Here is the result of the OTL scan...
OTL logfile created on: 3/21/2010 5:54:18 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 75.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 47.77 Gb Free Space | 20.52% Space Free | Partition Type: NTFS
Drive D: | 931.50 Gb Total Space | 702.17 Gb Free Space | 75.38% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 152.66 Gb Total Space | 84.44 Gb Free Space | 55.31% Space Free | Partition Type: NTFS
Computer Name: CAMERA
Current User Name: Dan
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2010/03/21 17:50:29 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
PRC - [2010/02/22 07:30:31 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/02/11 13:36:12 | 001,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/02/11 13:36:12 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/12/08 15:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/11/11 12:14:06 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/11/11 11:19:48 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2009/07/08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/02/06 15:46:09 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/10/10 06:45:26 | 000,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/04/23 11:57:02 | 000,061,440 | ---- | M] () -- C:\Program Files\DynDNS Updater\DynUpSvc.exe
PRC - [2008/04/23 11:57:00 | 000,065,536 | ---- | M] (Dynamic Network Services, Inc.) -- C:\Program Files\DynDNS Updater\DynTray.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/09 20:51:40 | 000,540,672 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2007/11/05 21:34:58 | 000,741,376 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2007/10/31 15:40:40 | 000,094,208 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2007/10/11 19:03:10 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2006/07/21 03:14:36 | 000,086,016 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
PRC - [2005/02/16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2003/05/29 15:53:18 | 000,122,880 | ---- | M] () -- C:\Program Files\Write DVD!\Saimon.exe
PRC - [2002/08/07 13:22:08 | 001,282,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2002/04/16 15:32:04 | 000,090,112 | ---- | M] () -- C:\EPVCE\EPVCE_Service.exe
PRC - [2000/06/08 08:15:23 | 000,050,176 | ---- | M] () -- C:\WINDOWS\LogWatNT.exe
========== Modules (SafeList) ========== MOD - [2010/03/21 17:50:29 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
========== Win32 Services (SafeList) ========== SRV - [2010/02/11 13:36:12 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010/01/25 10:03:04 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/12/08 15:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/11/11 12:14:06 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/11/11 11:19:48 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/10/02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009/07/08 21:22:22 | 000,068,112 | ---- | M] (McAfee) [On_Demand | Stopped] -- C:\Program Files\McAfee\MBK\MBackMonitor.exe -- (MBackMonitor)
SRV - [2009/07/08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/10/10 06:45:26 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/04/23 11:57:02 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Program Files\DynDNS Updater\DynUpSvc.exe -- (DynDNS Updater)
SRV - [2008/03/28 11:54:56 | 000,135,168 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\sslexplorer\install\platforms\windows\wrapper.exe -- (SSL-Explorer)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/05/07 19:28:58 | 000,589,824 | ---- | M] (TightVNC Group) [Disabled | Stopped] -- C:\Program Files\TightVNC\WinVNC.exe -- (winvnc)
SRV - [2007/01/04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2002/08/07 13:22:08 | 001,282,112 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2002/05/06 11:49:18 | 000,651,264 | R--- | M] (Internet Security Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Network ICE\BlackICE\blackd.exe -- (BlackICE)
SRV - [2002/04/16 15:32:04 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\EPVCE\EPVCE_Service.exe -- (EPVCE)
SRV - [2000/06/08 08:15:23 | 000,050,176 | ---- | M] () [Auto | Running] -- C:\WINDOWS\LogWatNT.exe -- (LogWatch)
========== Driver Services (SafeList) ========== DRV - [2010/01/05 19:04:02 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/11 12:14:44 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/11/11 12:14:44 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/11 12:14:44 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/11/11 12:14:12 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/07/16 13:32:26 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009/04/17 21:03:54 | 000,018,816 | ---- | M] (RIF) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dvd43llh.sys -- (dvd43llh)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/12 17:09:36 | 002,870,784 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/12/12 01:35:46 | 000,212,992 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2007/09/20 05:07:40 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/09/20 05:07:38 | 000,053,632 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007/07/20 19:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/04/25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007/04/17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2006/12/28 11:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/02/24 05:08:16 | 000,014,016 | ---- | M] (GeoVision) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GVAUDIO.SYS -- (GVAUDIO)
DRV - [2006/01/25 23:02:52 | 000,037,760 | R--- | M] (GeoVision) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\GV800_4A.SYS -- (GV800_4A)
DRV - [2005/09/20 18:27:20 | 000,010,368 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2005/04/07 17:18:34 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/06/24 14:18:44 | 000,051,456 | ---- | M] (Software Architects, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Saicdr.sys -- (saicdr)
DRV - [2003/06/24 14:13:38 | 000,364,800 | ---- | M] (Software Architects, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\Saiudf.sys -- (saiudf)
DRV - [2003/05/16 14:32:04 | 000,003,328 | ---- | M] (Software Architects, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\saicdrwup.sys -- (saicdrwup)
DRV - [2002/08/07 13:23:02 | 000,263,751 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDrv.sys -- (CVPNDRV)
DRV - [2002/07/17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
DRV - [2002/01/09 16:10:30 | 000,128,380 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2001/08/23 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/23 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/08/17 14:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-583907252-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-746137067-583907252-682003330-1003\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-746137067-583907252-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000006
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/03/08 14:10:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/22 07:30:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/22 07:30:35 | 000,000,000 | ---D | M]
[2009/02/08 09:33:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Mozilla\Extensions
[2010/03/16 19:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\s3xv7coo.default\extensions
[2009/09/03 20:59:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\s3xv7coo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/01 13:51:01 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\s3xv7coo.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/04/20 22:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\s3xv7coo.default\extensions\moveplayer@movenetworks.com
[2010/03/16 19:30:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2006/09/09 16:46:44 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/05/06 21:09:05 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
O1 HOSTS File: ([2009/05/19 20:26:30 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-746137067-583907252-682003330-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinVNC] C:\Program Files\TightVNC\WinVNC.exe (TightVNC Group)
O4 - HKLM..\Run: [Write DVD-R!] C:\Program Files\Write DVD!\Saimon.exe ()
O4 - HKU\S-1-5-21-746137067-583907252-682003330-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe (Dynamic Network Services, Inc.)
