AMalwarebytes' Anti-Malware 1.41
Database version: 2968
Windows 5.1.2600 Service Pack 3 (Safe Mode)
10/15/2009 6:17:55 PM
mbam-log-2009-10-15 (18-17-55).txt
Scan type: Quick Scan
Objects scanned: 144863
Time elapsed: 14 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 8
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 1
Files Infected: 33
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\__c00A3409.dat (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> Delete on reboot.
C:\Documents and Settings\Troy D Mobley\Local Settings\Temp\7.tmp (Trojan.Dropper) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05c30402-666d-497d-890f-6717607004e7} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{05c30402-666d-497d-890f-6717607004e7} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00a3409 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ace4902b684 (Trojan.Tracur) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f4b226.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: c:\windows\system32\cryptnet32.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: system32\cryptnet32.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\WINDOWS\system32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\fontsub32.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\__c00A3409.dat (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> Delete on reboot.
C:\Documents and Settings\Troy D Mobley\Local Settings\Temp\7.tmp (Trojan.Dropper) -> Delete on reboot.
C:\Documents and Settings\Troy D Mobley\Local Settings\Temp\_A00F4B226.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\apdhrjyj.kak (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kbedwpaa.mgo (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qiiwbadq.mox (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qthcdbll.gxs (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Troy D Mobley\Local Settings\Temp\1.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Troy D Mobley\Local Settings\Temp\2.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Troy D Mobley\Local Settings\Temp\4.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Troy D Mobley\Local Settings\Temp\afqlwcvs.oqy (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Troy D Mobley\Local Settings\Temp\_A00F2AAEC.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Troy D Mobley\Local Settings\Temp\_A00F32934.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\306.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\313.crack.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\313.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\314.keygen.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\314.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\315.serial.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\315.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\316.setup.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\316.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\317.music.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\317.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\318.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\318.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\319.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\319.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\320.music4.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LocalService\320.music4.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
OTL logfile created on: 10/15/2009 6:43:32 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Troy D Mobley\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.21 Mb Total Physical Memory | 710.94 Mb Available Physical Memory | 69.48% Memory free
2.86 Gb Paging File | 2.71 Gb Available in Paging File | 94.91% Paging File free
Paging file location(s): C:\pagefile.sys 2000 4000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.49 Gb Total Space | 41.68 Gb Free Space | 55.95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: XPSLAPTOP
Current User Name: Troy D Mobley
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/10/15 18:40:34 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Troy D Mobley\Desktop\OTL.exe
PRC - [2009/08/24 16:15:03 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
========== Win32 Services (SafeList) ==========
SRV - File not found -- -- (Ldafpero [On_Demand | Stopped])
SRV - [2009/09/23 16:37:30 | 00,051,168 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [On_Demand | Stopped])
SRV - [2009/08/22 03:21:19 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe -- (Norton Internet Security [Auto | Stopped])
SRV - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Stopped])
SRV - [2009/02/12 22:32:03 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9741bb9a14424 [Auto | Stopped])
SRV - [2009/01/06 14:06:24 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2008/11/10 13:23:50 | 05,117,568 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc [Auto | Stopped])
SRV - [2008/11/10 13:23:42 | 00,243,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc [On_Demand | Stopped])
SRV - [2008/11/10 13:23:38 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ZuneBusEnum.exe -- (ZuneBusEnum [Auto | Stopped])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Stopped])
SRV - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/07/13 17:51:25 | 01,174,152 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Auto | Stopped])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Stopped])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Stopped])
SRV - [2006/06/29 13:12:34 | 00,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe -- (NICCONFIGSVC [Auto | Stopped])
SRV - [2005/12/19 10:08:30 | 00,018,944 | ---- | M] () -- C:\WINDOWS\System32\wltrysvc.exe -- (WLTRYSVC [Disabled | Stopped])
SRV - [2005/12/07 14:07:38 | 00,072,704 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\Fuse\Service\Intuit Fuse Service.exe -- (Intuit Fuse Service [On_Demand | Stopped])
SRV - [2005/12/05 19:18:25 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2005/12/02 16:51:14 | 00,069,632 | ---- | M] (Macromedia) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service [On_Demand | Stopped])
SRV - [2005/10/28 08:41:52 | 00,491,520 | ---- | M] ( ) -- C:\WINDOWS\System32\dlcdcoms.exe -- (dlcd_device [Disabled | Stopped])
SRV - [2005/09/09 18:06:43 | 00,061,440 | ---- | M] (Macromedia Inc.) -- C:\CFusionMX7\runtime\bin\jrunsvc.exe -- (ColdFusion MX 7 Application Server [Auto | Stopped])
SRV - [2005/06/29 11:16:36 | 02,732,608 | ---- | M] (Verity, Inc.) -- C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe -- (ColdFusion MX 7 Search Server [Auto | Stopped])
SRV - [2005/04/04 19:58:28 | 00,163,840 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2 [On_Demand | Stopped])
