
[2010/12/12 08:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\SmartDraw
[2010/02/25 09:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Softland
[2009/12/10 09:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Southwest Airlines
[2007/12/04 15:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\SudoCue
[2007/12/03 20:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Sudoku
[2008/08/11 20:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Uniblue
[2008/07/26 14:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Windows Desktop Search
[2008/07/26 14:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Windows Search
[2010/12/01 09:50:01 | 000,000,326 | ---- | M] () -- C:\WINDOWS\Tasks\Java Check.job
[2010/12/09 21:03:00 | 000,000,248 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2008/08/11 20:03:52 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
[2010/12/12 19:43:34 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{07984967-8829-49BB-B4B8-C412C5B4DB1A}.job
[2010/12/12 19:39:21 | 000,000,296 | -HS- | M] () -- C:\WINDOWS\Tasks\ZAQWFCGZ.job

========== Purity Check ==========



< End of report >

Extras.Txt
OTL logfile created on: 12/12/2010 8:04:47 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ron\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 1000 2400 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 28.57 Gb Free Space | 51.12% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 57.44 Gb Free Space | 38.53% Space Free | Partition Type: NTFS

Computer Name: D600-LAPTOP | User Name: Ron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ron\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\APPL\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe ()
PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Documents and Settings\Ron\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Dell\PowerNap\PowerNapWatcher.exe (Imfinity Pte Ltd)
PRC - C:\Program Files\Dell\PowerNap\PowerNap.exe (Dell)
PRC - C:\Program Files\Dell\PowerNap\PowerNap.Service.exe ()
PRC - C:\Program Files\softOSD\softOSD.exe (EnTech Taiwan)
PRC - C:\WINDOWS\system32\softLCP.exe (EnTech Taiwan)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\wirelesscm.exe ( )
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\acs.exe (Atheros)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\APPL\Program Files\Ding\Ding\Ding.exe (Southwest Airlines)
PRC - C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\IOGEAR\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\system32\ZCfgSvc.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
PRC - C:\WINDOWS\system32\1XConfig.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\BAsfIpM.exe (Broadcom Corp.)
PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\TaskSwitch.exe ()


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Ron\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (PEVSystemStart) -- C:\ComFix\PEV.cfx File not found
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (dell_power_nap_service) -- C:\Program Files\Dell\PowerNap\PowerNap.Service.exe ()
SRV - (softOSD) -- C:\Program Files\softOSD\softOSD.exe (EnTech Taiwan)
SRV - (ACS) -- C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\acs.exe (Atheros)
SRV - (btwdins) -- C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (S24EventMonitor) -- C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) -- C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (NetSvc) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (BAsfIpM) -- C:\WINDOWS\system32\BAsfIpM.exe (Broadcom Corp.)


========== Driver Services (SafeList) ==========

DRV - (PCAMPR5) -- C:\WINDOWS\System32\PCAMPR5.SYS File not found
DRV - (MRESP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS File not found
DRV - (MREMP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS File not found
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (n558) -- C:\WINDOWS\system32\drivers\n558.sys ()
DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (JSWSCIMD) -- C:\WINDOWS\system32\drivers\jswscimd.sys (Atheros Communications, Inc.)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.)
DRV - (se32) -- C:\WINDOWS\system32\drivers\se32.sys (EnTech Taiwan)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (w70n51) Intel® -- C:\WINDOWS\system32\drivers\w70n51.sys (Intel® Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (OZSCR) -- C:\WINDOWS\system32\drivers\ozscr.sys (O2Micro)
DRV - (O2SCBUS) -- C:\WINDOWS\system32\drivers\ozscr.sys (O2Micro)
DRV - (MRENDIS5) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
DRV - (MREMPR5) -- C:\Program Files\Common Files\Motive\MREMPR5.sys (Motive, Inc.)
DRV - (STAC97) Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.)
DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (IFP800) -- C:\WINDOWS\system32\drivers\ifp800.sys (iRiver, Inc.)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (BASFND) -- C:\WINDOWS\system32\drivers\BASFND.sys (Broadcom Corporation)
DRV - (FAD) -- C:\WINDOWS\system32\drivers\FADXP32.sys (Broadcom Corporation)
DRV - (OMCI) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)
DRV - (NAL) -- C:\WINDOWS\system32\drivers\iqvw32.sys (Intel Corporation )
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.cnn.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13
FF - prefs.js..extensions.enabledItems: {6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}:1.8.67
FF - prefs.js..extensions.enabledItems: {81514210-E22A-4e69-93D5-E1EFD45B4620}:0.3.10.01.23
FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.67