O4 - Startup: C:\Documents and Settings\HelpAssistant\Start Menu\Programs\Startup\MemTurbo.lnk = C:\Program Files\MemTurbo 4\MemTurbo.exe File not found
O4 - Startup: C:\Documents and Settings\HelpAssistant\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-583907252-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/30 07:26:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/12/15 18:08:43 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4843740a-e7d0-11dc-9010-0016ec67338c}\Shell\AutoRun\command - "" = E:\Programs\nu2menu\nu2menu.exe -- File not found
O33 - MountPoints2\{76277d42-cac1-11dd-877a-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{76277d42-cac1-11dd-877a-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006/08/30 07:26:05 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: mcmscsvc - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: mcmscsvc - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: MpfService - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.G264 - C:\WINDOWS\System32\GX264.dll (GeoVision)
Drivers32: vidc.GEOV - C:\WINDOWS\system32\GeoCodec.dll (GeoVision)
Drivers32: vidc.GEOX - C:\WINDOWS\system32\GeoCodec.dll (GeoVision)
Drivers32: vidc.GM20 - C:\WINDOWS\System32\GXGM20.dll (GeoVision Inc.)
Drivers32: vidc.GM40 - C:\WINDOWS\System32\GXAMP4.dll (GeoVision)
Drivers32: vidc.GMP4 - C:\WINDOWS\System32\GXAMP4.dll (GeoVision)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - C:\WINDOWS\Mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\Mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\Mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - xvidvfw.dll File not found
========== Files/Folders - Created Within 30 Days ========== [2010/03/21 17:50:28 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2010/03/12 09:17:00 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/03/07 09:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2010/03/07 09:11:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2010/03/07 09:10:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\ApplicationHistory
[2010/03/07 09:08:34 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/03/07 09:08:34 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2010/03/07 09:08:34 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/03/07 09:08:32 | 000,120,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2010/03/07 09:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/03/07 09:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/03/07 09:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/03/07 09:05:08 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2010/03/07 09:01:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/03/05 16:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\Malwarebytes
[2010/03/05 16:17:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/05 16:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/05 16:16:59 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/05 16:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/05 15:14:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Debug
[2010/03/05 11:19:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\AVG8
[2010/03/04 21:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\Threat Expert
[2010/03/02 20:29:27 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/03/02 20:22:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Application Data\PC Tools
[2010/03/02 20:22:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/03/02 20:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/01 21:19:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dan\Local Settings\Application Data\bftqsd
[2009/12/23 11:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/06/05 21:00:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Dan\Application Data\pcouffin.sys
[2009/03/10 05:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/02/26 22:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intuit
[2009/02/06 15:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/01/10 22:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2006/08/30 07:42:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/08/30 07:29:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/08/30 07:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/03/21 17:50:29 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dan\Desktop\OTL.exe
[2010/03/21 17:46:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/21 14:46:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/21 13:11:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/21 09:42:34 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/03/21 09:27:01 | 000,531,786 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/21 09:27:01 | 000,448,866 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/21 09:27:01 | 000,073,340 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/21 09:23:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/21 09:23:29 | 000,009,313 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010/03/21 09:22:04 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/03/21 09:22:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/21 09:22:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/16 19:30:10 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\gmer.exe