SRV - [2003/12/22 17:42:06 | 00,393,216 | ---- | M] () -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Disabled | Stopped])
SRV - [2003/10/02 16:37:26 | 00,118,853 | ---- | M] () -- C:\CFusionMX7\db\slserver54\bin\swstrtr.exe -- (ColdFusion MX 7 ODBC Server [Auto | Stopped])
SRV - [2003/10/02 16:37:24 | 00,733,253 | ---- | M] () -- C:\CFusionMX7\db\slserver54\bin\swagent.exe -- (ColdFusion MX 7 ODBC Agent [Auto | Stopped])
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2003/06/20 00:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Stopped])
SRV - [1999/12/12 13:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.EXE -- (Creative Service for CDROM Access [Auto | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 02 04 C3 05 6D 66 7D 49 89 0F 67 17 60 70 04 E7 [binary data]
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 02 04 C3 05 6D 66 7D 49 89 0F 67 17 60 70 04 E7 [binary data]
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 02 04 C3 05 6D 66 7D 49 89 0F 67 17 60 70 04 E7 [binary data]
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 02 04 C3 05 6D 66 7D 49 89 0F 67 17 60 70 04 E7 [binary data]
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
IE - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/
IE - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 02 04 C3 05 6D 66 7D 49 89 0F 67 17 60 70 04 E7 [binary data]
IE - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\S-1-5-21-1659004503-963894560-1801674531-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.11
FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0
FF - prefs.js..extensions.enabledItems: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7
FF - prefs.js..extensions.enabledItems: {e0fb9f6f-a5db-4809-8287-0c18860a8f7f}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/04/05 22:41:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/11 21:02:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/30 21:18:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/15 16:55:25 | 00,000,000 | ---D | M]
[2009/09/30 21:18:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\mozilla\Extensions
[2009/09/30 21:18:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/05 22:42:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\mozilla\Extensions\mozswing@mozswing.org
[2009/10/15 16:55:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\mozilla\Firefox\Profiles\erz876c0.default\extensions
[2009/10/01 16:24:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\mozilla\Firefox\Profiles\erz876c0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/14 18:07:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\mozilla\Firefox\Profiles\erz876c0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/10/15 16:52:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\mozilla\Firefox\Profiles\erz876c0.default\extensions\{e0fb9f6f-a5db-4809-8287-0c18860a8f7f}
[2009/10/15 16:55:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\mozilla\Firefox\Profiles\erz876c0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/10/15 16:55:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/30 20:37:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/24 16:15:25 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 16:15:26 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/08/24 16:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/09/23 16:37:30 | 00,032,448 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\mozilla firefox\plugins\np_gp.dll
[2009/08/24 14:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/24 14:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/08/24 14:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 14:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/08/24 14:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/09/30 20:39:25 | 00,002,221 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SafeSearch.xml
[2009/08/24 14:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/24 14:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (344967 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 11826 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe (Dell Inc.)
O4 - HKLM..\Run: [ClamWin] C:\Program Files\ClamWin\bin\ClamTray.exe (alch)
O4 - HKLM..\Run: [dlcdmon.exe] C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 944\memcard.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingA3596] C:\WINDOWS\System32\command.com ()
O4 - HKLM..\RunOnce: [SpybotDeletingC2584] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] File not found
O4 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007..\RunOnce: [SpybotDeletingB3392] C:\WINDOWS\System32\command.com ()
O4 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007..\RunOnce: [SpybotDeletingD271] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 59 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://active.macromedia.com/director/cabs/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/5/b...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3BA3B159-7533-4F96-A2CE-EE5894BBD3D5} Reg Error: Value error. (Scanner.SysScanner)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} Reg Error: Value error. (MySpace Uploader Control)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741}
http://www.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} Reg Error: Value error. (System Requirements Lab Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microsoftu...b?1207014635794 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} Reg Error: Value error. (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} Reg Error: Value error. (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\System32\cryptnet32.dll) - C:\WINDOWS\System32\cryptnet32.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1659004503-963894560-1801674531-1007 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ace4902b684: DllName - C:\WINDOWS\System32\cryptnet32.dll - C:\WINDOWS\System32\cryptnet32.dll File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/29 17:28:33 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0cba0afd-51f2-11dd-a458-000f1f0c02e6}\Shell - "" = AutoRun
O33 - MountPoints2\{0cba0afd-51f2-11dd-a458-000f1f0c02e6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0cba0afd-51f2-11dd-a458-000f1f0c02e6}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{11c3710f-9da8-11de-a511-00904b760f6a}\Shell - "" = AutoRun
O33 - MountPoints2\{11c3710f-9da8-11de-a511-00904b760f6a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{11c3710f-9da8-11de-a511-00904b760f6a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{61eb4a30-9151-11db-a283-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{61eb4a30-9151-11db-a283-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{61eb4a30-9151-11db-a283-00038a000015}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{61eb4a31-9151-11db-a283-00038a000015}\Shell\AutoRun\command - "" = H:\setupSNK.exe -- File not found
