I have partially removed Antispyware Soft but still have issues. I ran MBAM 3 times and it now runs clean but my ESET anti-virus is still blocking attempts to connect to a server and I can not run Microsoft Update. Attached are the MBAM logs, OTL log & Extra log. Any help would be appreciated.
Thanks,
Dave
MBAM #1 in SafeMode:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4155
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 7.0.5730.13
5/30/2010 8:38:55 AM
mbam-log-2010-05-30 (08-38-55).txt
Scan type: Full scan (C:\|)
Objects scanned: 323058
Time elapsed: 53 minute(s), 20 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 13
Registry Values Infected: 5
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wanolksd (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wanolksd (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\dave\Local Settings\Application Data\obpukmkmg\okswhlwtssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\dave\Local Settings\Application Data\asam.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\dave\Local Settings\Application Data\syssvc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\dave\Local Settings\Temp\oufwxx.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\WINDOWS\herjek.config (Malware.Trace) -> Quarantined and deleted successfully.
MBAM #2 in regular mode:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4156
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
5/30/2010 9:59:17 AM
mbam-log-2010-05-30 (09-59-17).txt
Scan type: Full scan (C:\|)
Objects scanned: 301338
Time elapsed: 1 hour(s), 14 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP512\A0074615.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP512\A0074616.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP512\A0074617.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
MBAM #3:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4157
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
5/30/2010 11:34:08 PM
mbam-log-2010-05-30 (23-34-08).txt
Scan type: Full scan (C:\|)
Objects scanned: 305447
Time elapsed: 1 hour(s), 10 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL Log:
OTL logfile created on: 5/31/2010 7:12:57 AM - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Goof
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 75.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.93 Gb Total Space | 87.36 Gb Free Space | 58.66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LT551
Current User Name: dave
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2010/05/31 07:11:18 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Goof\OTL.exe
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/02 16:19:36 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/04/02 16:19:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2010/04/02 05:24:02 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2010/02/10 12:42:44 | 001,066,240 | ---- | M] (Motorola) -- C:\Program Files\Motorola\Software Update\mumservice.exe
PRC - [2009/11/16 10:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/11/16 10:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/09/15 11:13:30 | 001,577,984 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\ATT-SST\McciTrayApp.exe
PRC - [2009/09/15 11:13:30 | 000,299,008 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciServiceHost.exe
PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/02/23 11:08:10 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/02/23 11:08:10 | 000,254,034 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\DellXPM09B_6159v043\WDM\stacsv.exe
PRC - [2008/12/21 12:48:50 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/12/11 15:35:37 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/10/24 10:14:34 | 001,000,736 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
PRC - [2008/09/16 20:03:50 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/09/09 13:21:16 | 000,069,632 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
PRC - [2008/09/09 13:18:54 | 001,486,848 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
PRC - [2008/08/28 15:20:22 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/08/18 09:42:30 | 001,205,528 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
PRC - [2008/08/18 09:39:28 | 000,455,960 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
PRC - [2008/07/31 20:41:50 | 000,808,296 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
PRC - [2008/07/31 20:41:50 | 000,021,352 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
PRC - [2008/07/01 14:22:16 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/06/29 17:57:18 | 000,466,944 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2008/06/24 06:16:50 | 000,243,000 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2008/06/15 05:12:20 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/06/15 05:12:18 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/06/12 07:59:58 | 000,786,432 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2008/06/10 03:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/06/03 14:28:50 | 000,386,328 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
PRC - [2008/05/30 02:29:28 | 000,593,920 | ---- | M] (Dell, Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2008/05/23 13:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/14 16:42:16 | 000,105,472 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/30 11:50:42 | 000,205,480 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2007/04/19 04:56:36 | 000,133,968 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe
PRC - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\Mssql$JDELocal\BinnMSSQL$JDELOCAL\Binn\sqlservr.exe