[2010/03/16 19:29:27 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\gmer.zip
[2010/03/16 19:24:06 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\dds.scr
[2010/03/16 19:22:58 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Dan\defogger_reenable
[2010/03/16 19:22:14 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Defogger.exe
[2010/03/16 18:00:50 | 000,363,008 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\rkill.com
[2010/03/15 17:53:32 | 004,980,736 | -H-- | M] () -- C:\Documents and Settings\Dan\NTUSER.DAT
[2010/03/15 17:53:04 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Dan\ntuser.ini
[2010/03/13 09:45:07 | 002,689,716 | -H-- | M] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\IconCache.db
[2010/03/13 09:44:18 | 000,000,573 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/08 18:33:46 | 000,000,263 | ---- | M] () -- C:\WINDOWS\geohealth-03.ini
[2010/03/08 18:33:41 | 000,001,255 | ---- | M] () -- C:\WINDOWS\GeoRuntime.ini
[2010/03/08 18:33:41 | 000,000,425 | ---- | M] () -- C:\WINDOWS\GeoDebug61.ini
[2010/03/08 18:33:41 | 000,000,115 | ---- | M] () -- C:\WINDOWS\GeoPAL.ini
[2010/03/08 18:33:40 | 000,005,495 | ---- | M] () -- C:\WINDOWS\GeoMulti.ini
[2010/03/08 18:33:40 | 000,000,275 | ---- | M] () -- C:\WINDOWS\GeoRepair.ini
[2010/03/08 18:33:39 | 000,000,147 | ---- | M] () -- C:\WINDOWS\Upload.ini
[2010/03/08 18:33:36 | 000,000,107 | ---- | M] () -- C:\WINDOWS\GeoHealth.ini
[2010/03/08 18:33:33 | 000,017,603 | ---- | M] () -- C:\WINDOWS\GeoPTZ.ini
[2010/03/08 18:32:50 | 000,001,022 | ---- | M] () -- C:\WINDOWS\Geo6cam.ini
[2010/03/08 18:32:46 | 000,000,041 | ---- | M] () -- C:\WINDOWS\geoat.ini
[2010/03/08 18:32:45 | 000,000,151 | ---- | M] () -- C:\WINDOWS\geomcast.ini
[2010/03/08 18:32:34 | 000,000,022 | ---- | M] () -- C:\WINDOWS\geobcast.ini
[2010/03/08 18:32:31 | 000,000,020 | ---- | M] () -- C:\WINDOWS\GEO_CS.ini
[2010/03/08 18:32:15 | 000,006,318 | ---- | M] () -- C:\WINDOWS\ELBEX_U.ini
[2010/03/08 18:32:15 | 000,006,302 | ---- | M] () -- C:\WINDOWS\Samsung_U.ini
[2010/03/08 18:32:14 | 000,006,458 | ---- | M] () -- C:\WINDOWS\Semsonmatic_U.ini
[2010/03/08 18:32:14 | 000,006,302 | ---- | M] () -- C:\WINDOWS\Samsung(SDC-1600)_U.ini
[2010/03/08 18:32:14 | 000,006,302 | ---- | M] () -- C:\WINDOWS\Kalatal_U.ini
[2010/03/08 18:32:13 | 000,006,302 | ---- | M] () -- C:\WINDOWS\Dynacolor_U.ini
[2010/03/08 18:32:13 | 000,005,962 | ---- | M] () -- C:\WINDOWS\Panasonic_U.ini
[2010/03/08 18:32:13 | 000,003,517 | ---- | M] () -- C:\WINDOWS\Sony_U.ini
[2010/03/08 18:32:12 | 000,006,194 | ---- | M] () -- C:\WINDOWS\Lilin_U.ini
[2010/03/08 18:32:12 | 000,001,235 | ---- | M] () -- C:\WINDOWS\DongYang_U.ini
[2010/03/08 18:32:11 | 000,006,302 | ---- | M] () -- C:\WINDOWS\Dome_PelcoP_U.ini
[2010/03/08 18:32:11 | 000,006,302 | ---- | M] () -- C:\WINDOWS\Dome_PelcoD_U.ini
[2010/03/08 18:32:11 | 000,006,302 | ---- | M] () -- C:\WINDOWS\AdemCo_U.ini
[2010/03/08 18:32:10 | 000,006,302 | ---- | M] () -- C:\WINDOWS\VCC4_U.ini
[2010/03/08 18:32:07 | 000,006,302 | ---- | M] () -- C:\WINDOWS\VCC3_U.ini
[2010/03/08 18:32:06 | 000,000,395 | ---- | M] () -- C:\WINDOWS\PTZBackupFile.ini
[2010/03/08 18:32:02 | 000,014,062 | ---- | M] () -- C:\WINDOWS\GeoVStatus.ini
[2010/03/08 16:28:04 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/07 09:53:59 | 000,000,044 | ---- | M] () -- C:\WINDOWS\geonet.ini
[2010/03/07 09:11:22 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2010/03/07 09:10:49 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee EasyNetwork.lnk
[2010/03/07 09:10:43 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2010/03/07 09:08:01 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/03/07 09:08:00 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/03/06 15:18:08 | 000,000,069 | ---- | M] () -- C:\WINDOWS\GeoTwin.ini
[2010/03/02 21:22:02 | 000,059,656 | ---- | M] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/01 11:17:00 | 002,020,755 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Honda EU200i manual.pdf
[2010/03/01 07:38:10 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\Microsoft Office Outlook 2003.lnk
[2010/02/26 22:17:51 | 000,000,255 | ---- | M] () -- C:\Documents and Settings\Dan\Desktop\WebKinz.url
[2010/02/26 17:22:15 | 000,000,342 | ---- | M] () -- C:\WINDOWS\geohealth-02.ini
[2010/02/25 04:01:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/24 21:30:32 | 000,000,080 | ---- | M] () -- C:\WINDOWS\GeoLan.ini