O33 - MountPoints2\{75efeb14-76dc-11dc-a397-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{75efeb14-76dc-11dc-a397-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{75efeb14-76dc-11dc-a397-00038a000015}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{dee48666-3dfc-11dc-a351-00038a000015}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (sprecovr) - File not found
O34 - HKLM BootExecute: (\SystemRoot\sprecovr.txt) - C:\WINDOWS\sprecovr.txt File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[11 C:\WINDOWS\System32\*.tmp files]
[2009/10/15 17:11:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/15 16:55:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/10/15 17:12:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Troy D Mobley\Application Data\Malwarebytes
[2009/10/15 00:27:38 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2009/10/15 17:11:57 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/15 16:55:22 | 00,000,000 | ---D | C] -- C:\Program Files\NOS
[2009/10/14 17:36:01 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/10/15 18:40:33 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Troy D Mobley\Desktop\OTL.exe
[2009/10/15 17:11:59 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/15 17:11:57 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/15 17:10:16 | 04,045,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Troy D Mobley\Desktop\mbam-setup.exe
[2009/10/14 23:19:24 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/10/14 19:38:41 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/10/14 18:32:42 | 00,000,000 | ---D | C] -- C:\HJT
[2009/09/09 18:26:35 | 00,217,136 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\symtdi.sys
[2009/09/09 18:26:35 | 00,048,688 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\symndisv.sys
[2009/09/09 18:26:34 | 00,089,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\symfw.sys
[2009/09/09 18:26:34 | 00,036,400 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\symndis.sys
[2009/09/09 18:26:34 | 00,033,072 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\symids.sys
[2009/09/09 18:26:33 | 00,310,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\SymEFA.sys
[2009/09/09 18:26:31 | 00,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\srtspx.sys
[2009/09/09 18:26:29 | 00,308,272 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\srtsp.sys
[2009/09/09 18:26:28 | 00,259,632 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\BHDrvx86.sys
[2009/09/09 18:22:57 | 00,482,432 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\cchpx86.sys
[2009/09/09 18:22:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1007020.00B
[2009/06/09 22:26:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2006/05/16 21:23:43 | 00,638,976 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdpmui.dll
[2006/05/16 21:23:41 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdcomm.dll
[2006/05/16 21:23:41 | 00,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdpplc.dll
[2006/05/16 21:23:40 | 01,134,592 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdusb1.dll
[2006/05/16 21:23:40 | 00,483,328 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdlmpm.dll
[2006/05/16 21:23:39 | 00,774,144 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdhbn3.dll
[2006/05/16 21:23:39 | 00,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdprox.dll
[2006/05/16 21:23:38 | 01,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdserv.dll
[2006/05/16 21:23:38 | 00,704,512 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdcomc.dll
[2006/04/29 06:07:48 | 00,290,816 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.WMPLib.dll
[2005/11/29 12:06:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2005/11/29 12:06:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
========== Files - Modified Within 14 Days ==========
[11 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009/10/15 18:40:34 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Troy D Mobley\Desktop\OTL.exe
[2009/10/15 18:38:30 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/15 18:20:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/15 17:12:02 | 00,000,712 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/15 17:10:26 | 04,045,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Troy D Mobley\Desktop\mbam-setup.exe
[2009/10/15 17:08:56 | 00,003,009 | -HS- | M] () -- C:\Documents and Settings\Troy D Mobley\Application Data\02000000f4868d12684P.manifest
[2009/10/15 16:53:03 | 00,000,722 | -HS- | M] () -- C:\Documents and Settings\Troy D Mobley\Application Data\02000000f4868d12684O.manifest
[2009/10/15 16:52:54 | 00,000,615 | ---- | M] () -- C:\WINDOWS\System32\FYiuX.vbs
[2009/10/15 16:49:24 | 00,005,609 | -HS- | M] () -- C:\Documents and Settings\Troy D Mobley\Application Data\02000000f4868d12684C.manifest
[2009/10/15 16:48:55 | 00,000,011 | -HS- | M] () -- C:\Documents and Settings\Troy D Mobley\Application Data\02000000f4868d12684S.manifest
[2009/10/15 00:53:05 | 00,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2009/10/15 00:52:46 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/10/15 00:52:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/15 00:42:32 | 00,001,355 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009/10/14 21:33:28 | 00,344,967 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/14 17:36:02 | 00,001,750 | ---- | M] () -- C:\Documents and Settings\Troy D Mobley\Desktop\HijackThis.lnk
[2009/10/01 23:37:29 | 00,336,129 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091014-213328.backup
[2009/10/01 23:35:27 | 00,001,879 | ---- | M] () -- C:\Documents and Settings\Troy D Mobley\Desktop\Spybot - Search & Destroy.lnk
========== Files - No Company Name ==========
[2009/10/15 17:12:02 | 00,000,712 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/15 16:52:54 | 00,000,615 | ---- | C] () -- C:\WINDOWS\System32\FYiuX.vbs
[2009/10/14 21:33:28 | 00,336,129 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091014-213328.backup
[2009/10/14 17:36:02 | 00,001,750 | ---- | C] () -- C:\Documents and Settings\Troy D Mobley\Desktop\HijackThis.lnk
[2009/10/01 23:37:29 | 00,336,129 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091001-233728.backup
[2009/09/30 12:25:58 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/09/28 18:05:41 | 00,332,069 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090928-180541.backup
[2009/09/27 10:33:24 | 00,005,609 | -HS- | C] () -- C:\Documents and Settings\Troy D Mobley\Application Data\02000000f4868d12684C.manifest