PRC - [2002/03/19 18:30:00 | 000,045,632 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe
========== Modules (SafeList) ========== MOD - [2010/05/31 07:11:18 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Goof\OTL.exe
MOD - [2009/09/03 14:33:44 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
MOD - [2009/01/21 19:18:24 | 000,130,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdo.dll
MOD - [2008/04/14 05:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ========== SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/02 16:19:36 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/11/16 10:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 10:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/09/15 11:13:30 | 000,299,008 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\McciServiceHost.exe -- (McciServiceHost)
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/02/23 11:08:10 | 000,254,034 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\DellXPM09B_6159v043\WDM\stacsv.exe -- (STacSV)
SRV - [2008/12/11 15:35:37 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/09/09 13:21:16 | 000,069,632 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe -- (SMManager)
SRV - [2008/08/18 09:39:28 | 000,455,960 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2008/07/31 20:41:50 | 000,808,296 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2008/07/31 20:41:50 | 000,021,352 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2008/06/15 05:12:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/06/12 07:59:58 | 000,786,432 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2008/06/03 14:28:50 | 000,386,328 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2008/04/25 14:45:40 | 000,638,976 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2008/03/10 14:48:48 | 001,249,280 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/04/19 04:56:36 | 000,133,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)
SRV - [2002/12/17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\Mssql$JDELocal\BinnMSSQL$JDELOCAL\Binn\sqlservr.exe -- (MSSQL$JDELOCAL)
SRV - [2002/12/17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\Mssql$JDELocal\BinnMSSQL$JDELOCAL\Binn\sqlagent.EXE -- (SQLAgent$JDELOCAL)
========== Driver Services (SafeList) ========== DRV - [2009/11/16 10:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009/11/16 10:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/11/16 09:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009/10/27 13:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2009/09/15 11:13:34 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/09/15 11:13:34 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/05/08 11:56:12 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2009/02/23 11:08:10 | 001,545,795 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/02/17 12:19:44 | 000,057,672 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/02/17 12:17:40 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009/01/21 19:42:56 | 006,278,560 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/12/16 15:41:44 | 000,112,512 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/09/22 13:40:46 | 000,109,568 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/08/07 17:55:42 | 000,318,488 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2008/07/31 20:39:26 | 000,032,808 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2008/07/24 18:42:48 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/07/01 14:12:18 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/06/30 15:47:30 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel®
DRV - [2008/06/24 06:16:52 | 000,172,344 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2008/06/18 18:19:50 | 001,287,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/06/04 13:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2008/04/14 05:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 05:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/14 05:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/07/23 14:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 14:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 14:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 14:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 14:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 14:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 14:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 14:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 13:55:44 | 000,099,808 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2007/07/23 13:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 13:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/07/23 13:43:42 | 000,052,000 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/06/14 12:53:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2001/08/17 19:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 19:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 19:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 19:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 19:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 18:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 18:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 18:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 18:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 18:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 18:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 18:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 18:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 18:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 18:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=2081202