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/25 09:46:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/07/06 12:23:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/05/29 07:08:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\APPL\Firefox36_12\components [2010/12/12 07:46:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\APPL\Firefox36_12\plugins [2010/12/12 07:46:53 | 000,000,000 | ---D | M]

[2008/06/20 14:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Mozilla\Extensions
[2008/06/20 14:33:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/12/12 17:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions
[2009/06/22 17:39:34 | 000,000,000 | ---D | M] (Clear Private Data... +) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{0dd39226-2650-404d-a43d-ffd906b35a9e}
[2010/05/11 09:10:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/27 21:17:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
[2010/11/27 21:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}
[2010/01/28 14:48:53 | 000,000,000 | ---D | M] (Past Modern) -- C:\Documents and Settings\Ron\Application Data\Mozilla\Firefox\Profiles\e0nrykx4.default\extensions\{81514210-E22A-4e69-93D5-E1EFD45B4620}

O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\APPL\Adobe9\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [HP Component Manager] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe (Intel® Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\APPL\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe (Intel Corporation)
O4 - HKCU..\Run: [Desktop Clock-7] C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe ()
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [SansaDispatch] C:\Documents and Settings\Ron\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PowerNap.lnk = C:\WINDOWS\Installer\{68259209-C71D-44C7-900E-20BC0F7E0BF1}\_A45711B63B8E1DD683E50A.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PowerNapWatcher.lnk = C:\WINDOWS\Installer\{68259209-C71D-44C7-900E-20BC0F7E0BF1}\_8C3690E649AC58E83BCA00.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk = C:\Program Files\D-Link\D-Link WNA-1330 Notebook Adapter\wirelesscm.exe ( )
O4 - Startup: C:\Documents and Settings\Ron\Start Menu\Programs\Startup\Desktop Clock-7.lnk = C:\APPL\Clock\Desktop Clock-7\Desktop Clock-7.exe ()
O4 - Startup: C:\Documents and Settings\Ron\Start Menu\Programs\Startup\DING!.lnk = C:\APPL\Program Files\Ding\Ding\Ding.exe (Southwest Airlines)
O4 - Startup: C:\Documents and Settings\Ron\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Ron\Start Menu\Programs\Startup\TimeLeft.lnk = C:\APPL\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([oas.support] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([oas.support] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([support] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([support] https in Trusted sites)
O15 - HKCU\..Trusted Domains: motive.com ([pattta.att] https in Trusted sites)
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229803568608 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229803526407 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Sebring: DllName - C:\WINDOWS\system32\LgNotify.dll - C:\WINDOWS\system32\LgNotify.dll (Intel Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ron\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ron\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/09 18:45:17 | 000,000,609 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O32 - AutoRun File - [2007/10/11 14:46:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c0aa7c22-a0fb-11df-850b-000f1fa4478a}\Shell - "" = AutoRun
O33 - MountPoints2\{c0aa7c22-a0fb-11df-850b-000f1fa4478a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c0aa7c22-a0fb-11df-850b-000f1fa4478a}\Shell\AutoRun\command - "" = G:\WIN\setup.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\WIN\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/12 20:01:26 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ron\Desktop\OTL.exe
[2010/12/12 19:25:21 | 000,000,000 | --SD | C] -- C:\ComFix
[2010/12/12 16:28:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/12/01 09:51:50 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/01 09:51:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/01 09:51:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/12/01 09:11:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ron\Recent
[2010/11/30 16:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/11/30 16:33:43 | 000,000,000 | ---D | C] -- C:\rsit
[2010/11/24 20:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/11/20 14:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/11/19 11:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/11/17 15:37:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/11/17 15:37:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/11/17 15:37:19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/11/17 15:37:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/11/17 15:37:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/11/17 15:34:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/16 15:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ron\Application Data\Malwarebytes
[2010/11/16 15:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/11/15 19:18:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Ron\Local Settings\Application Data\.#
[2007/10/18 14:32:17 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[2004/03/01 14:58:18 | 000,561,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\dao360.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/12 20:03:40 | 000,271,360 | ---- | M] () -- C:\Documents and Settings\Ron\My Documents\archive.pst
[2010/12/12 20:01:58 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Word 2010.lnk
[2010/12/12 20:01:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ron\Desktop\OTL.exe
[2010/12/12 19:59:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/12 19:56:31 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Ron\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2010/12/12 19:56:17 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\OneNote 2010.lnk
[2010/12/12 19:52:31 | 000,002,477 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Excel 2010.lnk
[2010/12/12 19:43:34 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{07984967-8829-49BB-B4B8-C412C5B4DB1A}.job
[2010/12/12 19:42:07 | 000,002,351 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PowerNapWatcher.lnk
[2010/12/12 19:42:04 | 000,002,327 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PowerNap.lnk
[2010/12/12 19:41:55 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/12/12 19:41:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/12 19:41:49 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/12 19:41:47 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-764733703-839522115-1003.job