[2009/09/27 10:33:24 | 00,000,722 | -HS- | C] () -- C:\Documents and Settings\Troy D Mobley\Application Data\02000000f4868d12684O.manifest
[2009/09/27 10:33:24 | 00,000,011 | -HS- | C] () -- C:\Documents and Settings\Troy D Mobley\Application Data\02000000f4868d12684S.manifest
[2009/09/27 10:33:23 | 00,003,009 | -HS- | C] () -- C:\Documents and Settings\Troy D Mobley\Application Data\02000000f4868d12684P.manifest
[2009/09/21 22:23:18 | 00,330,787 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090921-222318.backup
[2009/09/09 21:23:35 | 00,687,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\Cat.DB
[2009/09/09 20:24:37 | 00,298,088 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090909-202437.backup
[2009/09/09 18:26:35 | 00,009,402 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\SymNet.cat
[2009/09/09 18:26:35 | 00,001,561 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\SymNet.inf
[2009/09/09 18:26:33 | 00,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\SymEFA.inf
[2009/09/09 18:26:32 | 00,007,431 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\SymEFA.cat
[2009/09/09 18:26:30 | 00,007,429 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\srtspx.cat
[2009/09/09 18:26:30 | 00,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\srtspx.inf
[2009/09/09 18:26:29 | 00,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\srtsp.cat
[2009/09/09 18:26:29 | 00,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\srtsp.inf
[2009/09/09 18:26:28 | 00,007,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\bhdrvx86.cat
[2009/09/09 18:26:28 | 00,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\ccHPx86.cat
[2009/09/09 18:26:28 | 00,001,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\ccHPx86.inf
[2009/09/09 18:26:28 | 00,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\BHDrvx86.inf
[2009/09/09 18:22:33 | 00,001,562 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\SymNetV.inf
[2009/09/09 18:22:33 | 00,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\isolate.ini
[2009/09/09 18:22:32 | 00,009,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1007020.00B\symnetv.cat
[2009/08/03 15:07:42 | 00,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/06/01 17:22:39 | 00,003,012 | -HS- | C] () -- C:\Documents and Settings\Troy D Mobley\Application Data\ace4902b684P.manifest
[2009/06/01 17:22:39 | 00,001,858 | -HS- | C] () -- C:\Documents and Settings\Troy D Mobley\Application Data\ace4902b684C.manifest
[2009/03/02 21:01:23 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2009/03/02 21:01:10 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2009/02/22 19:04:34 | 00,291,610 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090222-180434.backup
[2009/02/10 23:49:38 | 00,291,610 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090210-224938.backup
[2009/02/07 22:09:33 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf
[2009/02/07 22:09:33 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2009/02/07 22:00:44 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf
[2009/02/07 21:40:31 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zumbus_01007.Wdf
[2009/02/07 21:40:27 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2009/01/28 22:32:06 | 00,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2009/01/28 22:27:55 | 00,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009/01/28 22:27:54 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/01/09 20:49:20 | 00,266,714 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090109-194920.backup
[2008/11/06 12:37:32 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 12:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 12:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 12:33:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/10/02 23:07:53 | 00,228,449 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081002-230753.backup
[2008/07/29 21:52:36 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2008/07/29 21:51:01 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2008/07/22 22:13:06 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Troy D Mobley\Application Data\$_hpcst$.hpc
[2008/03/17 18:25:24 | 00,227,676 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20080317-182524.backup
[2008/03/03 23:09:06 | 00,000,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.20080303-220906.backup
[2008/02/07 00:17:30 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/01/17 00:32:38 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_zumbus_01005.Wdf
[2008/01/17 00:32:32 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2007/12/27 22:31:22 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Troy D Mobley\Local Settings\Application Data\fusioncache.dat
[2007/12/17 00:23:24 | 00,001,024 | ---- | C] () -- C:\Documents and Settings\Troy D Mobley\Application Data\WavCodec.wff
[2007/07/05 18:40:19 | 00,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/06/04 23:09:30 | 00,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/04/04 00:18:50 | 00,000,005 | ---- | C] () -- C:\WINDOWS\System32\drivers\DELL_INS_XPS.MRK
[2007/01/11 21:48:29 | 00,169,984 | ---- | C] () -- C:\WINDOWS\System32\sablot.dll
[2007/01/11 21:48:29 | 00,072,704 | ---- | C] () -- C:\WINDOWS\System32\libexpat.dll
[2006/05/16 21:24:21 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcdcfg.dll
[2006/05/16 21:23:42 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcdins.dll
[2006/05/16 21:23:42 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcdinsr.dll
[2006/05/16 21:23:42 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcdvs.dll
[2006/05/16 21:23:36 | 00,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlcdutil.dll
[2006/05/16 21:23:36 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcdcu.dll
[2006/05/16 21:23:36 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcdcur.dll
[2006/05/16 21:23:33 | 00,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcdinsb.dll
[2006/05/16 21:23:33 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcdcub.dll
[2006/05/16 21:23:31 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlcdjswr.dll
[2006/05/11 22:58:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/04/18 19:22:33 | 00,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2006/04/16 16:21:26 | 00,536,576 | R--- | C] () -- C:\WINDOWS\mcs_core.dll
[2006/04/16 16:21:26 | 00,147,456 | R--- | C] () -- C:\WINDOWS\mcs_vfw.dll
[2006/04/16 16:21:20 | 00,057,344 | ---- | C] () -- C:\WINDOWS\HAJEInstall.dll
[2006/04/09 03:14:17 | 00,000,052 | ---- | C] () -- C:\WINDOWS\Pex.INI
[2006/04/09 03:01:09 | 00,000,458 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2006/04/09 02:49:57 | 00,339,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\gt892xv.sys
