Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirects to random unrelated pages...


  • This topic is locked This topic is locked
13 replies to this topic

#1 dnirvine

dnirvine

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 23 April 2011 - 01:41 PM

As per the request at my original post (http://www.bleepingcomputer.com/forums/topic393080.html) I have posted by HiJackThis Log here. IF there are any other logs you require let me know to help me get rid of this annoying problem. Thanks.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:40:52 PM, on 23/04/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\System32\svchost.exe
C:\Server\Apache1\Apache\Apache.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
G:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Server\Apache1\Apache\Apache.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
G:\Program Files\LiveZilla\LiveZilla.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFRA.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\No-IP\DUC30.exe
C:\Program Files\Styler\Styler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - G:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\Quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [LiveZilla] "G:\Program Files\LiveZilla\LiveZilla.exe" -minimize
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PMSpeed] C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.EXE
O4 - HKCU\..\Run: [Artisan 810(Network)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFRA.EXE /FU "C:\DOCUME~1\DAWSON~1\LOCALS~1\Temp\E_S49.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - S-1-5-18 Startup: DUC 3.0.lnk = C:\Program Files\No-IP\DUC30.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Styler.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: DUC 3.0.lnk = C:\Program Files\No-IP\DUC30.exe (User 'Default user')
O4 - .DEFAULT Startup: Styler.lnk = ? (User 'Default user')
O4 - Startup: DUC 3.0.lnk = C:\Program Files\No-IP\DUC30.exe
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: mIRC.lnk = G:\mIRC_Program\mirc.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: http://www.dniwebdesign.com
O15 - Trusted Zone: http://www.dni-server.no-ip.com
O15 - Trusted Zone: http://www.utexts.ca
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1DA0B259-8F4D-48C1-9889-DE2D568D4131} (InstallerAX Class) - http://chevy.a.content.maven.net/mvms/vfs/chevy/chevylive/live/install/installerAX.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://smms.sub.fulfillment.puretracks.com/onager_smms.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://rigs.precisiondrilling.com/mgaxctrl.cab
O16 - DPF: {637BB540-6ABA-11D4-901D-00D0090CB3BC} (FMClass Class) - http://www.flashants.com/codebase/fmplayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197864916829
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197864851907
O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} (GameHouse Games Player) - http://www.gamehouse.com/games/gamehouse/ghplayer.cab
O16 - DPF: {74EF5274-F439-2168-B543-14745B625C72} (CPlayFirstWeddingDasControl Object) - http://www.gamehouse.com/games/WeddingDash2.cab
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - http://www.wylde.net/msrdp.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} (MaxisSimCity4PatcherX Control) - http://simcity.ea.com/update/MaxisSimCity4PatcherX.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697515} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp5_mp3.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} - http://zone.msn.com/bingame/zpagames/zpa_pool.cab36107.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} - http://zone.msn.com/bingame/gold/default/gf.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - http://zone.msn.com/binframework/v10/StProxy.cab35645.cab
O16 - DPF: {FA5369ED-D19A-434C-8F59-EE90D690D36C} (Chat Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - G:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache - Unknown owner - C:\Server\Apache1\Apache\Apache.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Alias Wavefront Help Server (AWHelpServer) - Unknown owner - C:\Program Files\AliasWavefront\Maya5.0\docs\Wrapper.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BroadCam Service (BroadCamService) - Unknown owner - C:\Program Files\NCH Software\BroadCam\broadCam.exe (file missing)
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Eyeline Service (EyelineService) - Unknown owner - C:\Program Files\NCH Software\Eyeline\eyeline.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Unknown owner - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (file missing)
O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - Unknown owner - C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - G:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe (file missing)
O23 - Service: MySQL5 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: MySQLNoguskaNolaPro - Unknown owner - G:\Program Files\Noguska\NolaPro\Apache\mysql\bin\mysqld-nt.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\System32\PSIService.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: SmartFinder Uninstall (SmartFinder_Uninstall) - Unknown owner - C:\Documents and Settings\Dawson Irvine\Desktop\SFUninstaller.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)
O24 - Desktop Component 0: (no name) - http://www.dni-server.no-ip.com/thunderfm/

--
End of file - 19664 bytes

BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:13 PM

Posted 01 May 2011 - 08:44 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.


Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    hlp.dat
    /md5stop
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 dnirvine

dnirvine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 01 May 2011 - 03:14 PM

Here are the logs... However the redirects have seemed to have stopped (which is odd). But now, every time I try to search on Google via the address bar or search bar (top right corner) of FireFox, FF crashes. I can search google by visiting www.google.ca and searching, however when I try to view "Images" it crashes as well. When I try to search Google Images via Google Chrome, Chrome crashes. It's getting frustrating. Using IE I can search on google and google Images without any problems, as I can tell (except for the usual IE problems naturally).

OTL.Txt
OTL logfile created on: 01/05/2011 1:27:14 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Dawson Irvine\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
9.00 Gb Paging File | 8.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.72 Gb Total Space | 8.79 Gb Free Space | 7.87% Space Free | Partition Type: NTFS
Drive G: | 698.64 Gb Total Space | 446.65 Gb Free Space | 63.93% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: DAWSON | User Name: Dawson Irvine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/01 13:23:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawson Irvine\Desktop\OTL.exe
PRC - [2011/04/29 12:59:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/20 12:14:20 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- G:\Downloads\HijackThis.exe
PRC - [2011/01/20 18:16:45 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/01/20 18:14:42 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/10/27 21:21:54 | 001,155,072 | ---- | M] (Last.fm) -- G:\Program Files\Last.fm\LastFM.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/05/17 02:39:06 | 002,651,576 | ---- | M] (LiveZilla GmbH) -- G:\Program Files\LiveZilla\LiveZilla.exe
PRC - [2010/04/19 14:29:28 | 001,420,288 | ---- | M] () -- C:\Program Files\No-IP\DUC30.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/03 21:55:30 | 000,024,576 | ---- | M] () -- C:\Server\Apache1\Apache\Apache.exe
PRC - [2009/10/01 18:12:46 | 000,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2009/10/01 18:12:27 | 000,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/06/05 00:00:00 | 000,843,776 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/04/07 09:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/02/23 00:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_FATIFRA.EXE
PRC - [2008/10/28 22:59:50 | 000,085,096 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2008/09/10 18:36:10 | 016,188,784 | ---- | M] (Adobe Systems, Inc.) -- G:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe
PRC - [2008/07/09 15:34:30 | 001,343,840 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp5\winamp.exe
PRC - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/06/20 20:26:38 | 007,024,640 | ---- | M] (Visicom Media Inc.) -- C:\Program Files\Visicom Media\AceFTP 3 Pro\aceftp3.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\SYSTEM32\PSIService.exe
PRC - [2007/04/17 14:03:52 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/05/03 10:48:46 | 000,307,200 | ---- | M] (ta2027) -- C:\Program Files\Styler\Styler.exe
PRC - [2004/08/16 09:00:00 | 002,994,176 | ---- | M] (Jasc Software, Inc.) -- G:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Paint Shop Pro 9.exe
PRC - [2004/08/04 00:56:54 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/12/17 09:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE
PRC - [2002/09/03 11:03:08 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\sndvol32.exe
PRC - [2002/06/10 14:21:32 | 000,102,400 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe
PRC - [2002/04/03 01:01:00 | 000,135,264 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe


========== Modules (SafeList) ==========

MOD - [2011/05/01 13:23:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawson Irvine\Desktop\OTL.exe
MOD - [2011/01/20 18:26:12 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\SYSTEM32\guard32.dll
MOD - [2008/04/14 06:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007/10/19 13:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll
MOD - [2006/05/02 05:10:50 | 000,053,248 | ---- | M] (ta2027) -- C:\Program Files\Styler\StylerHelper.dll
MOD - [2004/08/04 00:56:44 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\mfc42.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (WUSB54GSSVC)
SRV - File not found [Disabled | Stopped] -- -- (WinVNC4)
SRV - File not found [On_Demand | Stopped] -- -- (UPS)
SRV - File not found [Disabled | Stopped] -- -- (tcpsys)
SRV - File not found [Auto | Stopped] -- -- (StyleXPService)
SRV - File not found [Auto | Stopped] -- -- (StarWindService)
SRV - File not found [Auto | Stopped] -- -- (SmartFinder_Uninstall)
SRV - File not found [Disabled | Stopped] -- -- (Ql12spv)
SRV - File not found [Disabled | Stopped] -- -- (NetTcpPortSharing)
SRV - File not found [Disabled | Stopped] -- -- (NetDDEdsdm)
SRV - File not found [Disabled | Stopped] -- -- (NetDDE)
SRV - File not found [On_Demand | Stopped] -- -- (Macromedia Licensing Service)
SRV - File not found [Auto | Stopped] -- -- (KodakCCS)
SRV - File not found [Unknown | Stopped] -- -- (idsvc)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (FontCache3.0.0.0)
SRV - File not found [On_Demand | Stopped] -- -- (FLEXnet Licensing Service)
SRV - File not found [Disabled | Stopped] -- -- (FAH)
SRV - File not found [Auto | Stopped] -- -- (EyelineService)
SRV - File not found [Disabled | Stopped] -- -- (DOSYRHCTGO)
SRV - File not found [Disabled | Stopped] -- -- (ClipSrv)
SRV - File not found [On_Demand | Stopped] -- -- (BroadCamService)
SRV - File not found [On_Demand | Stopped] -- -- (AWHelpServer)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/04 16:44:20 | 003,229,784 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_a35e6b9.dll -- (Akamai)
SRV - [2011/01/20 18:14:42 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/01/07 14:54:08 | 000,247,760 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/11/02 15:45:46 | 000,024,576 | ---- | M] (Intuit) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/12/03 23:58:12 | 000,147,456 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2009/12/03 21:55:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Server\Apache1\Apache\Apache.exe -- (Apache)
SRV - [2009/12/01 12:14:00 | 000,603,904 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009/12/01 12:13:56 | 000,362,240 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009/10/01 18:12:46 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/11/18 16:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/11/12 16:44:18 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/10/28 22:59:50 | 000,085,096 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008/01/14 11:17:49 | 005,701,632 | ---- | M] () [Auto | Stopped] -- G:\Program Files\Noguska\NolaPro\Apache\mysql\bin\mysqld-nt.exe -- (MySQLNoguskaNolaPro)
SRV - [2007/10/19 13:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SYSTEM32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/04/17 14:03:52 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV - [2011/04/20 18:51:17 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- G:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/20 18:51:17 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- G:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2011/04/20 18:51:16 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- G:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/01/20 18:26:08 | 000,094,784 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011/01/20 18:25:58 | 000,027,576 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdhlp.sys -- (cmdHlp)
DRV - [2011/01/20 18:25:55 | 000,015,592 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmderd.sys -- (cmderd)
DRV - [2011/01/20 18:25:53 | 000,239,368 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdGuard.sys -- (cmdGuard)
DRV - [2010/12/10 13:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/07/16 14:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/01/14 17:25:53 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/10/01 18:12:29 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/11/23 22:42:25 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2008/07/24 18:46:08 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/02/28 15:31:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/01/09 23:40:38 | 002,846,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2007/11/06 13:22:00 | 000,036,224 | ---- | M] (ArcSoft Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/10/19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Lvckap.sys -- (LVcKap)
DRV - [2007/10/11 18:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/06/18 14:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys -- (motmodem)
DRV - [2007/05/29 12:41:06 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbsermpt.sys -- (usbsermpt)
DRV - [2007/04/28 18:18:15 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CdaD10BA.SYS -- (CdaD10BA)
DRV - [2007/04/25 08:55:02 | 000,134,912 | ---- | M] (ArcSoft Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/03/07 17:51:00 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/03/07 17:51:00 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/12/28 10:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/01/31 06:21:48 | 000,025,900 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2005/10/19 09:34:02 | 000,015,872 | ---- | M] (LaCie Group) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LaCieUSBFilter.sys -- (LaCieUSBFilter) Silver USB Filter (USB BUS Filter Driver)
DRV - [2005/10/18 08:28:08 | 000,014,848 | ---- | M] (LaCie Group S.A.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LaCieFWFilter.sys -- (LaCieFWFilter) Silver 1394 Filter (1394 BUS Filter Driver)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\MarvinBus.sys -- (MarvinBus)
DRV - [2005/05/05 17:03:52 | 000,015,648 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005/03/02 14:26:02 | 000,018,560 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\x10ufx2.sys -- (XUIF)
DRV - [2005/02/23 18:40:26 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\asapiW2k.sys -- (ASAPIW2K)
DRV - [2005/02/09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pclepci.sys -- (PCLEPCI)
DRV - [2005/02/03 19:16:16 | 000,291,456 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005/02/03 19:15:46 | 000,024,064 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005/02/03 19:06:34 | 000,141,184 | ---- | M] (Windows ® 2000 DDK provider) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2005/02/03 19:02:58 | 000,202,368 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2005/02/03 19:01:54 | 000,023,808 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005/02/03 18:49:48 | 000,117,632 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2004/09/13 20:43:29 | 000,068,960 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pcatip.sys -- (Pcatip)
DRV - [2004/08/22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004/08/22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2004/08/03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2004/08/03 23:04:34 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usb8023.sys -- (USB_RNDIS)
DRV - [2004/08/03 22:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmnt.sys -- (nm)
DRV - [2004/08/03 22:29:50 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 22:29:48 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 22:29:46 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 22:29:44 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 22:29:44 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 22:29:42 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 22:29:38 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 22:29:38 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 22:29:38 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 22:29:38 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/04/01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2003/12/17 09:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/12/17 09:50:00 | 000,051,729 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042pr2.Sys -- (L8042pr2)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/22 12:43:06 | 001,330,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2003/09/22 08:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 08:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/05/12 10:59:24 | 000,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinpdxx.sys -- (PCDCODEC)
DRV - [2003/05/12 10:59:10 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinmdxx.sys -- (MVDCODEC)
DRV - [2003/05/12 10:58:55 | 000,102,912 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinrvxx.sys -- (atinrvxx)
DRV - [2003/05/12 10:58:02 | 000,062,464 | ---- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinxsxx.sys -- (ATIXSAudio)
DRV - [2003/05/12 10:57:17 | 000,051,200 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinraxx.sys -- (ativraxx)
DRV - [2003/05/12 10:54:15 | 000,038,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atintuxx.sys -- (ATITUNEP)
DRV - [2003/03/28 12:31:53 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\x10uif.sys -- (X10UIF)
DRV - [2003/03/05 12:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\PFMODNT.SYS -- (PfModNT)
DRV - [2002/11/08 12:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/10/29 15:38:10 | 000,170,499 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2002/10/29 15:37:36 | 001,175,536 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2002/10/29 15:31:28 | 000,604,240 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2002/06/10 14:20:46 | 000,031,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\lvca.sys -- (QCAbsee) Logitech QuickCam Web(PID_0801)
DRV - [2002/06/10 14:20:32 | 000,034,816 | ---- | M] (Logitech Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVSound2.sys -- (lusbaudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\.DEFAULT\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\S-1-5-18\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://218.93.205.24/nospam/
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://218.93.205.24/nospam/
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ant.com"
FF - prefs.js..browser.search.selectedEngine: "Blacksun Domain Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.mozilla.org/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: add-to-searchbox@maltekraus.de:2.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {C2981A6B-7A81-49F9-829A-42C40E8A4006}:1.9.1
FF - prefs.js..extensions.enabledItems: {A5C87640-F7CF-11DA-974D-0800200C9A66}:0.2.1
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.300
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {403304EE-066A-4a2a-8F41-F12028480A0A}:1.8.71
FF - prefs.js..keyword.URL: "http://www.google.ca/search?q="
FF - prefs.js..network.proxy.backup.ftp: "65.213.194.11"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "65.213.194.11"
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "65.213.194.11"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "65.213.194.11"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "70.226.132.214"
FF - prefs.js..network.proxy.ftp_port: 3182
FF - prefs.js..network.proxy.gopher: "70.226.132.214"
FF - prefs.js..network.proxy.gopher_port: 3182
FF - prefs.js..network.proxy.http: "70.226.132.214"
FF - prefs.js..network.proxy.http_port: 3182
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "70.226.132.214"
FF - prefs.js..network.proxy.socks_port: 3182
FF - prefs.js..network.proxy.ssl: "70.226.132.214"
FF - prefs.js..network.proxy.ssl_port: 3182


FF - HKLM\software\mozilla\Firefox\Extensions\\{C2981A6B-7A81-49F9-829A-42C40E8A4006}: C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\{C2981A6B-7A81-49F9-829A-42C40E8A4006} [2009/11/20 18:23:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011/04/19 12:23:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla 1.4\Extensions\\Components: C:\Program Files\mozilla.org\Mozilla\Components [2010/01/23 13:04:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla 1.4\Extensions\\Plugins: C:\Program Files\mozilla.org\Mozilla\Plugins [2011/04/30 15:59:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 12:59:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 15:59:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: G:\Program Files\Mozilla Thunderbird\components [2011/04/25 18:00:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: G:\Program Files\Mozilla Thunderbird\plugins [2010/01/23 13:04:00 | 000,000,000 | ---D | M]

[2009/12/12 03:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Extensions
[2009/12/12 03:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/05/01 12:37:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions
[2011/03/26 23:33:59 | 000,000,000 | ---D | M] ("MicroFox") -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{403304EE-066A-4a2a-8F41-F12028480A0A}
[2010/11/15 00:00:53 | 000,000,000 | ---D | M] (Mobile Barcoder) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{A5C87640-F7CF-11DA-974D-0800200C9A66}
[2011/04/27 21:21:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011/01/14 10:16:23 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/04/27 21:21:49 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/02/21 01:28:04 | 000,000,000 | ---D | M] (Add to Search Bar) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\add-to-searchbox@maltekraus.de
[2011/04/27 21:21:49 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\battlefieldheroespatcher@ea.com
[2010/07/05 17:51:27 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\LogMeInClient@logmein.com
[2009/03/11 20:46:09 | 000,002,546 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\blacksun-domain-search.xml
[2008/04/25 00:24:18 | 000,002,568 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\celebrity-movie-archive--browse.xml
[2009/08/30 00:57:03 | 000,001,093 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\dns-stuff--ip-whois.xml
[2008/07/29 22:44:46 | 000,001,793 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\dnsstuff-ip-info.xml
[2008/05/27 19:31:19 | 000,002,809 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\google-images.xml
[2008/05/10 12:22:47 | 000,002,873 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\internet-movie-database.xml
[2010/11/17 00:15:55 | 000,001,218 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\lazygirlsinfo.xml
[2010/09/25 23:41:57 | 000,001,469 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\pirate-bay.xml
[2008/08/04 21:58:40 | 000,001,065 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\songs-search--ultimate-guitarcom.xml
[2010/12/08 18:14:53 | 000,001,113 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\yahoo-finance.xml
[2009/06/11 20:06:33 | 000,000,872 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\yahoo.gif
[2009/06/11 20:06:33 | 000,000,466 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\yahoo.src
[2009/06/11 20:06:33 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\yahoo.xml
[2009/01/02 15:51:16 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\youtube---broadcast-yourself.xml
[2011/05/01 12:37:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/30 14:15:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2009/11/20 18:23:04 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\DAWSON IRVINE\LOCAL SETTINGS\APPLICATION DATA\{C2981A6B-7A81-49F9-829A-42C40E8A4006}
[2011/04/19 12:23:27 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX
[2010/01/18 18:01:47 | 000,000,000 | ---D | M] (Java Quick Starter) -- G:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/18 11:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2004/12/22 10:08:32 | 000,110,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2007/09/10 12:10:04 | 000,086,016 | ---- | M] (SpiralFrog Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPSFDMGR.dll
[2006/08/09 04:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll

Hosts file not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (NTIECatcher Class) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll (Xi)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [diagent] C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LiveZilla] G:\Program Files\LiveZilla\LiveZilla.exe (LiveZilla GmbH)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\WrtMon.exe ()
O4 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007..\Run: [Artisan 810(Network)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFRA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007..\Run: [PMSpeed] C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\mIRC.lnk = G:\mIRC_Program\mirc.exe (mIRC Co. Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Canada ULC.)
O4 - Startup: C:\Documents and Settings\Dawson Irvine\Start Menu\Programs\Startup\DUC 3.0.lnk = C:\Program Files\No-IP\DUC30.exe ()
O4 - Startup: C:\Documents and Settings\Dawson Irvine\Start Menu\Programs\Startup\Styler.lnk = C:\Documents and Settings\Dawson Irvine\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL (ATI Technologies Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O15 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..Trusted Domains: ([]msn in )
O15 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..Trusted Domains: dniwebdesign.com ([www] http in Local intranet)
O15 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..Trusted Domains: no-ip.com ([www.dni-server] http in Local intranet)
O15 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..Trusted Domains: utexts.ca ([www] http in Local intranet)
O16 - DPF: {0000000A-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmsp9dmo.cab (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab (Reg Error: Key error.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} http://download.microsoft.com/download/0/f/b/0fb0fab9-7f09-4bb6-86d8-8e791ba99ac5/VirtualEarth3D.cab (Reg Error: Key error.)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1DA0B259-8F4D-48C1-9889-DE2D568D4131} http://chevy.a.content.maven.net/mvms/vfs/chevy/chevylive/live/install/installerAX.cab (InstallerAX Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab (Reg Error: Key error.)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://spaces.msn.com//PhotoUpload/MsnPUpld.cab (Reg Error: Key error.)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab (Reg Error: Key error.)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/FacebookPhotoUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} http://smms.sub.fulfillment.puretracks.com/onager_smms.cab (OnagerCtrl Class)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://rigs.precisiondrilling.com/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {637BB540-6ABA-11D4-901D-00D0090CB3BC} http://www.flashants.com/codebase/fmplayer.cab (FMClass Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197864916829 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab (AXELPlayer Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197864851907 (MUWebControl Class)
O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} http://www.gamehouse.com/games/gamehouse/ghplayer.cab (GameHouse Games Player)
O16 - DPF: {74EF5274-F439-2168-B543-14745B625C72} http://www.gamehouse.com/games/WeddingDash2.cab (CPlayFirstWeddingDasControl Object)
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} http://www.wylde.net/msrdp.cab (Microsoft RDP Client Control (redist))
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37954.9984953704 (Reg Error: Key error.)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (Reg Error: Key error.)
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} http://simcity.ea.com/play/classic/SimCityX.cab (SimCityX Control)
O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} http://simcity.ea.com/update/MaxisSimCity4PatcherX.cab (MaxisSimCity4PatcherX Control)
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab (NsvPlayX Control)
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697515} http://www.nullsoft.com/nsv/embed/nsvplayx_vp5_mp3.cab (NsvPlayX Control)
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/bingame/zpagames/zpa_pool.cab36107.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_01-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.4.1/jinstall-1_4_1_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-440000000000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553516000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} http://zone.msn.com/bingame/feed/default/SproutLauncher.cab (Reg Error: Key error.)
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} http://zone.msn.com/bingame/gold/default/gf.cab (Reg Error: Key error.)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab35645.cab (Reg Error: Key error.)
O16 - DPF: {FA5369ED-D19A-434C-8F59-EE90D690D36C} https://secure.logmein.com/activex/RACtrl.cab (Chat Activex Control)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: RaptisoftGameLoader http://www.miniclip.com/hamsterball/raptisoftgameloader.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 142.165.200.135 142.165.157.5
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\maven-8110 {8AD8E31C-8D60-4166-862E-54F748A76169} - C:\Program Files\Chevy\bin\bin-1\protocolHandler.dll ()
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - G:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-qt2007 {026BF40D-BA05-467b-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\SYSTEM32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 () - http://www.dni-server.no-ip.com/thunderfm/
O24 - Desktop WallPaper: C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - G:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006/12/24 23:41:40 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5da8613b-cb32-11de-8a89-0007e95397b4}\Shell\AutoRun\command - "" = L:\.\kiss_player.exe
O33 - MountPoints2\{73718ed8-aba4-11dc-9c4e-000f66eebbe8}\Shell\AutoRun\command - "" = H:\ATI2EVXX.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (rmvirut.nt) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\WINDOWS\system32\mscert.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpFolder: C:^Documents and Settings^Dawson Irvine^Start Menu^Programs^Startup^Styler.lnk - - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} -
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} -
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4EE370A1-DED4-C6EB-4236-F32FA07C2534} - Outlook Express
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5F95E1AF-2620-4f15-BDF9-7FDCE4607E17} - BearShare
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {72ADAD5C-ACBF-02D3-7113-D59E2F8DD115} - Microsoft Windows Media Player 6.4
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {810F40D8-FEC2-D12C-B64A-7ACD60861C69} - Themes Setup
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {8D3E3F1E-2DC4-AA36-7739-4A656A94374B} - Adobe Shockwave Director 11.0
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {98A65F91-EFB5-11cf-87CA-0020AFEECF20} - Microsoft HTML Layout Control
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {C3A94137-9EBF-EA64-1487-7BFB9E5AE30D} - Internet Explorer
ActiveX: {C4EEE7F7-84A1-5402-F1A3-F1B0DA015A23} - Macromedia Shockwave Director 10.1
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {CE0BB69B-7E58-4571-D5DB-88A364013B35} - Vector Graphics Rendering (VML)
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {F13C5B0F-93B8-F795-C260-4BF9A5151837} - Vector Graphics Rendering (VML)
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: AutorunsDisabled -