[2010/12/12 19:39:21 | 000,000,296 | -HS- | M] () -- C:\WINDOWS\tasks\ZAQWFCGZ.job
[2010/12/12 19:39:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/12 19:23:20 | 000,660,752 | ---- | M] () -- C:\Documents and Settings\Ron\Desktop\rkill.scr
[2010/12/12 16:28:38 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2010/12/12 16:24:04 | 003,988,679 | R--- | M] () -- C:\Documents and Settings\Ron\Desktop\ComFix.exe
[2010/12/12 16:03:41 | 001,373,616 | ---- | M] () -- C:\Documents and Settings\Ron\Desktop\MCPR.exe
[2010/12/12 14:21:01 | 000,002,475 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Access.lnk
[2010/12/12 14:03:34 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Calendar Print.lnk
[2010/12/09 21:03:00 | 000,000,248 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2010/12/09 16:15:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/09 11:37:01 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-764733703-839522115-1003.job
[2010/12/08 22:24:16 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Ron\Desktop\MBRCheck.exe
[2010/12/06 13:41:11 | 000,527,072 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/06 13:41:11 | 000,096,380 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/02 12:45:10 | 000,000,041 | ---- | M] () -- C:\WINDOWS\crw.ini
[2010/12/01 09:50:01 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\Java Check.job
[2010/11/30 14:04:48 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ron\defogger_reenable
[2010/11/30 14:03:33 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Ron\Desktop\Defogger.exe
[2010/11/24 20:21:36 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/20 15:42:04 | 000,000,245 | ---- | M] () -- C:\Boot.bak
[2010/11/19 08:45:50 | 000,001,568 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/14 14:20:03 | 000,082,432 | ---- | M] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/13 14:41:42 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\Ron\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/13 14:41:41 | 000,001,474 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/12 19:23:19 | 000,660,752 | ---- | C] () -- C:\Documents and Settings\Ron\Desktop\rkill.scr
[2010/12/12 16:28:38 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2010/12/12 16:28:35 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/12/12 16:03:47 | 001,373,616 | ---- | C] () -- C:\Documents and Settings\Ron\Desktop\MCPR.exe
[2010/12/11 21:21:37 | 003,988,679 | R--- | C] () -- C:\Documents and Settings\Ron\Desktop\ComFix.exe
[2010/12/08 22:23:44 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Ron\Desktop\MBRCheck.exe
[2010/11/30 14:04:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ron\defogger_reenable
[2010/11/30 14:03:33 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Ron\Desktop\Defogger.exe
[2010/11/19 08:45:50 | 000,001,568 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/17 15:37:19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/11/17 15:37:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/11/17 15:37:19 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/11/17 15:37:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/11/17 15:37:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/11/12 05:48:53 | 000,105,984 | RHS- | C] () -- C:\WINDOWS\System32\rsvpm.dll
[2010/08/13 19:24:47 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A6W.INI
[2010/08/13 10:44:50 | 004,103,104 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/28 17:30:18 | 000,000,023 | ---- | C] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\kodakpcd.ini
[2010/06/01 20:00:12 | 000,000,160 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/09/12 12:15:21 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\FASTWiz.log
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/11 14:02:03 | 000,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/09/18 20:05:12 | 000,000,208 | ---- | C] () -- C:\WINDOWS\HpBestModeUpdatePatchLog.ini
[2008/09/18 16:39:50 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008/07/10 18:00:02 | 000,000,678 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/06/27 14:03:50 | 000,027,208 | ---- | C] () -- C:\Documents and Settings\Ron\Application Data\Personal Address Book.ADR
[2008/06/23 19:19:45 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2008/06/23 19:19:45 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2008/01/24 17:08:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\Inst2891.dll
[2007/11/23 10:57:44 | 000,000,003 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2007/11/16 13:15:32 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/22 16:09:58 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/10/18 14:42:39 | 000,000,041 | ---- | C] () -- C:\WINDOWS\crw.ini
[2007/10/18 14:32:18 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[2007/10/18 14:32:18 | 000,054,272 | ---- | C] () -- C:\WINDOWS\System32\P2irdao.dll
[2007/10/18 14:32:18 | 000,050,176 | ---- | C] () -- C:\WINDOWS\System32\P2ctdao.dll
[2007/10/18 14:32:18 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\P2bbnd.dll
[2007/10/18 14:31:48 | 000,000,801 | ---- | C] () -- C:\WINDOWS\staff32.ini
[2007/10/13 17:29:46 | 000,005,804 | ---- | C] () -- C:\Documents and Settings\Ron\Application Data\HPCOM_48BitScanUpdate.log
[2007/10/13 17:29:46 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/10/13 08:08:06 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/10/11 19:51:34 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Ron\Local Settings\Application Data\fusioncache.dat
[2007/10/11 19:31:30 | 000,023,795 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/10/11 16:19:00 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/11 09:34:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/15 06:27:18 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\n558.sys
[2007/04/13 12:36:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\softcoin.dll
[2007/04/13 12:36:00 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\gencoin.dll
[2006/04/12 09:23:54 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/07/05 00:37:14 | 000,045,124 | ---- | C] () -- C:\WINDOWS\System32\LsaWrApi.dll
[2005/07/05 00:29:16 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\ShellNav.dll
[2005/07/05 00:27:42 | 000,532,549 | ---- | C] () -- C:\WINDOWS\System32\C1XStngs.dll
[2005/07/05 00:26:40 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\D8021Xps.dll
[2005/01/13 02:00:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/01/13 02:00:10 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/09/24 06:59:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll

========== LOP Check ==========

[2010/10/15 11:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2009/09/12 17:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2007/10/13 10:02:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/12/09 14:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPH Shepherds Staff
[2010/07/06 12:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/12/09 15:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2008/09/16 17:29:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/11/29 15:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2007/10/13 07:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/07/10 18:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2009/08/14 18:34:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8348123F-43F4-426A-892E-38B5CCBBBC45}
[2009/07/12 20:08:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{9449906A-32A2-4A76-BCEC-C0B1FF25C416}
[2007/10/11 21:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Axaware
[2010/04/19 05:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Dropbox
[2007/12/22 17:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\ICAClient
[2008/11/18 20:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\LG Electronics
[2008/09/16 17:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\NCH Swift Sound
[2010/03/12 19:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\NesterSoft
[2010/01/27 16:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Nokia
[2007/10/29 16:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\OfficeUpdate12
[2009/07/25 18:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\OpenOffice.org
[2009/12/30 17:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\PC Suite
[2010/11/23 20:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Sammsoft
[2009/10/29 17:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\SanDisk
[2010/06/26 12:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Skinux
[2010/12/12 08:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\SmartDraw
[2010/02/25 09:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Softland
[2009/12/10 09:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Southwest Airlines
[2007/12/04 15:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\SudoCue
[2007/12/03 20:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Sudoku
[2008/08/11 20:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Uniblue
[2008/07/26 14:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Windows Desktop Search
[2008/07/26 14:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ron\Application Data\Windows Search
[2010/12/01 09:50:01 | 000,000,326 | ---- | M] () -- C:\WINDOWS\Tasks\Java Check.job
[2010/12/09 21:03:00 | 000,000,248 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2008/08/11 20:03:52 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
[2010/12/12 19:43:34 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{07984967-8829-49BB-B4B8-C412C5B4DB1A}.job
[2010/12/12 19:39:21 | 000,000,296 | -HS- | M] () -- C:\WINDOWS\Tasks\ZAQWFCGZ.job

========== Purity Check ==========



< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users