[2010/02/24 21:30:31 | 000,000,512 | ---- | M] () -- C:\WINDOWS\GeoImageProcess.ini
[2010/02/24 21:30:31 | 000,000,060 | ---- | M] () -- C:\WINDOWS\GeoDxDraw.ini
[2010/02/24 09:50:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/03/16 19:29:27 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\gmer.zip
[2010/03/16 19:24:06 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\dds.scr
[2010/03/16 19:22:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dan\defogger_reenable
[2010/03/16 19:22:14 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\Defogger.exe
[2010/03/16 18:00:44 | 000,363,008 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\rkill.com
[2010/03/07 09:12:13 | 000,009,313 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2010/03/07 09:11:22 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2010/03/07 09:10:49 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee EasyNetwork.lnk
[2010/03/07 09:10:43 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Dan\Local Settings\Application Data\fusioncache.dat
[2010/03/07 09:08:01 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/03/07 09:08:00 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/03/05 16:17:17 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/05 10:12:56 | 000,002,493 | ---- | C] () -- C:\WINDOWS\System32\uninstall.hta
[2010/03/03 21:30:16 | 000,000,263 | ---- | C] () -- C:\WINDOWS\geohealth-03.ini
[2010/03/01 11:17:00 | 002,020,755 | ---- | C] () -- C:\Documents and Settings\Dan\Desktop\Honda EU200i manual.pdf
[2010/02/01 10:40:50 | 000,000,342 | ---- | C] () -- C:\WINDOWS\geohealth-02.ini
[2009/12/08 14:48:13 | 000,000,267 | ---- | C] () -- C:\WINDOWS\geohealth-12.ini
[2009/12/02 22:53:49 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/12/02 22:53:49 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\E6D98C2419.sys
[2009/11/06 15:52:19 | 000,002,563 | ---- | C] () -- C:\WINDOWS\geohealth-11.ini
[2009/09/21 16:12:02 | 000,000,512 | ---- | C] () -- C:\WINDOWS\GeoImageProcess.ini
[2009/09/03 01:00:06 | 000,000,132 | ---- | C] () -- C:\WINDOWS\geohealth-09.ini
[2009/08/13 09:40:16 | 000,000,666 | ---- | C] () -- C:\WINDOWS\geohealth-08.ini
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/10 15:55:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\GeoTwin.ini
[2009/06/05 21:00:16 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Dan\Application Data\pcouffin.log
[2009/06/05 21:00:10 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Dan\Application Data\inst.exe
[2009/06/05 21:00:10 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Dan\Application Data\pcouffin.cat
[2009/06/05 21:00:10 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Dan\Application Data\pcouffin.inf
[2009/06/05 20:42:44 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDIdle.INI
[2009/06/05 20:00:36 | 000,001,699 | ---- | C] () -- C:\WINDOWS\geohealth-06.ini
[2009/06/02 15:10:36 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/04/21 18:18:56 | 000,005,014 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\fjsyqunb.wgo
[2009/04/19 10:57:57 | 000,005,044 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xqkcebzs.dik
[2009/04/18 17:49:17 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009/04/18 13:12:27 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/03/27 21:18:48 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/03/27 21:18:29 | 000,000,225 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009/03/27 21:18:29 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009/03/27 21:17:11 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2009/03/27 21:17:11 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2009/03/27 21:17:10 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2009/03/27 21:17:09 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009/03/27 21:15:09 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009/02/05 14:26:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2009/02/05 14:11:30 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2008/12/22 12:39:10 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Libraries
[2008/12/22 12:39:10 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Dan\Application Data\Keychains
[2008/12/22 12:39:10 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2008/12/22 12:36:16 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\LaunchAgents
[2008/12/22 12:36:16 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Dan\Application Data\Kernel Extension
[2008/12/22 12:36:16 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2007/10/06 16:38:12 | 000,000,021 | ---- | C] () -- C:\WINDOWS\GeoRIOM.ini
[2007/10/06 16:35:20 | 000,001,080 | ---- | C] () -- C:\WINDOWS\WebPar.ini
[2007/07/29 10:40:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2007/07/23 13:41:08 | 000,000,080 | ---- | C] () -- C:\WINDOWS\GeoErrorLog.ini