[2006/04/09 02:49:57 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\gjpg.dll
[2006/04/09 02:48:20 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\sndp2022.dll
[2006/04/09 02:48:20 | 00,278,528 | ---- | C] () -- C:\WINDOWS\System32\sndp2023.dll
[2006/04/09 02:48:20 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\dsndp202.dll
[2006/04/09 02:48:20 | 00,015,598 | ---- | C] () -- C:\WINDOWS\sndp202.ini
[2006/04/09 02:48:19 | 00,227,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\sndp202.sys
[2006/04/09 02:48:19 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\vsndp202.dll
[2006/03/24 01:39:00 | 00,000,051 | ---- | C] () -- C:\WINDOWS\mix-fx.ini
[2006/03/05 23:53:20 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\Troy D Mobley\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/03/04 02:09:51 | 00,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys
[2006/03/03 22:38:42 | 00,000,436 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2006/02/28 21:06:52 | 03,667,476 | -H-- | C] () -- C:\Documents and Settings\Troy D Mobley\Local Settings\Application Data\IconCache.db
[2006/02/28 00:21:32 | 00,188,416 | ---- | C] () -- C:\Documents and Settings\Troy D Mobley\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/27 22:36:48 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Troy D Mobley\Application Data\desktop.ini
[2006/02/27 12:08:54 | 00,002,427 | ---- | C] () -- C:\WINDOWS\Baswty05.ini
[2006/02/27 12:08:22 | 00,002,498 | ---- | C] () -- C:\WINDOWS\Baswty04.ini
[2006/02/27 12:07:54 | 00,003,489 | ---- | C] () -- C:\WINDOWS\Prowty05.ini
[2005/12/19 19:22:58 | 00,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2005/12/08 20:12:35 | 00,777,728 | ---- | C] () -- C:\WINDOWS\System32\SSLSVC.DLL
[2005/12/08 20:12:35 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2005/12/08 20:12:35 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\cfmsg.dll
[2005/12/08 20:12:35 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2005/12/08 20:12:33 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\lang_cfml.dll
[2005/12/08 20:12:33 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\xml_datagrove.dll
[2005/12/07 14:40:01 | 00,495,616 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll
[2005/12/07 14:40:00 | 00,000,260 | ---- | C] () -- C:\WINDOWS\System32\ic32.ini
[2005/12/07 14:33:48 | 00,000,103 | ---- | C] () -- C:\WINDOWS\ProTSKSCH05.INI
[2005/12/07 14:17:03 | 00,000,038 | ---- | C] () -- C:\WINDOWS\SelecPrd.INI
[2005/12/01 14:38:40 | 00,140,480 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005/11/30 10:30:08 | 00,000,672 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/30 10:09:12 | 00,001,355 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/11/29 18:15:37 | 31,358,784 | ---- | C] () -- C:\Program Files\NAV061200_2YR.exe
[2005/11/29 17:52:49 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2005/11/29 12:14:46 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/06/11 12:47:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\fpprintmon.dll
[2005/02/03 21:59:44 | 02,129,920 | ---- | C] () -- C:\WINDOWS\System32\myodbc3S.dll
[2004/08/12 09:33:16 | 00,001,020 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/12 09:30:36 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/08/12 09:28:10 | 00,007,116 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\services
[2004/08/12 09:26:34 | 00,000,799 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\protocol
[2004/08/12 09:24:45 | 00,000,407 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\networks
[2004/08/12 09:21:11 | 00,003,683 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\lmhosts.sam
[2004/08/12 09:19:39 | 00,344,967 | R--- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2004/08/12 09:19:24 | 03,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2003/12/22 15:40:06 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2003/11/20 17:39:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/04/01 19:45:50 | 00,047,616 | ---- | C] () -- C:\WINDOWS\System32\ODBCMON.DLL
========== LOP Check ==========
[2009/10/15 17:11:58 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/01/23 11:43:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/03/19 21:33:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2008/02/06 23:43:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2009/06/09 22:17:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2009/03/04 20:56:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2009/01/28 22:31:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2009/06/09 22:16:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/07/05 18:40:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2009/03/02 21:14:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2005/12/02 16:54:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2007/12/17 00:09:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/06/09 22:26:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/06/09 22:22:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2006/02/27 23:33:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2006/02/27 22:04:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2006/04/18 22:30:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2006/04/18 22:30:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2009/03/19 21:33:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/11/12 22:21:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2005/11/29 12:14:46 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
[2008/02/06 23:07:03 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Dick Lavoie\Application Data
[2006/01/16 11:03:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dick Lavoie\Application Data\TextPad
[2006/02/27 22:04:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Dick Lavoie\Application Data\You've Got Pictures Screensaver
[2009/06/09 22:16:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
[2009/02/22 19:40:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
[2008/02/06 23:07:04 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Rhonda Mobley\Application Data
[2006/03/08 21:37:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rhonda Mobley\Application Data\Intuit
[2009/06/09 22:16:45 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\T- Mob\Application Data
[2008/01/22 13:43:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T- Mob\Application Data\.clamwin
[2008/01/22 14:46:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T- Mob\Application Data\BearShare
[2008/01/22 16:26:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T- Mob\Application Data\CyberLink
[2007/09/17 21:14:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\T- Mob\Application Data\Intuit