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/hws/sb/dell-usuk/en/...?channel=us-smbIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=2081202
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=2081202
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=2081202
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=2081202
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=2081202
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=2081202
IE - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com/hws/sb/dell-usuk/en/...?channel=us-smbIE - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerm...tf8&oe=utf8IE - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/12/28 10:38:21 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2010/05/30 10:32:30 | 000,396,932 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13702 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [DCPstrApp] C:\Program Files\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe (Broadcom Corporation)
O4 - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
O4 - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKU\S-1-5-21-1560883842-2114004350-623648099-1204..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk = C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\Mssql$JDELocal\BinnMSSQL$JDELOCAL\Binn\sqlmaint.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-1560883842-2114004350-623648099-1204\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94}
http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://www.update.microsoft.com/microsoftu...b?1261455113796 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microsoftu...b?1261455105781 (MUWebControl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A}
http://zone.msn.com/bingame/luxr/default/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/products/1.3/jinstall-11-win.cab (JavaBeansBridge.Object)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.9.13
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mannpacking.com
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\dave\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\dave\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 14:29:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/04/30 16:13:06 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{63c39df3-5937-11de-b9dd-00225f47ea9a}\Shell - "" = AutoRun
O33 - MountPoints2\{63c39df3-5937-11de-b9dd-00225f47ea9a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{63c39df3-5937-11de-b9dd-00225f47ea9a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/05/31 05:55:08 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17746478449557504)
========== Files/Folders - Created Within 30 Days ========== [2010/05/31 06:50:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/05/30 11:01:44 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/30 10:58:12 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\~0
[2010/05/30 10:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/05/30 10:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/05/30 10:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/05/29 23:10:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Application Data\Malwarebytes
[2010/05/29 19:18:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/29 19:18:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/29 19:18:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/29 19:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/29 19:16:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Local Settings\Application Data\Threat Expert
[2010/05/29 18:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/05/29 18:35:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/05/29 18:35:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/05/29 18:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Local Settings\Application Data\obpukmkmg
[2010/05/22 21:55:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dave\Recent
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/05/31 07:13:08 | 011,534,336 | -H-- | M] () -- C:\Documents and Settings\dave\NTUSER.DAT
[2010/05/31 06:50:23 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E8B991E8-8A4A-4139-8CDA-A0BAA62CFAE5}.job
[2010/05/31 06:00:04 | 000,463,768 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/31 06:00:04 | 000,080,492 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/31 06:00:03 | 000,554,114 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/31 05:55:33 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\dave\Local Settings\Application Data\WavXMapDrive.bat
[2010/05/31 05:55:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/31 05:54:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/31 05:54:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/31 05:54:44 | 3707,658,240 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/31 05:53:19 | 004,317,678 | -H-- | M] () -- C:\Documents and Settings\dave\Local Settings\Application Data\IconCache.db
[2010/05/30 12:11:27 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/05/30 11:03:25 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/05/30 11:01:35 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/30 10:32:30 | 000,396,932 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/05/30 10:26:39 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\dave\Desktop\SpywareBlaster.lnk
[2010/05/30 10:04:14 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\dave\ntuser.ini
[2010/05/29 19:18:59 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/29 19:11:39 | 000,002,045 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk
[2010/05/28 15:26:11 | 000,139,876 | ---- | M] () -- C:\WINDOWS\TypeAhead.tae