Drivers32: msacm.avis - C:\WINDOWS\System32\ff_acm.acm ()
Drivers32: msacm.ctmp3 - C:\WINDOWS\SYSTEM32\ctmp3.acm (Creative Technology Ltd.)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\Vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSACM.MSNAUDIO - C:\WINDOWS\System32\msnaudio.acm (Microsoft Corporation)
Drivers32: MSACM.msrt24 - C:\WINDOWS\System32\msrt24.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.CFHD - C:\WINDOWS\System32\cfhd.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.DRAW - DVIDEO.DLL File not found
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\HUFFYUV.DLL (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\IR41_32.DLL (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.mjpx - C:\WINDOWS\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - pclepim1.dll File not found
Drivers32: vidc.rtmp - Roxio_DivX.dll File not found
Drivers32: VIDC.SP53 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP54 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP55 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP56 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP57 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP58 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP59 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.VCR1 - ATIVCR1.DLL File not found
Drivers32: VIDC.VCR2 - ATIVCR2.DLL File not found
Drivers32: VIDC.VIFP - C:\WINDOWS\System32\VFCodec.dll ()
Drivers32: vidc.VP31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: vidc.VP60 - C:\WINDOWS\SYSTEM32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\SYSTEM32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YU12 - C:\WINDOWS\System32\atiyuv12.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/05/01 13:23:31 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dawson Irvine\Desktop\OTL.exe
[2011/04/30 14:15:34 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/04/30 14:15:34 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/04/30 14:15:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/04/30 14:15:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/04/27 21:19:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/04/26 18:11:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Vista Games
[2011/04/26 00:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Identities
[2011/04/26 00:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2011/04/19 12:23:22 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2011/04/19 12:23:21 | 002,000,848 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2011/04/19 12:23:21 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2011/04/18 23:53:26 | 000,656,320 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2011/04/18 23:53:25 | 000,338,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2011/04/18 23:53:22 | 000,251,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/04/18 23:53:04 | 000,239,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/04/18 23:53:04 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/04/18 23:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
[2011/04/18 23:52:51 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2011/04/18 23:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/04/18 23:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/04/18 23:52:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dawson Irvine\Application Data\PC Tools
[2011/04/18 23:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/12/11 19:33:45 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2004/09/12 00:52:11 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2004/09/12 00:52:11 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2003/10/29 18:26:31 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\Documents and Settings\Dawson Irvine\My Documents\*.tmp files -> C:\Documents and Settings\Dawson Irvine\My Documents\*.tmp -> ]
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/01 13:37:11 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/01 13:23:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawson Irvine\Desktop\OTL.exe
[2011/05/01 13:01:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4205683485-3212168527-1303186231-1007UA.job
[2011/05/01 12:59:59 | 000,000,502 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2011/05/01 08:37:01 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/01 02:01:01 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4205683485-3212168527-1303186231-1007Core.job
[2011/04/27 22:19:39 | 000,000,052 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Create PHP Session Folder.bat
[2011/04/27 21:38:21 | 000,001,657 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/27 21:38:21 | 000,001,639 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/04/27 16:20:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/25 07:31:50 | 000,034,876 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\208122_10150543766395526_618455525_17999915_1830838_n.jpg
[2011/04/24 00:43:29 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Settings.cfg
[2011/04/23 12:21:09 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Start Menu\Programs\Startup\Styler.lnk
[2011/04/23 12:10:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/04/23 12:10:50 | 2683,375,616 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/23 10:04:00 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\defogger_reenable
[2011/04/20 18:28:00 | 000,149,504 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/18 23:54:01 | 000,644,924 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/04/18 23:48:24 | 000,512,992 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\sdsetup_revwire207.exe
[2011/04/14 05:08:11 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/04/14 05:08:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/04/14 05:08:09 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/04/14 05:07:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/04/14 02:40:22 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/04/12 21:10:31 | 000,215,248 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\e2363061.mp3
[2011/04/12 20:47:49 | 000,033,901 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\playoffdraft2011.pdf
[2011/04/10 16:30:38 | 000,411,709 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Codette_Google_2009_02.jpg
[2011/04/10 16:30:26 | 000,424,182 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Codette_Google_2009.jpg
[2011/04/09 12:26:29 | 000,007,434 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\26_2color_logo.jpg
[2011/04/09 09:27:43 | 000,018,472 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\paypalplatform.php
[2011/04/09 00:26:17 | 004,310,350 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\PP_AdaptivePayments.pdf
[2011/04/04 21:24:47 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\Documents and Settings\Dawson Irvine\My Documents\*.tmp files -> C:\Documents and Settings\Dawson Irvine\My Documents\*.tmp -> ]
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/27 22:19:39 | 000,000,052 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Create PHP Session Folder.bat
[2011/04/25 07:31:49 | 000,034,876 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\208122_10150543766395526_618455525_17999915_1830838_n.jpg
[2011/04/23 10:02:57 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\defogger_reenable
[2011/04/20 17:42:41 | 2683,375,616 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/19 12:23:23 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2011/04/19 12:23:22 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2011/04/19 12:23:22 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2011/04/19 12:23:22 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2011/04/19 12:23:21 | 000,002,125 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2011/04/18 23:53:35 | 000,644,924 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/04/18 23:50:37 | 000,512,992 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\sdsetup_revwire207.exe
[2011/04/18 23:40:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/04/12 21:10:31 | 000,215,248 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\e2363061.mp3
[2011/04/12 20:47:49 | 000,033,901 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\playoffdraft2011.pdf
[2011/04/10 16:30:38 | 000,411,709 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Codette_Google_2009_02.jpg
[2011/04/10 16:30:26 | 000,424,182 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Codette_Google_2009.jpg
[2011/04/09 12:26:27 | 000,007,434 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\26_2color_logo.jpg
[2011/04/09 09:27:42 | 000,018,472 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\paypalplatform.php
[2011/04/09 00:26:17 | 004,310,350 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\PP_AdaptivePayments.pdf
[2011/03/10 00:50:48 | 000,001,056 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\qif2csv.ini
[2011/02/05 23:35:19 | 000,000,272 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010/11/28 01:42:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/11/10 17:48:21 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/11/10 17:48:21 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/11/10 17:48:20 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/11/10 17:48:20 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/11/10 17:48:20 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/11/10 17:48:20 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/11/10 17:48:20 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/11/10 17:48:20 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/11/10 17:48:20 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/11/10 17:48:20 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/11/10 17:48:20 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/11/10 17:48:20 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/11/10 17:48:20 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/11/10 17:48:20 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/11/10 17:48:20 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/11/10 17:48:20 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/11/10 17:42:43 | 000,000,090 | ---- | C] () -- C:\WINDOWS\EPART810.ini
[2010/09/06 15:44:15 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/07/15 22:45:35 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010/03/27 02:01:24 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\default.rss
[2010/03/25 21:07:19 | 000,000,071 | ---- | C] () -- C:\WINDOWS\PrintCD.INI
[2010/01/26 21:10:04 | 000,000,037 | ---- | C] () -- C:\WINDOWS\SWFConverter.INI
[2009/12/27 00:06:42 | 000,000,153 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2009/12/27 00:03:58 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Settings.cfg
[2009/12/21 01:23:53 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/12/13 04:19:12 | 000,000,121 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2009/12/11 19:33:46 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2009/12/11 19:33:41 | 000,005,917 | ---- | C] () -- C:\WINDOWS\SBMIXDEF.INI
[2009/12/11 16:27:48 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009/12/11 13:07:22 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2009/12/02 10:16:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\sc.exe
[2009/12/01 12:14:00 | 000,603,904 | ---- | C] () -- C:\WINDOWS\System32\TUProgSt.exe
[2009/11/24 01:24:38 | 000,001,130 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\FASTWiz.html
[2009/11/23 20:29:07 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\FASTApp.html
[2009/11/20 22:07:32 | 000,000,387 | ---- | C] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/20 22:07:32 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
[2009/11/20 22:07:32 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\config.data
[2009/11/20 18:23:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Gyuvikuwafon.bin
[2009/11/20 18:23:07 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Byojilul.dat
[2009/10/31 00:28:26 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2009/07/26 19:23:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\servbot.INI
[2009/07/17 17:10:15 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/07/17 17:10:13 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\PnkBstrK.sys
[2009/07/17 17:09:49 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/07/17 17:09:41 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/07/17 17:09:41 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/05/30 23:37:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009/05/17 00:31:54 | 000,000,095 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2009/05/16 18:11:23 | 000,000,195 | ---- | C] () -- C:\WINDOWS\WinHelp.ini
[2009/05/04 13:17:15 | 000,166,484 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/05/02 23:09:18 | 000,000,037 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2009/02/23 23:58:26 | 000,000,133 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2008/10/28 22:48:52 | 000,002,352 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2008/10/20 20:45:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/10/20 19:06:10 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/10/20 19:06:09 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/10/20 19:06:08 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/10/20 19:06:08 | 000,165,782 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/07/30 20:41:32 | 000,000,085 | ---- | C] () -- C:\WINDOWS\System32\everest_cpl.ini
[2008/05/22 23:05:58 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\VERMONT1.DLL
[2008/05/22 23:05:58 | 000,012,416 | ---- | C] () -- C:\WINDOWS\System32\VRX1.DLL
[2008/05/22 23:05:57 | 000,107,520 | ---- | C] () -- C:\WINDOWS\System32\SIMANT.DLL
[2008/03/26 20:29:08 | 000,017,723 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/10/23 23:23:15 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\CE5A8CCED5.sys
[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/10/04 22:19:11 | 002,097,152 | ---- | C] () -- C:\WINDOWS\System32\autorun.bin