[2007/07/23 12:25:16 | 000,000,121 | ---- | C] () -- C:\WINDOWS\multiview.ini
[2007/07/23 10:08:21 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/07/23 09:37:16 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2007/03/10 22:28:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DMMcast.INI
[2007/03/10 22:27:01 | 000,000,197 | ---- | C] () -- C:\WINDOWS\geoModem.ini
[2007/03/10 22:27:01 | 000,000,044 | ---- | C] () -- C:\WINDOWS\geonet.ini
[2006/09/09 16:07:01 | 000,000,080 | ---- | C] () -- C:\WINDOWS\GeoLan.ini
[2006/09/09 15:53:33 | 000,000,275 | ---- | C] () -- C:\WINDOWS\GeoRepair.ini
[2006/09/09 15:53:14 | 000,000,151 | ---- | C] () -- C:\WINDOWS\geomcast.ini
[2006/09/09 15:53:14 | 000,000,041 | ---- | C] () -- C:\WINDOWS\geoat.ini
[2006/09/09 15:53:13 | 000,017,603 | ---- | C] () -- C:\WINDOWS\GeoPTZ.ini
[2006/09/09 15:53:13 | 000,001,022 | ---- | C] () -- C:\WINDOWS\Geo6cam.ini
[2006/09/09 15:53:11 | 000,000,147 | ---- | C] () -- C:\WINDOWS\Upload.ini
[2006/09/09 15:53:10 | 000,000,022 | ---- | C] () -- C:\WINDOWS\geobcast.ini
[2006/09/09 15:53:10 | 000,000,020 | ---- | C] () -- C:\WINDOWS\GEO_CS.ini
[2006/09/09 15:53:09 | 000,001,255 | ---- | C] () -- C:\WINDOWS\GeoRuntime.ini
[2006/09/09 15:53:09 | 000,000,425 | ---- | C] () -- C:\WINDOWS\GeoDebug61.ini
[2006/09/09 15:53:00 | 000,006,302 | ---- | C] () -- C:\WINDOWS\YAAN_U.ini
[2006/09/09 15:52:59 | 000,006,865 | ---- | C] () -- C:\WINDOWS\VIDO_U.ini
[2006/09/09 15:52:59 | 000,006,743 | ---- | C] () -- C:\WINDOWS\TOA_cc551_U.ini
[2006/09/09 15:52:59 | 000,006,458 | ---- | C] () -- C:\WINDOWS\SAE_U.ini
[2006/09/09 15:52:59 | 000,006,302 | ---- | C] () -- C:\WINDOWS\PelcoSpetra3_U.ini
[2006/09/09 15:52:59 | 000,006,302 | ---- | C] () -- C:\WINDOWS\MESSOA_U.ini
[2006/09/09 15:52:59 | 000,006,298 | ---- | C] () -- C:\WINDOWS\Minking_U.ini
[2006/09/09 15:52:59 | 000,001,079 | ---- | C] () -- C:\WINDOWS\KZC_U.ini
[2006/09/09 15:52:58 | 000,006,879 | ---- | C] () -- C:\WINDOWS\JVC_TK_U.ini
[2006/09/09 15:52:58 | 000,006,318 | ---- | C] () -- C:\WINDOWS\ELBEX_U.ini
[2006/09/09 15:52:58 | 000,006,302 | ---- | C] () -- C:\WINDOWS\JEC_P_U.ini
[2006/09/09 15:52:58 | 000,006,302 | ---- | C] () -- C:\WINDOWS\GKB_U.ini
[2006/09/09 15:52:58 | 000,006,302 | ---- | C] () -- C:\WINDOWS\Dynacolor2_U.ini
[2006/09/09 15:52:58 | 000,006,301 | ---- | C] () -- C:\WINDOWS\KamKo_U.ini
[2006/09/09 15:52:58 | 000,001,944 | ---- | C] () -- C:\WINDOWS\PTU_U.ini
[2006/09/09 15:52:58 | 000,001,080 | ---- | C] () -- C:\WINDOWS\D-max_U.ini
[2006/09/09 15:52:57 | 000,006,458 | ---- | C] () -- C:\WINDOWS\Semsonmatic_U.ini
[2006/09/09 15:52:57 | 000,006,302 | ---- | C] () -- C:\WINDOWS\Samsung_U.ini
[2006/09/09 15:52:57 | 000,006,302 | ---- | C] () -- C:\WINDOWS\Samsung(SDC-1600)_U.ini
[2006/09/09 15:52:57 | 000,006,302 | ---- | C] () -- C:\WINDOWS\Kalatal_U.ini
[2006/09/09 15:52:57 | 000,006,302 | ---- | C] () -- C:\WINDOWS\CPT_U.ini
[2006/09/09 15:52:57 | 000,006,288 | ---- | C] () -- C:\WINDOWS\Bosch_U.ini
[2006/09/09 15:52:57 | 000,005,948 | ---- | C] () -- C:\WINDOWS\ZC-122_U.ini
[2006/09/09 15:52:56 | 000,006,302 | ---- | C] () -- C:\WINDOWS\Dynacolor_U.ini
[2006/09/09 15:52:56 | 000,006,302 | ---- | C] () -- C:\WINDOWS\Dome_PelcoP_U.ini
[2006/09/09 15:52:56 | 000,006,302 | ---- | C] () -- C:\WINDOWS\Dome_PelcoD_U.ini
[2006/09/09 15:52:56 | 000,006,302 | ---- | C] () -- C:\WINDOWS\AdemCo_U.ini
[2006/09/09 15:52:56 | 000,006,194 | ---- | C] () -- C:\WINDOWS\Lilin_U.ini
[2006/09/09 15:52:56 | 000,005,962 | ---- | C] () -- C:\WINDOWS\Panasonic_U.ini
[2006/09/09 15:52:56 | 000,003,517 | ---- | C] () -- C:\WINDOWS\Sony_U.ini
[2006/09/09 15:52:56 | 000,001,235 | ---- | C] () -- C:\WINDOWS\DongYang_U.ini
[2006/09/09 15:52:55 | 000,006,302 | ---- | C] () -- C:\WINDOWS\VCC4_U.ini
[2006/09/09 15:52:55 | 000,006,302 | ---- | C] () -- C:\WINDOWS\VCC3_U.ini
[2006/09/09 15:52:55 | 000,000,395 | ---- | C] () -- C:\WINDOWS\PTZBackupFile.ini
[2006/09/09 15:52:55 | 000,000,026 | ---- | C] () -- C:\WINDOWS\GeoMpeg4.ini
[2006/09/09 15:52:54 | 000,014,062 | ---- | C] () -- C:\WINDOWS\GeoVStatus.ini
[2006/09/09 15:51:20 | 000,000,083 | ---- | C] () -- C:\WINDOWS\DMGateWay.INI
[2006/09/09 15:51:17 | 000,000,033 | ---- | C] () -- C:\WINDOWS\GeoBrand.ini
[2006/09/09 15:51:11 | 000,005,495 | ---- | C] () -- C:\WINDOWS\GeoMulti.ini
[2006/09/09 15:51:11 | 000,000,060 | ---- | C] () -- C:\WINDOWS\GeoDxDraw.ini
[2006/09/09 15:49:51 | 000,000,107 | ---- | C] () -- C:\WINDOWS\GeoHealth.ini
[2006/09/09 15:49:50 | 000,000,115 | ---- | C] () -- C:\WINDOWS\GeoPAL.ini
[2006/09/09 14:50:58 | 000,122,946 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2006/09/09 14:49:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/24 20:14:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== Custom Scans ========== < %systemroot%\system32\*.dll /lockedfiles >[2008/03/12 16:17:16 | 000,372,736 | R--- | M] (Advanced Micro Devices, Inc.)
Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < MD5 for: AGP440.SYS >[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/03/09 22:38:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/03/09 22:38:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >[2004/08/04 01:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/03/09 22:38:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/03/09 22:38:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 00:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 00:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >[2004/08/04 00:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s > ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\WINDOWS:540B0D53222E9392
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
OTL Extras logfile created on: 3/21/2010 5:54:18 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 75.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.82 Gb Total Space | 47.77 Gb Free Space | 20.52% Space Free | Partition Type: NTFS
Drive D: | 931.50 Gb Total Space | 702.17 Gb Free Space | 75.38% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 152.66 Gb Total Space | 84.44 Gb Free Space | 55.31% Space Free | Partition Type: NTFS
Computer Name: CAMERA
Current User Name: Dan
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"443:TCP" = 443:TCP:*:Enabled:httpssl
"54925:UDP" = 54925:UDP:*:Enabled:Brother Network Scanner
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Antivirus\ScanEng\Inodist.exe" = C:\Antivirus\ScanEng\Inodist.exe:*:Enabled:Inodist -- File not found
"C:\GV800\BcastTcp.exe" = C:\GV800\BcastTcp.exe:*:Enabled:BcastTcp Application -- ( )
"C:\GV800\GV800.exe" = C:\GV800\GV800.exe:*:Enabled:Multicam Surveillance System -- ( )
"C:\GV800\DMMcast.exe" = C:\GV800\DMMcast.exe:*:Enabled:Multicast Application -- ( )
"C:\GV800\DMWebCam.exe" = C:\GV800\DMWebCam.exe:*:Enabled:WebCam -- ( )
"C:\GV800\AudioServer.exe" = C:\GV800\AudioServer.exe:*:Enabled:AudioServer -- ()
"C:\GV800\WebCamServer.exe" = C:\GV800\WebCamServer.exe:*:Enabled:HTTP Server -- ()
"C:\Program Files\v8010\DMMultiView\MultiView.exe" = C:\Program Files\v8010\DMMultiView\MultiView.exe:*:Enabled:MultiView -- ( )
"C:\GV800\VLSvr.exe" = C:\GV800\VLSvr.exe:*:Enabled:ViewLog Server -- ()
"C:\GV800\CMSvr.exe" = C:\GV800\CMSvr.exe:*:Enabled:Control Center Server -- ()
"C:\Program Files\sslexplorer\install-sslexplorer.exe" = C:\Program Files\sslexplorer\install-sslexplorer.exe:*:Enabled:install-sslexplorer -- ()
"C:\GV800\TCPsvr.exe" = C:\GV800\TCPsvr.exe:*:Enabled:TcpSvr Application -- ( )
"C:\Documents and Settings\Dan\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe" = C:\Documents and Settings\Dan\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe:*:Enabled:Juniper Terminal Services Client -- (Juniper Networks)
"C:\Program Files\Brother\Brmfl07b\FAXRX.exe" = C:\Program Files\Brother\Brmfl07b\FAXRX.exe:*:Enabled:FAXRX.EXE -- (Brother Industries Ltd.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\GV800\TwinServer.exe" = C:\GV800\TwinServer.exe:*:Enabled:TwinServer -- ()
"C:\Program Files\Corel\DVD9\WinDVD.exe" = C:\Program Files\Corel\DVD9\WinDVD.exe:*:Enabled:WinDVD -- (Corel Corporation)
"C:\Program Files\CA\eTrustITM\InoTask.exe" = C:\Program Files\CA\eTrustITM\InoTask.exe:*:Enabled:InoTask -- File not found
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013BE9DC-2E1A-7E95-15D9-C81E91A19510}" = Catalyst Control Center Graphics Full Existing
"{033E06D3-487A-8ED4-1672-B060C0A97D24}" = Skins