[2010/05/28 15:26:11 | 000,004,822 | ---- | M] () -- C:\WINDOWS\JDE.INI
[2010/05/28 11:58:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/05/28 10:31:26 | 000,002,048 | ---- | M] () -- C:\jdesecuni.xds
[2010/05/28 10:31:26 | 000,002,048 | ---- | M] () -- C:\jdeauthuni.xda
[2010/05/28 10:31:26 | 000,000,153 | ---- | M] () -- C:\jdeauthuni.dda
[2010/05/28 10:31:26 | 000,000,129 | ---- | M] () -- C:\jdesecuni.dds
[2010/05/28 06:16:56 | 000,022,076 | ---- | M] () -- C:\jdeinst.html
[2010/05/28 06:16:56 | 000,001,258 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/05/28 06:16:26 | 000,204,800 | ---- | M] () -- C:\WINDOWS\System32\fbdcnfg.dll
[2010/05/26 14:02:50 | 000,818,885 | ---- | M] () -- C:\Documents and Settings\dave\My Documents\FOOTBALL CAMP FOR INCOMING PALMA FRESHMAN2010.pdf
[2010/05/25 06:55:41 | 000,013,049 | ---- | M] () -- C:\_100517.csv
[2010/05/24 10:35:59 | 000,165,376 | ---- | M] () -- C:\Documents and Settings\dave\My Documents\Spec Sheet for Sales 100503.xls
[2010/05/22 21:56:55 | 000,045,164 | ---- | M] () -- C:\Documents and Settings\dave\My Documents\cc_20100522_215648.reg
[2010/05/22 21:54:33 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\dave\Desktop\CCleaner.lnk
[2010/05/17 10:02:44 | 000,013,315 | ---- | M] () -- C:\_100510.csv
[2010/05/10 08:59:46 | 000,012,867 | ---- | M] () -- C:\_100503.csv
[2010/05/06 08:20:12 | 000,089,290 | ---- | M] () -- C:\Documents and Settings\dave\My Documents\19866 code 00522 test.pdf
[2010/05/04 06:42:33 | 000,013,047 | ---- | M] () -- C:\_100426.csv
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/05/30 11:02:27 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/05/30 10:26:39 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\dave\Desktop\SpywareBlaster.lnk
[2010/05/30 08:40:28 | 3707,658,240 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/29 19:18:59 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/26 14:02:50 | 000,818,885 | ---- | C] () -- C:\Documents and Settings\dave\My Documents\FOOTBALL CAMP FOR INCOMING PALMA FRESHMAN2010.pdf
[2010/05/24 15:18:28 | 000,013,049 | ---- | C] () -- C:\_100517.csv
[2010/05/24 10:35:57 | 000,165,376 | ---- | C] () -- C:\Documents and Settings\dave\My Documents\Spec Sheet for Sales 100503.xls
[2010/05/22 21:56:50 | 000,045,164 | ---- | C] () -- C:\Documents and Settings\dave\My Documents\cc_20100522_215648.reg
[2010/05/17 09:46:16 | 000,013,315 | ---- | C] () -- C:\_100510.csv
[2010/05/10 08:39:47 | 000,012,867 | ---- | C] () -- C:\_100503.csv
[2010/05/06 08:20:12 | 000,089,290 | ---- | C] () -- C:\Documents and Settings\dave\My Documents\19866 code 00522 test.pdf
[2010/05/04 06:25:23 | 000,013,047 | ---- | C] () -- C:\_100426.csv
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/21 04:15:13 | 000,000,244 | ---- | C] () -- C:\WINDOWS\System32\webx32.sys
[2009/03/11 11:17:22 | 000,020,556 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2009/03/11 11:16:34 | 000,004,822 | ---- | C] () -- C:\WINDOWS\JDE.INI
[2008/12/17 09:48:31 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\fbdcnfg.dll
[2008/12/09 15:09:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2008/12/09 11:26:47 | 000,000,220 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2008/12/09 09:43:03 | 000,001,258 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/02 10:11:28 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4980.dll
[2008/12/02 10:10:38 | 000,001,156 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/12/02 08:50:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/12/02 08:45:27 | 000,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/12/02 08:44:17 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/12/02 08:36:39 | 000,157,008 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2008/12/02 08:35:19 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2008/09/09 13:17:12 | 000,652,800 | ---- | C] () -- C:\WINDOWS\System32\SMgina.dll
[2008/07/28 17:03:06 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\Wavx_ESC_Logging.dll
[2008/06/13 10:18:56 | 000,512,000 | ---- | C] () -- C:\WINDOWS\System32\AmRes_sv.dll
[2008/06/13 10:18:56 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\AmRes_no.dll
[2008/06/13 10:18:54 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_nl.dll
[2008/06/13 10:18:54 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\AmRes_da.dll
[2008/06/13 10:18:52 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2008/06/13 10:18:52 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2008/06/13 10:18:52 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2008/06/13 10:18:50 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2008/06/13 10:18:50 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2008/06/13 10:18:48 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2008/06/13 10:18:48 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2008/06/13 10:18:46 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2008/06/13 10:18:44 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2008/06/13 10:18:44 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2008/06/13 10:18:42 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2008/06/13 10:16:16 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pl.dll
[2008/05/30 08:38:24 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2008/05/30 08:38:14 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_sv.dll
[2008/05/30 08:37:52 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2008/05/30 08:37:24 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2008/05/30 08:37:22 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2008/05/30 08:37:20 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pl.dll