[2007/08/21 16:51:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007/08/21 14:36:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2007/07/16 18:10:49 | 000,001,314 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2007/07/13 20:57:12 | 000,049,653 | ---- | C] () -- C:\WINDOWS\php.ini
[2007/07/13 19:20:20 | 000,040,609 | ---- | C] () -- C:\WINDOWS\php2asd.ini
[2007/06/05 13:20:32 | 000,177,704 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2007/05/22 19:14:58 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007/05/06 02:16:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2007/02/05 10:37:52 | 000,000,080 | RHS- | C] () -- C:\WINDOWS\System32\D5CE8C5ACE.dll
[2006/12/31 16:15:20 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/12/25 00:08:04 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2006/12/24 23:41:40 | 000,001,289 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2006/12/24 23:41:39 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2006/12/24 23:41:39 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2006/12/24 23:41:39 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2006/12/24 23:41:39 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2006/12/24 23:41:39 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006/08/29 23:15:49 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/08/29 23:15:49 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/07/16 22:03:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/07/16 22:03:28 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/07/16 22:03:28 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/07/16 22:03:27 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/07/16 22:03:27 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/07/16 22:03:27 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/04/27 21:24:19 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\$HCPINI$.DAT
[2006/04/10 18:28:22 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/03/14 22:30:05 | 000,000,082 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2006/03/14 16:24:47 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/02/25 23:29:18 | 000,012,840 | ---- | C] () -- C:\WINDOWS\W3DemoUnin.dat
[2005/11/24 21:22:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\defaultcode.cfg
[2005/11/08 00:43:30 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\shctxex.dll
[2005/11/05 02:12:22 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DVDSentry.ini
[2005/11/05 01:26:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/11/04 21:55:21 | 000,050,314 | ---- | C] () -- C:\WINDOWS\php3.ini
[2005/11/04 21:00:37 | 000,028,672 | ---- | C] () -- C:\WINDOWS\php4apache.dll
[2005/10/19 01:54:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2005/10/15 02:51:23 | 000,015,284 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/10/15 02:43:56 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv9869p2now.sys
[2005/10/15 02:40:55 | 000,000,068 | ---- | C] () -- C:\WINDOWS\System32\NCTTAudioFile.dll
[2005/10/03 12:53:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2005/10/03 12:14:28 | 000,000,083 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/23 09:00:07 | 000,000,871 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2005/09/12 17:18:37 | 000,601,532 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\imageCache7.db
[2005/09/09 21:45:38 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/07/29 08:41:18 | 000,032,771 | ---- | C] () -- C:\WINDOWS\System32\wupruni.dll
[2005/07/29 02:33:00 | 000,197,753 | ---- | C] () -- C:\WINDOWS\System32\lcwsc.dat
[2005/07/18 14:19:28 | 000,000,017 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/07/14 12:31:20 | 000,027,648 | RHS- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2005/07/04 03:29:03 | 000,006,019 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/07/04 03:29:03 | 000,000,503 | ---- | C] () -- C:\WINDOWS\iconeasl.ini
[2005/07/04 03:29:03 | 000,000,099 | ---- | C] () -- C:\WINDOWS\CTRec.INI
[2005/07/04 03:29:03 | 000,000,028 | ---- | C] () -- C:\WINDOWS\jgrprn.INI
[2005/06/21 22:37:42 | 000,045,568 | RHS- | C] () -- C:\WINDOWS\System32\cygz.dll
[2005/05/13 17:12:00 | 000,217,073 | RHS- | C] () -- C:\WINDOWS\meta4.exe
[2005/05/05 17:03:50 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2005/05/05 17:03:21 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/05/05 17:03:20 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/05/05 17:03:05 | 000,001,623 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2005/04/05 23:25:35 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2005/04/05 23:25:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\transkriber.INI
[2005/04/05 10:43:31 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2005/02/22 20:23:33 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2005/02/17 18:29:24 | 000,000,301 | ---- | C] () -- C:\WINDOWS\System32\obdb.DAT
[2005/02/05 13:46:00 | 000,004,608 | ---- | C] () -- C:\WINDOWS\fgexec.dll
[2005/01/28 00:19:13 | 000,000,026 | ---- | C] () -- C:\WINDOWS\MSwf2Avi.INI
[2005/01/04 14:24:52 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005/01/04 14:12:37 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2004/12/20 18:24:03 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/12/20 14:30:39 | 000,000,737 | ---- | C] () -- C:\WINDOWS\System32\msdrivertempxdc.dll
[2004/12/20 14:30:26 | 000,001,083 | ---- | C] () -- C:\WINDOWS\System32\udprdrv.dll
[2004/12/20 14:30:25 | 000,002,214 | ---- | C] () -- C:\WINDOWS\System32\msinstl.dll
[2004/12/20 14:30:25 | 000,001,515 | ---- | C] () -- C:\WINDOWS\System32\msactctr.dll
[2004/12/11 17:43:09 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\fusioncache.dat
[2004/11/12 23:55:55 | 000,000,171 | ---- | C] () -- C:\WINDOWS\icecast2.ini
[2004/10/26 16:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/10/07 16:23:41 | 000,081,972 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2004/09/16 22:19:20 | 000,892,946 | ---- | C] () -- C:\WINDOWS\System32\alleg40.dll
[2004/09/06 19:47:26 | 000,190,464 | ---- | C] () -- C:\WINDOWS\System32\landplot.dll
[2004/09/06 00:33:24 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Dawson Irvine.ini
[2004/08/22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/22 22:32:54 | 000,000,005 | ---- | C] () -- C:\WINDOWS\AXELPlayer.dat
[2004/06/27 23:20:36 | 000,000,013 | ---- | C] () -- C:\WINDOWS\System32\user.dat
[2004/03/25 18:23:37 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/03/18 11:12:13 | 000,000,273 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\devcpp.cfg
[2004/03/18 11:11:36 | 000,004,578 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\devcpp.ini
[2004/03/09 15:29:12 | 000,123,989 | ---- | C] () -- C:\WINDOWS\RSEDNClientUninstaller.exe
[2004/02/28 02:24:42 | 000,000,063 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2004/02/12 10:59:20 | 000,000,235 | ---- | C] () -- C:\Program Files\My Documents.htm
[2004/02/07 17:42:46 | 000,000,506 | ---- | C] () -- C:\WINDOWS\my.ini
[2004/02/06 17:18:42 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/01/30 22:10:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ultra.dll
[2004/01/28 21:46:27 | 000,001,109 | ---- | C] () -- C:\Program Files\common.php
[2004/01/25 11:09:45 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\Regobj.dll
[2004/01/24 21:16:53 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2004/01/15 12:43:54 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2003/12/11 13:49:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MinGW.INI
[2003/11/13 07:13:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\netscape.INI
[2003/11/13 07:11:26 | 000,633,538 | ---- | C] () -- C:\WINDOWS\cd32.exe
[2003/11/09 21:09:01 | 000,000,196 | R--- | C] () -- C:\WINDOWS\htwtb.bin
[2003/11/04 21:00:30 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2003/11/03 00:00:02 | 000,872,448 | ---- | C] () -- C:\WINDOWS\System32\iconv.dll
[2003/10/31 23:58:17 | 000,000,103 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2003/10/29 18:26:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\BurnData.bin
[2003/10/22 17:17:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\J2ExeHook.dll
[2003/10/09 10:33:36 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\liplW7.dll
[2003/10/09 10:33:36 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\liplPX.dll
[2003/10/09 10:33:36 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\liplP6.dll
[2003/10/09 10:33:36 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\liplM6.dll
[2003/10/09 10:33:35 | 000,290,816 | ---- | C] () -- C:\WINDOWS\System32\liplA6.dll
[2003/10/09 10:33:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lipl.dll
[2003/10/09 10:33:35 | 000,005,187 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2003/09/27 16:58:12 | 000,000,225 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/09/20 18:36:30 | 000,000,039 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2003/09/18 23:28:56 | 000,000,867 | ---- | C] () -- C:\WINDOWS\easyicon.ini
[2003/09/16 15:42:08 | 000,032,246 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/09/16 15:41:59 | 000,095,440 | ---- | C] () -- C:\WINDOWS\MozillaUninstall.exe
[2003/09/16 15:41:47 | 000,024,003 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2003/09/08 19:41:26 | 000,006,688 | ---- | C] () -- C:\WINDOWS\movexe.exe
[2003/09/08 17:17:19 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2003/09/08 16:57:58 | 000,000,054 | ---- | C] () -- C:\WINDOWS\DNI Web Design.ini
[2003/09/01 10:06:14 | 000,002,696 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2003/08/25 18:44:33 | 000,000,094 | -H-- | C] () -- C:\WINDOWS\System32\tdb_G1asw.ini
[2003/08/17 12:21:10 | 000,000,048 | ---- | C] () -- C:\WINDOWS\NewSaver.ini
[2003/08/12 18:48:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\dm.ini
[2003/08/11 22:38:37 | 000,000,195 | ---- | C] () -- C:\WINDOWS\REGPSD20.INI
[2003/08/11 22:37:57 | 000,000,797 | ---- | C] () -- C:\WINDOWS\PSD2WIN.INI
[2003/08/11 22:37:57 | 000,000,089 | ---- | C] () -- C:\WINDOWS\psdxport.ini
[2003/08/11 17:23:16 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Morpheus.INI
[2003/08/09 19:49:51 | 000,000,793 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2003/08/08 20:57:50 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2003/08/08 17:57:17 | 000,000,051 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2003/08/08 17:54:20 | 000,000,537 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2003/08/07 12:39:26 | 000,000,470 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2003/08/06 20:03:24 | 000,149,504 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/08/06 12:29:18 | 000,000,124 | ---- | C] () -- C:\WINDOWS\cool.ini
[2003/08/06 12:27:47 | 000,000,754 | ---- | C] () -- C:\WINDOWS\wordpad.ini
[2003/08/06 12:04:02 | 000,001,858 | ---- | C] () -- C:\WINDOWS\instvise.ini
[2003/08/05 21:12:08 | 000,001,080 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2003/07/29 14:21:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/07/29 14:17:08 | 000,000,784 | ---- | C] () -- C:\WINDOWS\lrun32.ini
[2003/07/29 14:15:40 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/07/29 14:14:12 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2003/07/29 14:14:12 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/07/29 14:14:01 | 000,002,516 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2003/07/29 14:14:01 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/07/29 14:14:00 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2003/07/29 14:13:36 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/07/29 14:09:29 | 000,000,883 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/07/29 14:00:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2003/07/29 13:58:10 | 000,459,796 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2003/07/29 13:58:10 | 000,077,188 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2003/07/29 13:46:28 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/03/28 14:31:52 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2003/03/28 14:31:52 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003/01/07 15:15:26 | 000,000,255 | ---- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2002/11/13 13:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2002/10/29 17:04:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2002/10/03 14:42:27 | 000,000,034 | ---- | C] () -- C:\WINDOWS\Q3version.ini
[2002/09/03 11:17:03 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 11:16:59 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/03 10:52:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/03 10:51:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/03 10:41:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/03 10:41:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/03 10:32:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/03 10:30:33 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/09/03 08:05:08 | 002,526,328 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/03 07:59:14 | 000,004,328 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 07:56:30 | 000,023,360 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2002/01/20 20:30:58 | 000,000,418 | ---- | C] () -- C:\WINDOWS\System32\FlashSaver.dat
[2002/01/13 16:47:48 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\FsmSaver.dat
[2001/08/17 16:36:28 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2000/07/22 16:49:46 | 000,431,104 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[1999/08/12 00:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999/08/12 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/08/12 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/03/15 00:00:00 | 000,000,014 | ---- | C] () -- C:\WINDOWS\GLFHELP.INI
[1979/12/31 23:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2003/10/22 17:18:46 | 000,145,740 | ---- | M] () -- C:\Blotto.exe
[2003/10/22 17:19:09 | 000,145,724 | ---- | M] () -- C:\Blottos.exe
[2009/12/03 17:05:16 | 000,274,432 | ---- | M] () -- C:\FIMAIN.EXE