[2009/10/15 17:12:06 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data
[2009/06/01 22:22:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\.clamwin
[2009/03/19 21:37:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\acccore
[2008/01/13 19:55:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Aquatica Azure
[2007/02/10 19:30:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Autodesk
[2008/10/01 18:42:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\BitZipper
[2006/03/10 20:41:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\CyberLink
[2009/02/10 23:46:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\DNA
[2009/05/22 17:04:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\GARMIN
[2007/07/05 18:41:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Intuit
[2006/03/14 18:38:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Leadertech
[2009/06/01 22:04:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\LimeWire
[2006/03/14 18:53:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\NCH Swift Sound
[2006/02/27 23:27:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\NetMedia Providers
[2006/03/16 20:36:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Opera
[2006/02/27 23:27:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Publish Providers
[2006/03/14 18:53:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\RecordPad
[2009/09/27 16:14:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\RGSystemFonts
[2007/12/16 23:30:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Ringtone
[2006/04/24 21:03:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\SmartDraw
[2009/03/02 23:48:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Smith Micro
[2009/09/27 19:23:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\TagControl
[2006/04/23 19:09:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\TextPad
[2006/04/09 03:15:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Thalia
[2009/09/19 19:06:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\U3
[2006/04/16 16:27:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Ulead Systems
[2009/01/08 18:13:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\Viewpoint
[2006/03/03 14:14:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Troy D Mobley\Application Data\You've Got Pictures Screensaver
[2009/10/01 08:57:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/12 09:23:47 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/15 00:52:46 | 00,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009/10/01 16:20:05 | 00,000,886 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2009/10/15 00:53:05 | 00,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2009/10/15 00:52:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Custom Scans ==========
< >
< %SYSTEMDRIVE%\*.exe >
[2006/02/27 22:10:23 | 00,010,920 | ---- | M] () -- C:\aolconnfix.exe
< %systemroot%\system32\eventlog.dll >
[2008/04/13 20:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
[11 C:\WINDOWS\system32\*.tmp files]
< %systemroot%\system32\scecli.dll >
[2008/04/13 20:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
[11 C:\WINDOWS\system32\*.tmp files]
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
< End of report >
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
OTL Extras logfile created on: 10/15/2009 6:43:32 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Troy D Mobley\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1023.21 Mb Total Physical Memory | 710.94 Mb Available Physical Memory | 69.48% Memory free
2.86 Gb Paging File | 2.71 Gb Available in Paging File | 94.91% Paging File free
Paging file location(s): C:\pagefile.sys 2000 4000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.49 Gb Total Space | 41.68 Gb Free Space | 55.95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: XPSLAPTOP
Current User Name: Troy D Mobley
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
"10244:TCP" = 10244:TCP:LocalSubNet:Enabled:Zune Network Sharing Service
"10285:UDP" = 10285:UDP:LocalSubNet:Enabled:Zune Network Sharing Service
"10286:UDP" = 10286:UDP:LocalSubNet:Enabled:Zune Network Sharing Service
"10287:UDP" = 10287:UDP:LocalSubNet:Enabled:Zune Network Sharing Service
"10288:UDP" = 10288:UDP:LocalSubNet:Enabled:Zune Network Sharing Service
"10289:UDP" = 10289:UDP:LocalSubNet:Enabled:Zune Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"135:TCP" = 135:TCP:*:Disabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Disabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Disabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Disabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Disabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Disabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Disabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Disabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Disabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Disabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Disabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Disabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Disabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Disabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Disabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Disabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Disabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Disabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Disabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Disabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Disabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Disabled:TCP Port 5020
"10243:TCP" = 10243:TCP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"1723:TCP" = 1723:TCP:*:Disabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Disabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Disabled:@xpsp2res.dll,-22017
"10244:TCP" = 10244:TCP:LocalSubNet:Disabled:Zune Network Sharing Service
"10285:UDP" = 10285:UDP:LocalSubNet:Disabled:Zune Network Sharing Service
"10286:UDP" = 10286:UDP:LocalSubNet:Disabled:Zune Network Sharing Service
"10287:UDP" = 10287:UDP:LocalSubNet:Disabled:Zune Network Sharing Service
"10288:UDP" = 10288:UDP:LocalSubNet:Disabled:Zune Network Sharing Service
"10289:UDP" = 10289:UDP:LocalSubNet:Disabled:Zune Network Sharing Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" = C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe:*:Enabled:Adobe Version Cue CS2 -- (Adobe Systems Incorporated)
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Disabled:America Online 9.0 -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL -- File not found
"C:\Program Files\BearFlix\bearflix.exe" = C:\Program Files\BearFlix\bearflix.exe:*:Disabled:BearFlix -- File not found