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06542CA3-F90C-BE75-656E-83A0B076213A}" = Catalyst Control Center Localization Czech
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{074C0987-378C-5E80-15F6-437B8717A16D}" = ccc-core-preinstall
"{1583C7B3-5D84-4E62-9C55-BCB795EE7B19}" = Catalyst Control Center Core Implementation
"{18070238-0B24-6C19-52B8-368D26E8F1BC}" = Catalyst Control Center Localization Italian
"{1A3E23D7-7A1E-43EC-B35D-EB8A31BED943}" = FinalBurner PRO v2.10.0.192
"{1D341BEB-869D-E150-1A18-10B02B7E10BF}" = Catalyst Control Center Localization Finnish
"{1D544865-1A49-C99A-7189-ADD5464D8381}" = Catalyst Control Center Localization Thai
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21DAFB84-2421-488F-B17D-102FF53396AA}" = Ulead DVD Player
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{2EE09C14-D1C8-D38C-B8BD-4A5DDA31A33C}" = CCC Help Danish
"{2F6D51D7-F65C-840D-69B3-F9CDC4D1C2CC}" = CCC Help Turkish
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3187E3CF-A2C8-F15F-ADEE-3A966CCAB69E}" = CCC Help Thai
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B0F52AC-EF5C-4831-B221-06C782E41280}" = Quicken 2008
"{3D84CD86-8A47-D0BF-CD0D-AC1749D1B895}" = CCC Help Norwegian
"{44BABF05-8ED2-CEE4-D59F-17E605C4B6FE}" = CCC Help Chinese Traditional
"{469231D8-0FBD-82A8-4DC6-DDC664A77629}" = Catalyst Control Center Localization Portuguese
"{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite
"{49899342-3922-06B5-E38E-17DE462A18C3}" = CCC Help Russian
"{49F10BCB-9587-6C5B-51F8-BE18A732183F}" = Catalyst Control Center Localization Dutch
"{4A545288-D1F5-0C0F-BC97-8179E6FF1794}" = CCC Help Japanese
"{510D967A-B190-C5B9-D2F8-D2009EB2EF93}" = Catalyst Control Center Localization Russian
"{5624C000-B109-11D4-9DB4-00E0290FCAC5}" = VPN Client
"{580EC579-E476-469F-9EBF-F82D696FC67A}" = iClone v2.1 SE
"{59B84475-BEA1-CCBB-36C0-A7CD804F821F}" = Catalyst Control Center Localization Spanish
"{5AFAF0D6-E4FB-CB2C-CAA1-AF78055CD951}" = CCC Help Italian
"{60469B62-EB5C-D37E-D473-4F763F541783}" = Catalyst Control Center Localization Norwegian
"{6087F45E-358C-4173-8CB1-DE0AE26FFAE1}" = Catalyst Control Center - Branding
"{659B48CD-0608-4ED5-94C0-0B6C87114F10}" = Apple Mobile Device Support
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{71A78AEF-7D16-0917-778E-1E04D486FB9E}" = Catalyst Control Center Graphics Light
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE DVD
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770A65D6-F37E-7447-517A-E62282C7EA18}" = CCC Help French
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7B2387B2-63DC-5F0D-3E44-130AB689F1A2}" = Catalyst Control Center Graphics Previews Common
"{7D3CA676-421C-5854-1D80-535FD684E5BC}" = Catalyst Control Center Localization Hungarian
"{8041F412-ABCE-51DA-B8D4-E1BC75FDBF0D}" = Catalyst Control Center Localization Chinese Standard
"{8314CCDE-D301-CABC-EDE7-D391D3E1C7DC}" = CCC Help Spanish
"{8428DF28-CCAF-501E-25CD-1391CD2D5CC9}" = CCC Help Portuguese
"{86B03DBF-D97A-02D7-C6E0-64B1CF7998D8}" = Catalyst Control Center Localization German
"{86B879A5-927E-4536-B5FC-17CA96B60078}" = Garmin Communicator Plugin
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{88F93347-0F9B-4FED-BA71-6C2A4CDFE61D}" = Ulead DVD MovieFactory 2 SE
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF06947-F556-D573-95D1-AB7A7440AAA1}" = CCC Help Greek
"{8DC25D22-3957-4F3F-14F1-4413DB0ED51F}" = Catalyst Control Center Localization Polish
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90D12C0F-9EC0-4E4C-A44C-C76AA0E44FEE}" = Write DVD!