< MD5 for: EXPLORER.EXE >
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2009/03/19 13:06:34 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\SYSTEM32\winlogon.exe
[2009/03/19 13:06:14 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 4870 bytes -> C:\WINDOWS\River Sumida.bmp:vhajvd
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\vpd.properties:hmeups
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\Viewer.ini:pumpvq
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\jgrprn.INI:jdmjvg
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\CTRec.INI:iitifb
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 197753 bytes -> C:\WINDOWS\iconeasl.ini:qcteav
@Alternate Data Stream - 197753 bytes -> C:\WINDOWS\cdPlayer.ini:xhqpjg
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 11736 bytes -> C:\WINDOWS\transkriber.INI:esjeyv
@Alternate Data Stream - 11736 bytes -> C:\WINDOWS\QSync.INI:kgwyzq

< End of report >


Extras.Txt

OTL Extras logfile created on: 01/05/2011 1:27:14 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Dawson Irvine\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
9.00 Gb Paging File | 8.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.72 Gb Total Space | 8.79 Gb Free Space | 7.87% Space Free | Partition Type: NTFS
Drive G: | 698.64 Gb Total Space | 446.65 Gb Free Space | 63.93% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: DAWSON | User Name: Dawson Irvine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.scr [@ = scrfile] -- "%1" /s
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1

[HKEY_USERS\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = AutoCADScriptFile] -- C:\WINDOWS\system32\notepad.exe "%1"

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "G:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp5\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp5\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp5\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3702:UDP" = 3702:UDP:*:Enabled:Vista 1
"5357:TCP" = 5357:TCP:*:Enabled:Vista 2
"5358:TCP" = 5358:TCP:*:Enabled:Vista 3
"86:TCP" = 86:TCP:*:Enabled:BroadCam Web Server
"80:TCP" = 80:TCP:*:Enabled:Eyeline Web Control Panel
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"3306:TCP" = 3306:TCP:*:Enabled:MySQL Server