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Disabled:BearShare -- File not found
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Disabled:AIM -- (AOL LLC)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Loader -- (AOL LLC)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Disabled:BitTorrent -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour -- (Apple Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcdPSWX.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dlcdPSWX.EXE:*:Disabled:Dell 944 Printer Status -- ()
"C:\WINDOWS\system32\dlcdcoms.exe" = C:\WINDOWS\system32\dlcdcoms.exe:*:Disabled:Dell 944 Server -- ( )
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Disabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe" = C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe:*:Disabled:Dreamweaver 8 -- (Macromedia, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Disabled:iTunes -- (Apple Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Disabled:MySpaceIM -- ()
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger -- (Microsoft Corporation)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001AB29C-5468-4972-8D24-2EBDB2B12133}" = Camera Window DVC
"{001EB665-D9EC-415E-9E13-AD2125B2B992}" = RAW Image Task 2.1
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0D2E80C8-0875-43EB-9623-47118E2DFBCA}" = Quicken 2007
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{178B87CB-78D5-4FC6-8866-591808F19849}" = Microsoft Office Specialist Study Guide--Office 2003 Edition
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 15
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MyODBC
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}" = TurboTax ItsDeductible 2005
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{46548E80-0409-0000-7E8A-45000F855001}" = Adobe GoLive CS2
"{47813E93-F2A0-484A-838E-47EC1B28D190}" = Adobe Stock Photos 1.0
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4B9535BF-CC90-4158-AF32-CAF57A8820CA}" = Macromedia Contribute 3.11
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}" = Macromedia Fireworks 8
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6693BD7C-CB4E-43AC-A0D6-10D1A1B88DCF}" = Canon PhotoRecord
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68D27126-BF6A-457D-8DD0-5F35E8D41310}" = MovieEdit Task
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B8BDABA-6737-4998-AEE4-E218EDE5FC7A}" = Camera Window DS
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{84CC9583-C2D6-42E6-A373-6FDDDA6A8BA6}" = Garmin Communicator Plugin
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{89EB3ED7-225A-412E-B048-623D502C000F}" = Camera Window MC
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D3562E7-C795-4B5D-A091-6DAA3FF0DF3B}" = Macromedia HomeSite+
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{91057632-CA70-413C-B628-2D3CDBBB906B}" = Macromedia Flash Player 8 Plugin
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{913A0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Project Standard 2002
"{91510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{A1D0D14A-B776-4907-BC00-5149F2298086}" = Camera Support Core Library
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A42B2F5C-B523-4358-93A9-55F1620C2652}" = SC130
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B510A987-487E-4C66-9F4F-D386AC275715}" = TextPad 4.7
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{BC467935-A9A5-4D0F-BD89-94F36CDF0524}" = Adobe Stock Photos 1.0
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5F881C2-B134-474E-AA60-B25DD218AE0D}" = Crash Analysis Tool
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E85397AD-D60E-4141-82E6-FAA312A09271}" = Dual Mode Camera 8008 VGA+
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.6
"{FE24D361-A3E8-11DE-88F3-005056806466}" = Google Earth Plug-in
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"7-Zip" = 7-Zip 4.57
"Abander TagControl" = Abander TagControl
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AIM_6" = AIM 6
"All ATI Software" = ATI - Software Uninstall Utility
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"AviSynth" = AviSynth 2.5
"BCM V.92 56K Modem" = BCM V.92 56K Modem
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"ClamWin Free Antivirus_is1" = ClamWin Free Antivirus 0.95.2
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"Dell Photo AIO Printer 944" = Dell Photo AIO Printer 944
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ExpressBurn" = Express Burn
"FixTunes" = FixTunes (remove only)
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{001AB29C-5468-4972-8D24-2EBDB2B12133}" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"InstallShield_{001EB665-D9EC-415E-9E13-AD2125B2B992}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{68D27126-BF6A-457D-8DD0-5F35E8D41310}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{6B8BDABA-6737-4998-AEE4-E218EDE5FC7A}" = Canon Camera Window DS for ZoomBrowser EX
"InstallShield_{89EB3ED7-225A-412E-B048-623D502C000F}" = Canon Camera Window MC 5 for ZoomBrowser EX
"InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}" = Canon Camera Support Core Library
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"LimeWire" = LimeWire PRO 5.1.2
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MySpaceIM" = MySpaceIM
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PeerGuardian_is1" = PeerGuardian 2.0
"RealPlayer 6.0" = RealPlayer Basic
"Registry Mechanic_is1" = Registry Mechanic 5.0
"Sliding Spectrogram_is1" = Sliding Spectrogram v0.1b
"StationRipper" = StationRipper 2.91D
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"TurboTax Deluxe 2005" = TurboTax Deluxe 2005
"Uninstall Macromedia ColdFusion MX 7" = Macromedia ColdFusion MX 7
"Uninstall_is1" = Uninstall 1.0.0.1
"Videora iPod Converter" = Videora iPod Converter 3.07
"ViewpointMediaPlayer" = Viewpoint Media Player
"vis_milk.dllWinamp" = MilkDrop for Winamp 2x (remove only)
"VZAccess Manager" = VZAccess Manager
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIDI Recognition System Pro 3.0" = WIDI Recognition System Pro 3.0 (remove only)
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0100" = Microsoft WinUsb 1.0
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"ZENcast Organizer" = ZENcast Organizer
"Zune" = Zune
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1659004503-963894560-1801674531-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/14/2009 5:45:34 PM | Computer Name = XPSLAPTOP | Source = MsiInstaller | ID = 1008
Description = The installation of C:\Program Files\Common Files\Wise Installation
Wizard\WISCDDCBBF1270346BC938BBCC81A1EEAAA_4_29_0_1004.MSI is not permitted due
to an error in software restriction policy processing. The object cannot be trusted.