[2008/05/30 08:37:18 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_no.dll
[2008/05/30 08:37:16 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_nl.dll
[2008/05/30 08:37:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2008/05/30 08:37:12 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_da.dll
[2008/05/30 08:37:12 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2008/05/30 08:37:10 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2008/05/30 08:37:08 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2008/05/30 08:37:06 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2008/05/30 08:37:04 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2008/05/14 16:40:30 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2008/04/25 14:26:32 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/03/18 12:02:52 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/02/25 11:04:48 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2007/04/19 04:52:16 | 000,080,720 | ---- | C] () -- C:\WINDOWS\System32\AsfBios.dll
[2007/04/19 04:28:10 | 000,025,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2006/08/14 10:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2006/06/30 11:58:44 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 11:58:44 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2006/06/12 07:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2004/09/10 11:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 11:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/19 19:30:00 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\mag.dll
[2002/03/19 18:30:00 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll
========== Custom Scans ========== < %systemroot%\system32\*.dll /lockedfiles >[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav >[2008/04/25 02:21:09 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/04/25 02:21:09 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/04/25 02:21:09 | 000,905,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\*. /mp /s > < %SYSTEMDRIVE%\*.exe > ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\RSM Address List Ex 0909.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\Redmond Fuel S.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\PSPECLST705EXT.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\ProductSPEC Jan07 - modified external.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\ProductSPEC Jan07 - internal.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\Product Spec Sheet 040108 - External.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\Olga.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\Neat_pics_1.pps:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\Mann Packing Price List - Gambles - 2008.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\KE ST Transfer test 110807.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\KE ST Transfer test 110807 IB Batch Posting - Part 2.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\KE ST Transfer test 110807 G Batch Posting.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\KE ST Transfer test 110807 - Part 2.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\Foodsrvice items.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\Daves customer breakdown.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\Dannys contacts.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\CUSTOMER LIST - MATT.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dave\My Documents\costco garmin receipt.doc:Roxio EMC Stream
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
Extra Log:
OTL Extras logfile created on: 5/31/2010 7:12:57 AM - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Goof
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 75.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.93 Gb Total Space | 87.36 Gb Free Space | 58.66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LT551
Current User Name: dave
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Motive\McciServiceHost.exe" = C:\Program Files\Common Files\Motive\McciServiceHost.exe:*:Enabled:McciServiceHost -- (Alcatel-Lucent)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{041F04B1-F985-44E8-A070-C3EB1A39369F}" = Dell ControlPoint Connection Manager
"{066D25F6-8B8B-433C-88B4-EDF41D604E7E}" = Broadcom USH Host Components
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series" = Canon MX860 series MP Drivers
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{1BB07579-B219-4291-B4CE-CB7407E0F8BA}" = BPMBroker
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{1EBEC42C-5E3F-4077-933B-411E33A0C3A4}" = Motorola Driver Installation 4.6.0
"{2220CF3A-EBD6-4070-94D0-0C7337B537A7}" = All Day Battery Life Configuration
"{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel® Network Connections 13.0.42.0
"{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}" = tsp patch
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{2FBF04DC-404C-4FA4-BA28-99903080D2B9}" = Magnifier Powertoy for Windows XP
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{3393CDDB-27F0-4869-BED4-BE478598F0FF}" = Dell Control Point
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{435A92C3-2D70-4CE2-9027-CBC8EA6052FC}" = Motorola Software Update
"{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{52D299D8-F84E-497E-B4A4-D8F02782BFAA}" = Dell ControlPoint System Manager
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{558B86E5-CFAC-447C-99EE-5BB1C068706D}" = NTRU TCG Software Stack
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6864ABC3-A982-436B-BEF1-5652D6303361}" = ESET NOD32 Antivirus
"{6EA8A52B-8EA1-4A59-85AB-48132299061A}" = Intel® PRO Alerting Agent
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77A1AE2C-C17A-405C-91C0-8FB90144D7C3}" = MotoConnect