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\ProgramFiles\mIRC\mirc.exe" = C:\ProgramFiles\mIRC\mirc.exe:*:Enabled:mIRC
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
"C:\Documents and Settings\Dawson Irvine\Desktop\utorrent.exe" = C:\Documents and Settings\Dawson Irvine\Desktop\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client
"C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe" = C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Disabled:SmartFTP Client 2.0 -- (SmartFTP GmbH)
"C:\Server\1st SMTP Server\SMTPServer.exe" = C:\Server\1st SMTP Server\SMTPServer.exe:*:Disabled:SMTPServer
"C:\Program Files\BearShare\BearShare.exe" = C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Program Files\Visicom Media\AceFTP 3\aceftp3.exe" = C:\Program Files\Visicom Media\AceFTP 3\aceftp3.exe:*:Enabled:AceFTP v3 -- (Visicom Media Inc.)
"C:\Program Files\J2SE 1.4.2\j2sdk1.4.2\bin\java.exe" = C:\Program Files\J2SE 1.4.2\j2sdk1.4.2\bin\java.exe:*:Enabled:java
"G:\Program Files\mIRC\dbClammer\mirc.exe" = G:\Program Files\mIRC\dbClammer\mirc.exe:*:Enabled:mIRC
"C:\Program Files\SpacialAudio\SAMBC4\SAMBC.exe" = C:\Program Files\SpacialAudio\SAMBC4\SAMBC.exe:*:Enabled:SAMBC
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"G:\Program Files\FrostWire\FrostWire.exe" = G:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire
"G:\Program Files\Intuit\QuickBooks 2009\QBDBMgrN.exe" = G:\Program Files\Intuit\QuickBooks 2009\QBDBMgrN.exe:*:Enabled:QuickBooks 2009 Data Manager
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
"C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN30.tmp" = C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN30.tmp:*:Disabled:BN30
"C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN26.tmp" = C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN26.tmp:*:Disabled:BN26
"C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN25.tmp" = C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN25.tmp:*:Disabled:BN25
"D:\Program Files\LiveZilla\LiveZilla Server Admin.exe" = D:\Program Files\LiveZilla\LiveZilla Server Admin.exe:*:Enabled:LiveZilla Server Admin
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"G:\Program Files\Noguska\NolaPro\Apache\bin\Apache.exe" = G:\Program Files\Noguska\NolaPro\Apache\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
"C:\Program Files\Visicom Media\AceFTP 3 Pro\aceftp3.exe" = C:\Program Files\Visicom Media\AceFTP 3 Pro\aceftp3.exe:*:Enabled:AceFTP v3 -- (Visicom Media Inc.)
"C:\WINDOWS\SYSTEM32\USMT\migwiz.exe" = C:\WINDOWS\SYSTEM32\USMT\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"G:\mIRC_Program\mirc.exe" = G:\mIRC_Program\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"G:\Program Files\Java\jre6\bin\java.exe" = G:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"G:\Downloads\pp2-0.81-win32\pp2.exe" = G:\Downloads\pp2-0.81-win32\pp2.exe:*:Enabled:pp2 -- ()
"G:\Program Files\LiveZilla\LiveZilla Server Admin.exe" = G:\Program Files\LiveZilla\LiveZilla Server Admin.exe:*:Enabled:LiveZilla Server Admin -- (LiveZilla GmbH)
"C:\Program Files\SpacialAudio\SAMBC4.2.2\SAMBC.exe" = C:\Program Files\SpacialAudio\SAMBC4.2.2\SAMBC.exe:*:Enabled:SAMBC -- ()
"C:\Program Files\SHOUTcast\sc_serv.exe" = C:\Program Files\SHOUTcast\sc_serv.exe:*:Enabled:sc_serv -- ()
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager.exe -- (SEIKO EPSON CORPORATION)
"C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe" = C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe:*:Enabled:EpsonNet Setup -- (SEIKO EPSON CORPORATION)
"G:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe" = G:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe:*:Enabled:QuickBooks 2011 Data Manager -- (Intuit, Inc.)
"G:\Program Files\gnucash\bin\gnucash-bin.exe" = G:\Program Files\gnucash\bin\gnucash-bin.exe:*:Enabled:GnuCash Free Finance Manager -- ()
"G:\Program Files\gnucash\bin\gconfd-2.exe" = G:\Program Files\gnucash\bin\gconfd-2.exe:*:Enabled:GConf Settings Manager -- ()
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Free SMTP Server\localsrv.exe" = C:\Program Files\Free SMTP Server\localsrv.exe:*:Enabled:localsrv
"C:\Program Files\NewSoft\Presto! PageManager 8 for EP\LicenseCheck.exe" = C:\Program Files\NewSoft\Presto! PageManager 8 for EP\LicenseCheck.exe:*:Enabled:License Check -- (NewSoft Technology Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{053EC7D7-25D6-87DE-FB3C-21EDA3AC1B3D}" = CCC Help Japanese
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{084709F7-38C5-4609-B55F-2417939315EB}" = Adobe Premiere Pro
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{09E03881-E349-18A2-2AFC-CADE51DF080E}" = CCC Help Thai
"{0A21C24B-51D8-49B9-ABD2-BD8E7BF59BC6}" = EiffelStudio 5.6
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C8364B1-AFD8-45B7-ACE8-B76113B6C418}" = FugVS2005
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe Edition
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12C11D57-0E6B-64F2-B99E-E40E785AEB56}" = CCC Help Hungarian
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert
"{152441C1-D4DA-EE78-7E4A-514DD0361256}" = CCC Help Dutch
"{15561f98-6d90-4465-b761-c1dc5bbc369b}" = Nero 9 Trial
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16C291EE-B2F5-1636-D382-FEB776F677BE}" = CCC Help Italian
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{18941178-396B-0CC4-2168-17112315EBB8}" = ccc-utility
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B3D70BF-F1E5-1548-C1ED-22F0D47BDDD1}" = CCC Help Finnish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20FA8AEE-E785-4F79-98EB-2067A8F395F4}" = Monopoly
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22CCA04F-DFE0-5337-770C-3CFD2CDCF2D9}" = ccc-core-static
"{22EC35BD-F8F2-45EB-8DCB-1C7FB65D0A71}" = QuickTax 2007
"{23FF9E63-A8E3-43A7-8AA0-D714F475299F}" = Maya 5.0
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 25
"{28644560-6A34-4D36-B016-C49A17D96901}" = CPR AC4400 9590
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery DesignPro
"{2DDBE461-3A0D-A6C2-6944-92D694AFB12A}" = Catalyst Control Center Localization French
"{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}" = Cypress USB Mass Storage Driver Installation
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{3283A1B6-CF15-46F6-82AF-E4EC666B4E98}" = MySQL Server 5.1
"{3373AFA7-672F-407C-68F0-955FB5930A47}" = Catalyst Control Center Localization Turkish
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34E47D64-8A6F-47DC-937B-6454EDFC4FC7}" = InstallShield X
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{35CB8AFB-0376-9D4F-24E5-1EEC1CEE1A4B}" = CCC Help Chinese Standard
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36417A39-B6A6-BE0F-0AD0-6D9B116985D1}" = CCC Help Swedish
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{37B1F7CD-13E4-47DA-9E84-51AD6972ADC5}" = Stereoscopic Player
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FAFEF64-911D-8013-18B5-E0BDF223A5C0}" = CCC Help Korean
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{3FEC3A5B-60FF-4626-B425-08E09B121A15}" = LogMeIn
"{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}" = Google Earth
"{40AB54C3-DD4B-467A-847E-162035CD252C}" = Logitech ImageStudio
"{40E4166C-460E-65F8-F84B-88A2F9EA69F4}" = CCC Help Polish
"{421D1CB2-0C0B-AC1D-06E5-14B0974376B5}" = Catalyst Control Center Localization Korean
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{437E061E-F98D-4D6C-A764-DAA16B7CA8B7}" = MySQL Administrator 1.0
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{451CEE76-0FFE-802D-1F5E-615D69BC7007}" = Catalyst Control Center Localization Greek
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{4609F28C-0BDB-F2B2-9DC7-B35A28478312}" = Catalyst Control Center Localization Czech
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{46E1C9E1-9CC6-D432-F2BB-7CFC27B32EC9}" = Catalyst Control Center Localization Russian
"{46F441C8-4193-4D54-9F93-751D27EFB8F4}" = MySQL Server 5.0
"{478A3F2D-2C8B-4ABC-A6E2-2C161107F35C}" = MyInvoices & Estimates Deluxe
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{519118EE-ACFD-16B7-7FEA-6B47D529B50C}" = Catalyst Control Center Core Implementation
"{5325AF31-8FEF-EEA6-084E-6784F834B5C0}" = Catalyst Control Center Graphics Full Existing
"{53A0BE5E-F813-43BD-AEDF-8A0036724648}" = QuickBooks Customer Manager Version 1
"{5404E185-BD7C-4A72-ABD0-91A411A05726}" = Ulead VideoStudio 6 Trial
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57105084-049B-008E-165A-92AF92B0C60F}" = ccc-core-preinstall
"{5783F2D7-7001-0409-0002-0060B0CE6BBA}" = AutoCAD 2009 - English
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.7.0519
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5D29A4EF-A57F-4F47-89F8-4EB3C5302A53}" = Apache HTTP Server 1.3.29
"{5DE136A9-DCAE-69D0-08CB-02F07CFC9398}" = CCC Help Spanish
"{5E7AD152-771A-52C9-8394-E2F3BA629E06}" = CCC Help Greek
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6782B259-804B-301D-0DE9-13000375C2D2}" = Catalyst Control Center Localization Japanese
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6924B6B2-EEA2-441D-A939-A6C26EE278F9}" = ATIRW15
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D58E839-9E34-3979-7BFD-145BD5E9401C}" = CCC Help Norwegian
"{6FA439F8-EBD8-FF4D-8EE5-A52FE69A4248}" = Catalyst Control Center Localization Finnish
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73CD9967-000C-49C6-A900-C87D5B2D253F}" = Presto! PageManager 8.15.01 SE
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 ESD
"{757E0E87-8F54-46FD-BA00-54CCF341F4A9}" = ArcSoft Print Creations
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{773D872F-2FCB-4F5C-9E63-8E2291EBCF04}" = Railroad Tycoon 3 Demo
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{78B283AC-7F3C-41ED-9102-28E12CE08026}" = Audiator3
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{793E79A5-B52D-E287-37F2-398F530D74C7}" = Catalyst Control Center Localization Polish
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CF31609-270B-11D6-9445-000102308676}" = Java 2 Runtime Environment, SE v1.4.0_01
"{7CFFE053-748A-44DC-A248-06EA38E4BC03}" = School Tycoon
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7DCCF254-772C-11D6-941E-0002B31090EC}" = Helix Producer Plus 9
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{7F2FF077-4A0C-0F26-717C-617DED010B33}" = CCC Help English
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}" = Motorola Driver Installation 3.4.0
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84B08A69-C8B5-4EBF-ACB2-E0F97899A6E5}" = QuickBooks EasyStart Free Starter Edition
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8AD2EA30-5049-11D4-A08E-0080AD97BBF5}" = DJ Java Decompiler v.3.9.9.91
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 TBYB
"{8BF103B8-8C8E-2246-8C0D-C6C256E5E428}" = CCC Help French
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8C92D38B-C1DE-490A-B6D1-AAAA8E17DCE2}" = WinTasks Trial
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}" = SigmaTel MSCN Audio Player
"{8E9BA9AF-6A06-C7AC-5863-4A40CF29CE05}" = Catalyst Control Center Localization German
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon® 3
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{90E5D6A9-C373-357B-6659-8BF019E3C1D4}" = Catalyst Control Center Localization Dutch
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{9366C5C6-9434-C4C9-9804-FB4D7142874D}" = Catalyst Control Center Localization Portuguese
"{942DD738-A9F7-BBFA-3960-4558CB0EE272}" = Catalyst Control Center Localization Chinese Standard
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}" = Sound Blaster Live!
"{9860A9CF-7E71-43AC-888F-0B4D3EA212D1}" = Roxio Burn Engine