Error - 10/14/2009 5:45:45 PM | Computer Name = XPSLAPTOP | Source = MsiInstaller | ID = 1008
Description = The installation of C:\Program Files\Common Files\Wise Installation
Wizard\WISCDDCBBF1270346BC938BBCC81A1EEAAA_4_29_0_1004.MSI is not permitted due
to an error in software restriction policy processing. The object cannot be trusted.
Error - 10/14/2009 6:14:52 PM | Computer Name = XPSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application ctfmon.exe, version 5.1.2600.5512, faulting module
unknown, version 0.0.0.0, fault address 0x77124ba2.
Error - 10/14/2009 6:14:55 PM | Computer Name = XPSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x01ab135a.
Error - 10/14/2009 6:15:44 PM | Computer Name = XPSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application hijackthis.exe, version 2.0.0.2, faulting module
unknown, version 0.0.0.0, fault address 0x78131ae4.
Error - 10/14/2009 7:10:07 PM | Computer Name = XPSLAPTOP | Source = MsiInstaller | ID = 1008
Description = The installation of C:\Program Files\Common Files\Wise Installation
Wizard\WISCDDCBBF1270346BC938BBCC81A1EEAAA_4_29_0_1004.MSI is not permitted due
to an error in software restriction policy processing. The object cannot be trusted.
Error - 10/14/2009 7:40:24 PM | Computer Name = XPSLAPTOP | Source = MsiInstaller | ID = 1008
Description = The installation of C:\Program Files\Common Files\Wise Installation
Wizard\WISCDDCBBF1270346BC938BBCC81A1EEAAA_4_29_0_1004.MSI is not permitted due
to an error in software restriction policy processing. The object cannot be trusted.
Error - 10/14/2009 10:32:24 PM | Computer Name = XPSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application ctfmon.exe, version 5.1.2600.5512, faulting module
unknown, version 0.0.0.0, fault address 0x77124ba2.
Error - 10/15/2009 12:27:50 AM | Computer Name = XPSLAPTOP | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
state. This indicates a potential instability in the process that could be caused
by the custom components running in the COM+ application, the components they make
use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184),
hr = 8007043c: InitEventCollector fail
Error - 10/15/2009 5:01:54 PM | Computer Name = XPSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application ctfmon.exe, version 5.1.2600.5512, faulting module
unknown, version 0.0.0.0, fault address 0x77124ba2.
[ System Events ]
Error - 10/15/2009 4:55:27 PM | Computer Name = XPSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service getPlusHelper
with arguments "" in order to run the server: {E48FEF78-2125-4D1D-B8D8-C30D2286E1D1}
Error - 10/15/2009 4:55:27 PM | Computer Name = XPSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service getPlusHelper
with arguments "" in order to run the server: {E48FEF78-2125-4D1D-B8D8-C30D2286E1D1}
Error - 10/15/2009 4:55:36 PM | Computer Name = XPSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 10/15/2009 4:55:56 PM | Computer Name = XPSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
Error - 10/15/2009 4:55:57 PM | Computer Name = XPSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MSIServer with
arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
Error - 10/15/2009 5:10:30 PM | Computer Name = XPSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 10/15/2009 6:18:11 PM | Computer Name = XPSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 10/15/2009 6:18:59 PM | Computer Name = XPSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 10/15/2009 6:22:00 PM | Computer Name = XPSLAPTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
APPDRV BHDrvx86 ccHP eeCtrl Fips IDSxpx86 intelppm SRTSPX SYMTDI
Error - 10/15/2009 6:38:45 PM | Computer Name = XPSLAPTOP | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
Posted 14 October 2009 - 08:06 PM
Attach.txt (11.33K)
Back to top