"{7EA69B5E-EE96-44A1-BDD6-F9C193CDDAF9}" = Wave Infrastructure Installer
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{93AE099E-1500-42C2-8174-7AED23D33A73}" = Motorola Phone Tools
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B37C842A-B624-46B8-A727-654E72F1C91A}" = Calculator Powertoy for Windows XP
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BDA04A6C-C7B7-4288-9E92-AC3D0A2A89B2}" = InsiderFootball 2009
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C39DE425-6CCF-4B12-A101-3CB5CF3AF3AD}" = Slideshow Generator Powertoy for Windows XP
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (JDELOCAL)
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EF05BA0F-AC15-4D12-AC5C-276225F5E751}" = Gemalto
"{F251B999-08A9-4704-999C-9962F0DFD88E}" = Virtual Desktop Manager Powertoy for Windows XP
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
"Adobe Acrobat 8 Professional" = Adobe Acrobat 8.2.2 Professional
"Adobe Acrobat 8 Professional_822" = Adobe Acrobat 8.2.2 - CPSID_53952
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ATT" = AT&T U-verse Setup
"ATT-SST UVerse" = AT&T Self Support Tool
"BallStat" = James Habel Software BallStat 11.08.13
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"Canon MX860 series User Registration" = Canon MX860 series User Registration
"CCleaner" = CCleaner
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ieSpell" = ieSpell
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{1BB07579-B219-4291-B4CE-CB7407E0F8BA}" = BPMBroker
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"IrfanView" = IrfanView (remove only)
"JRE 1.3" = Java 2 Runtime Environment Standard Edition v1.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PeopleSoft" = PeopleSoft Client Workstation
"Splendid City Sports Scheduler v6.7.6" = Splendid City Sports Scheduler v6.7.6
"SpywareBlaster_is1" = SpywareBlaster 4.3
"Tweak UI 2.10" = Tweak UI
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WinALDL" = WinALDL
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1560883842-2114004350-623648099-1204\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 5/30/2010 4:20:54 PM | Computer Name = LT551 | Source = Bonjour Service | ID = 100
Description = 496: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 5/30/2010 4:20:54 PM | Computer Name = LT551 | Source = Bonjour Service | ID = 100
Description = 460: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 5/30/2010 10:03:23 PM | Computer Name = LT551 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 5/31/2010 6:03:23 AM | Computer Name = LT551 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 5/31/2010 8:57:36 AM | Computer Name = LT551 | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application outlook.exe, version 11.0.8312.0, stamp 4a403990,
faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address
0x010c46cc.
Error - 5/31/2010 8:57:53 AM | Computer Name = LT551 | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.
Error - 5/31/2010 8:57:55 AM | Computer Name = LT551 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally
Error - 5/31/2010 8:57:55 AM | Computer Name = LT551 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.
Error - 5/31/2010 8:57:56 AM | Computer Name = LT551 | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application outlook.exe, version 11.0.8312.0, stamp 4a403990,
faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address
0x010c46c7.
Error - 5/31/2010 8:58:00 AM | Computer Name = LT551 | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
[ System Events ]
Error - 5/30/2010 1:05:18 PM | Computer Name = LT551 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain MANN due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 5/30/2010 1:05:21 PM | Computer Name = LT551 | Source = RemoteAccess | ID = 20106
Description = Unable to add the interface {BA64D075-EC1D-420D-8EAB-7588BCEE9859}
with the Router Manager for the IP protocol. The following error occurred: Cannot
complete this function.
Error - 5/30/2010 2:02:22 PM | Computer Name = LT551 | Source = Service Control Manager | ID = 7034
Description = The Dell ControlPoint Button Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 5/30/2010 2:02:22 PM | Computer Name = LT551 | Source = Service Control Manager | ID = 7034
Description = The Dell ControlPoint System Manager service terminated unexpectedly.
It has done this 1 time(s).
Error - 5/30/2010 2:03:27 PM | Computer Name = LT551 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain MANN due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 5/30/2010 2:03:31 PM | Computer Name = LT551 | Source = RemoteAccess | ID = 20106
Description = Unable to add the interface {BA64D075-EC1D-420D-8EAB-7588BCEE9859}
with the Router Manager for the IP protocol. The following error occurred: Cannot
complete this function.
Error - 5/30/2010 9:29:31 PM | Computer Name = LT551 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain MANN due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 5/31/2010 1:59:04 AM | Computer Name = LT551 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain MANN due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 5/31/2010 8:55:08 AM | Computer Name = LT551 | Source = RemoteAccess | ID = 20106
Description = Unable to add the interface {BA64D075-EC1D-420D-8EAB-7588BCEE9859}
with the Router Manager for the IP protocol. The following error occurred: Cannot
complete this function.
Error - 5/31/2010 10:09:52 AM | Computer Name = LT551 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.72 for the Network Card with network
address 00225F47EA9A has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
< End of report >