"{913CA370-6B97-3C12-F54D-1BBA8F41303A}" = CCC Help Czech
"{94175F2B-39EB-B64B-50B0-501EDD13D820}" = CCC Help Hungarian
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{966077F9-4923-B3B1-73A6-593E4627B5F7}" = Catalyst Control Center Localization French
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{9DA4749E-BF71-8DAE-948A-3A44408550D6}" = Catalyst Control Center Graphics Full New
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5227CA4-8613-CB80-EFC0-D90A424B5430}" = Catalyst Control Center Localization Turkish
"{A9212616-FCA2-4173-BD99-5C741EB3A068}" = Ulead DVD PictureShow 2 SE
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A99FBC32-DE3C-450D-A2C7-A39BCF08F04F}" = Ulead Burn.Now
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B197FA45-6A2A-8CA4-888B-38BF0DD5DC90}" = CCC Help Chinese Standard
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4F40112-0067-880A-C696-5E2ECC547F2B}" = Catalyst Control Center Localization Danish
"{BA185841-9581-E711-8DB3-24FA5ADED6AD}" = CCC Help English
"{BB00789E-CDE5-0824-F8CB-ABF5EAA0BB1A}" = Catalyst Control Center Localization Chinese Traditional
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6BA2362-C93F-73F5-29E9-CF4100C5CA02}" = Catalyst Control Center Localization Swedish
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C930BF21-C79B-C4DC-7092-2E7898FE5554}" = CCC Help Swedish
"{C9BC573D-3BB5-C839-409D-C964E874188D}" = CCC Help Polish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC5702D7-86E2-45A8-99D7-E8B976ADCC56}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D657FAA8-9042-9CE7-14D9-048A5C88818D}" = Catalyst Control Center Localization Greek
"{D859D35F-E947-4F2A-8591-C76A4D116178}" = Dora Backpack
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{E1DED507-D03F-C0E4-ECE6-542541897A0C}" = CCC Help Finnish
"{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}" = Corel WinDVD 9
"{E3B35466-F7B6-3BE0-EE8D-3DEE37492649}" = CCC Help German
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E7F430A8-AADA-6F9C-CE37-E1174BAD27B0}" = ccc-utility
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EC15C65D-4DE1-3AC7-93B5-D7B2FC02EC09}" = ccc-core-static
"{ECD2A0EE-7BAB-463A-F910-4FD7CE58FC00}" = Catalyst Control Center Localization Japanese
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6C11B5C-0E30-E6F8-46B9-21EF9CE7995D}" = CCC Help Korean
"{F79E3C41-5367-5ADA-5C18-4C9E91FD9852}" = Catalyst Control Center Localization Korean
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FEF74B44-EF2B-762C-3D69-4CA101E792B4}" = CCC Help Dutch
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Belarc Advisor 2.0" = Belarc Advisor 7.2
"Codec_264" = GeoVision H264
"Codec_amp4" = GeoVision MPEG4 ASP
"Codec_mp2" = GeoVision MPEG2
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Dave Ramsey's Financial Peace Financial Software5.3" = Dave Ramsey's Financial Peace Financial Software
"DVD Shrink_is1" = DVD Shrink 3.2
"DVD43_is1" = DVD43 v4.4.0
"DVDFab 6_is1" = DVDFab 6.2.0.5 (11/11/2009)
"DynDNSUpdater" = DynDNS Updater
"GeoVision GV-800 System" = GeoVision GV-800 System
"GEOXCodec" = GeoVision MPEG4
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Handbrake" = HandBrake 0.9.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}" = Corel WinDVD 9
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"MSC" = McAfee SecurityCenter
"Nero - Burning Rom!UninstallKey" = Ahead Nero Express
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"RealPlayer 6.0" = RealPlayer
"SpeedFan" = SpeedFan (remove only)
"SSL-Explorer 1.0.0_RC18" = SSL-Explorer 1.0.0_RC18
"TightVNC_is1" = TightVNC 1.3.9
"TurboTax 2008" = TurboTax 2008
"Windows XP Service Pack" = Windows XP Service Pack 3
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-746137067-583907252-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Term_Services" = Juniper Terminal Services Client
"Log Upload" = Juniper Networks Log Upload
"Neoteris_Host_Checker" = Juniper Networks Host Checker
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 3/12/2010 7:41:05 AM | Computer Name = CAMERA | Source = Google Update | ID = 20
Description =
Error - 3/12/2010 8:41:05 AM | Computer Name = CAMERA | Source = Google Update | ID = 20
Description =
Error - 3/12/2010 9:41:05 AM | Computer Name = CAMERA | Source = Google Update | ID = 20
Description =
Error - 3/13/2010 5:03:12 AM | Computer Name = CAMERA | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 3112 (0xc28) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.0.0.435
/ 5301.4018 Object being scanned = \Device\HarddiskVolume1\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe
by C:\WINDOWS\system32\MRT.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 3/13/2010 10:44:53 AM | Computer Name = CAMERA | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module iertutil.dll, version 8.0.6001.18876, fault address 0x001181ad.
Error - 3/15/2010 10:53:07 AM | Computer Name = CAMERA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 3/15/2010 2:29:48 PM | Computer Name = CAMERA | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module explorer.exe, version 6.0.2900.5512, fault address 0x000027b1.
Error - 3/15/2010 2:29:57 PM | Computer Name = CAMERA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 3/21/2010 6:56:45 PM | Computer Name = CAMERA | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 3824 (0xef0) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.0.0.435
/ 5301.4018 Object being scanned = \Device\HarddiskVolume1\WINDOWS\system32\dllcache\msls31.dll
by C:\Documents and Settings\Dan\Desktop\OTL.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0)
7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 3/21/2010 7:01:02 PM | Computer Name = CAMERA | Source = McLogEvent | ID = 5051
Description = A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took
longer than 90000 ms to complete a request. The process will be terminated. Thread
id : 3448 (0xd78) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.0.0.435
/ 5301.4018 Object being scanned = \Device\HarddiskVolume1\WINDOWS\system32\dllcache\msls31.dll
by C:\Documents and Settings\Dan\Desktop\OTL.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0)
7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)
[ System Events ]
Error - 3/21/2010 5:13:42 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 3/21/2010 5:21:05 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 3/21/2010 5:57:58 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 3/21/2010 5:58:00 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 3/21/2010 6:04:03 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 3/21/2010 6:04:05 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 3/21/2010 6:04:08 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 3/21/2010 6:04:10 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 3/21/2010 6:31:36 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 3/21/2010 6:31:38 PM | Computer Name = CAMERA | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
< End of report >