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{99D34763-7E45-4FE5-8424-28DBC3A5F0BF}" = GUIDE PLUS+™ for Windows® System - ATI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2F0810-3619-4E86-9072-973FBE1679C5}" = QuickBooks Simple Start 2009
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9EDE7573-F2B0-4FAC-8928-A7E9381BCB91}" = ArcSoft MediaImpression for Kodak
"{A0857F54-AE2D-F453-4069-C7D65AE36426}" = Catalyst Control Center Localization Chinese Traditional
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A0C0C34B-88FA-41F9-BFD7-30947A57421E}" = WLM Connector
"{A1B0117D-90D3-B3B5-D55C-76AEDD8F9F55}" = QRreader
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A21A4591-3608-4664-8CB2-64D02598B93F}" = QuickBooks
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2FA61E6-B46A-3489-BD5A-2991144A5BC4}" = CCC Help Portuguese
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A705B903-5186-4DC4-84FA-FB6DF9B20B11}" = CPR Locomotive Pack 1
"{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI (Studio 10)
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA75AFFC-C5F3-2497-FE56-48AA163EFE2B}" = CCC Help Russian
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.1
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B5C68E1B-A651-33AA-21A6-7CC2D69EEFA2}" = CCC Help Czech
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6DC0CAF-0D27-4ACE-8E34-8594C8D7C1DA}" = MMC85
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B74D4E10-0000-0000-0000-EDED00000102}" = Adobe ExtendScript Toolkit 1.0
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BBC370E3-309C-11D6-9445-000102308676}" = Java 2 SDK, SE v1.4.0_01
"{BC14A1F6-0511-4360-8351-FB7964979317}" = 3ds max 6 Reference Files
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE2686A1-ECF2-FF0E-9DF5-EC7A806AEED8}" = Catalyst Control Center Localization Thai
"{BED27751-CD2A-4C2F-9813-00B9B60C76FE}" = Railroad Tycoon II - Platinum
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4C91E02-D4E2-481E-BCBA-7D90CC8D43E1}" = LiveZilla
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C7EEF2B9-8C16-4A04-B98D-B1A952A47E55}" = Linksys Wireless-G USB Network Adapter
"{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2B8406-F144-3B99-F66E-8D1703C9A9C5}" = Catalyst Control Center Graphics Previews Common
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D064F16E-88DA-4E8F-BBAE-0E2AA9A6AE61}" = VP6 Decoder
"{D0DC1674-B5E8-4364-009E-B350048DD006}" = NHL 2005
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D3661269-10B6-495F-B4EE-539ABE3F9AA9}" = DVDDec
"{D4F3A4D4-84B1-3A40-14AA-422DE60EF96A}" = Skins
"{D51D9840-FABE-390B-24D2-D052332B311A}" = Catalyst Control Center Localization Spanish
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D88857C8-B36B-42CE-AC26-9FFFEEDB181A}" = RssReader
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{D9E96902-5743-D105-BCB7-FBD3C0DF3989}" = Catalyst Control Center Localization Swedish
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DC4CA6AE-0648-4BBF-B77C-354D48935A42}" = mProjector v2
"{DCE27619-6822-0D22-1405-9D2899DC1896}" = Catalyst Control Center Localization Norwegian
"{DD362256-A7A2-4524-9457-213DDC2AFC2A}" = Adobe After Effects 7.0
"{DF631413-9582-4114-8861-F84C15CB1510}" = QIF2CSV Pro
"{DF80DB18-7179-EB18-5818-E7F761DA59AE}" = CCC Help Danish
"{E1423608-F529-40A1-93CA-C7F396F30DF0}" = Google SketchUp
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5AED31E-3474-4C85-B492-42149DE37891}" = MySQL Server 5.0
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E698F77C-216C-8409-F4DC-E4AAECF5DEFF}" = Catalyst Control Center Localization Italian
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E7DAAF26-A0B0-1D77-0794-20D1314297F1}" = Catalyst Control Center Graphics Light
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}" = Styler
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EBE7050B-7988-4BC3-BBFD-5C6828859483}" = Game Cam v1.4
"{ECD94AA1-D865-4EF4-8F7C-5AA68D37ABE9}" = Autodesk MapGuide® Viewer ActiveX Control Release 6.3
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EED50C97-C79E-4149-BD82-7C5A22437708}" = Adobe Setup
"{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID (Studio 10)
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{EFCE5837-FC21-11D6-9D24-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_02
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F16A317A-6128-39E2-9607-20B5C70132E6}" = Catalyst Control Center Localization Hungarian
"{F2B34A83-5345-910F-EC0F-0D92A00D6E3B}" = CCC Help Turkish
"{F2BDC47D-18FA-5B10-58C0-9FFBDBE0B031}" = Catalyst Control Center Graphics Full New
"{F2EC36E8-62CE-46C3-824E-16654ABC2F62}" = Maya Shader Library for Maya 4.5
"{F3D677C8-612D-F5A8-A22F-2EF74F44000B}" = CCC Help Chinese Traditional
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{F66C0680-EBE5-4A01-BC13-D5F360CFA0EF}" = PHP 5.2.3
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F9220DB6-8E1A-4CBA-A6CB-45CF28B5ED9B}" = Flash Player Update for Flash 8
"{F92AB933-9FE7-4335-92BD-D1C3BA27613C}" = 3ds max 7
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9AB0D25-0085-8345-3F1A-5E5C714092B9}" = Catalyst Control Center Localization Danish
"{FABC8838-8153-480F-B084-F7ADB138EBEE}" = InstallShield X
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FD3D9B16-44E4-4231-E1E2-85C40A115F87}" = ATI Catalyst Install Manager
"{FEFE846E-DF0E-0AC6-0EA0-F85CE63CA275}" = CCC Help German
"{FFC18A8F-40A9-4C52-B1CD-BF4F65A61C55}" = MyInvoices & Estimates Deluxe
"{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup
"265ee61839e741e0a2fedd697c40b6c6" = NetBeans IDE 3.5.1
"7-Zip" = 7-Zip 4.42
"AceFTP 3 Pro" = AceFTP 3 Pro
"Adobe After Effects 7.0" = Adobe After Effects 7.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0.1" = Adobe Photoshop 7.0.1
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Adobe_a68eec966ce913ddaa63251dc82ed31" = Adobe Flash CS4 Professional
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ADShareit.com SWF2Video Converter Lite Trial_is1" = version 4.9.2
"Age of Empires" = Microsoft Age of Empires
"Akamai" = Akamai NetSession Interface
"AMIP" = AMIP (remove only)
"ATI Display Driver" = ATI Display Driver
"AutoCAD 2009 - English" = AutoCAD 2009 - English
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"Autoruner" = Patches Programming Autoruner .0.1
"AviSynth" = AviSynth 2.5
"AviSynth2" = AviSynth 2 (remove only)
"BandwidthSimulator" = RealPlayer Bandwidth Simulator
"BearShare" = BearShare
"Bridge Builder" = Bridge Builder
"BroadCam" = BroadCam
"Browser Defender_is1" = Browser Defender 3.0
"CCleaner" = CCleaner
"Chess Titans" = Chess Titans
"CNXT_MODEM_PCI_VEN_14F1&DEV_2702" = Conexant SmartHSFi V92 56K Speakerphone PCI Modem
"CodeLifter 5.0" = CodeLifter 5.0
"CoinManage_2001" = CoinManage 2004
"Color Schemer Studio_is1" = Color Schemer Studio
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.dansl.QRreader.49F9C73396E2B5C8FD7A794D4AA84ADE24BBC9FB.1" = QRreader
"ConquerCam_is1" = ConquerCam 2.7b3
"CrossCheck" = CrossCheck
"Cult3D ActiveX Player" = Cult3D ActiveX Player
"CurrencyManage_2001" = CurrencyManage 2004
"Defraggler" = Defraggler
"Dell AIO Printer A920" = Dell AIO Printer A920
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriverGuide DriverScan" = DriverGuide DriverScan
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Identifier_is1" = DVD Identifier
"DVD Shrink_is1" = DVD Shrink 3.2
"DVD2SVCD Software Bundle_is1" = DVD2SVCD 1.2.2 Build 3
"Easy Real Converter_is1" = Easy Real Converter V1.2
"Easy Thumbnails_is1" = Easy Thumbnails (Remove only)
"Easy Video Capture_is1" = Easy Video Capture 1.0
"EO_Video_1.3" = EO Video 1.36
"EPSON Artisan 810 Series" = EPSON Artisan 810 Series Printer Uninstall
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Excessive Plus1.02a" = Excessive Plus
"Eyeline" = Eyeline
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FileZilla Client" = FileZilla Client 3.2.2.1
"Flash Saver Maker_is1" = Flash Saver Maker 1.60
"Flash to Video Encoder Pro_is1" = Flash to Video Encoder Pro
"Flashants SWF2Video Plug-in for Adobe Premiere Pro_is1" = SWF2Video Plug-in for Adobe Premiere Pro
"Flashants SWF2Video Pro 1.0" = Flashants SWF2Video Pro 1.0
"Flashants SWF2Video Pro 1.0 Trial" = Flashants SWF2Video Pro 1.0 Trial
"FLV Direct Player" = FLV Direct Player
"Flv Recorder_is1" = FlvRecorder
"FLVPlayer" = FLV Player 1.3.3
"FontCreator55_is1" = FontCreator 5.5
"Free Fire Screensaver" = Free Fire Screensaver
"FreeJava 2" = FreeJava 2
"FTPRush_is1" = FTPRush v1 Unicode
"Fugawi TiffConverter" = Fugawi TiffConverter
"Fugawi45_is1" = Fugawi 4.5
"Garfield Fall Screensaver" = Garfield Fall Screensaver Screen Saver
"gmms_is1" = gmms 0.0.1
"GnuCash_is1" = GnuCash 2.2.9
"GOM Player" = GOM Player
"Google Desktop" = Google Desktop
"GoogleVideoPlayer" = Google Video Player
"GTK 2.0" = GTK+ Runtime 2.6.9 rev a (remove only)
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Gutterball" = Gutterball
"HammerHead Rhythm Station" = HammerHead Rhythm Station
"HideOE" = HideOE v1.1 (build 1)
"HijackThis" = HijackThis 1.99.1
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"IceBreaker" = IceBreaker
"IconCool Studio Pro 5" = IconCool Studio Pro 5
"ICQ" = ICQ
"iMeshBar Uninstall" = iMeshBar
"InfraRecorder" = InfraRecorder
"Installer VISE 3.5.1" = Installer VISE 3.5.1
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{A0C0C34B-88FA-41F9-BFD7-30947A57421E}" = WLM Connector
"InstallShield_{B6DC0CAF-0D27-4ACE-8E34-8594C8D7C1DA}" = ATI Multimedia Center 8.5.0.0
"InstallShield_{D3661269-10B6-495F-B4EE-539ABE3F9AA9}" = ATI DVD Decoder 2.2.0.0
"InterActual Player" = InterActual Player
"IPALOOKUP0200_is1" = IP Address Lookup v1.0.090604
"IrfanView" = IrfanView (remove only)
"jGRASP" = jGRASP
"jlGui2.2" = jlGui2.2
"LaCie Device Updater" = LaCie Device Updater
"LastFM_is1" = Last.fm 1.5.4.27091
"LiveZilla" = LiveZilla
"Logitech Print Service" = Logitech Print Service
"LucasArts' Rogue Squadron" = LucasArts' Rogue Squadron
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Matroska Pack" = Matroska Pack
"Maya 5.0 Documentation Server" = Maya 5.0 Documentation Server
"Maya 5.0 en_US documentation" = Maya 5.0 en_US documentation
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Microsoft Press Interactive Training" = Microsoft Interactive Training
"Mini Golf Mayhem demo" = Mini Golf Mayhem demo
"mIRC" = mIRC
"Monster Truck Madness 2.0" = Microsoft Monster Truck Madness 2
"Mozilla (1.4)" = Mozilla (1.4)
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"mProjector v2 r10d" = mProjector v2 r10d
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSGOLF30" = Microsoft Golf 3.0
"MSMONEYV60" = Microsoft Money 98
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Musicnotes Player_is1" = Musicnotes Player V1.22.2
"MVApplication1" = SureThing CD Labeler 4 SE
"MySQL Servers and Clients 4.0.17" = MySQL Servers and Clients 4.0.17
"Need For Speed III" = Need For Speed III
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Net Transport_is1" = Net Transport 1.94.282
"No-IP.com DUC" = No-IP.com DUC (remove only)
"NoIPDUC" = No-IP DUC
"NSIS" = Nullsoft Install System
"NSVEnc" = NSV Encoder (remove only)
"Opera" = Opera
"Paintball Party_is1" = Paintball Party 1.51
"PayPal Shopping Cart" = PayPal Shopping Cart
"Photobleepet" = Photobleepet
"Pinnacle Hollywood FX Pack - ATI FX" = Pinnacle Hollywood FX Pack - ATI FX
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PopUp Maker 5.0" = PopUp Maker 5.0
"Power Tab Editor 1.7" = Power Tab Editor 1.7
"PowerISO" = PowerISO
"PPTView97" = Microsoft PowerPoint Viewer 97
"PROSet" = Intel® PRO Network Adapters and Drivers
"PunkBusterSvc" = PunkBuster Services
"Quake 3 Arena Demo" = Quake 3 Arena Demo
"Quake III Arena" = Quake III Arena
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"Radio Toolbox" = Radio Toolbox
"RadioToolBox" = Radio ToolBox
"RealPlayer 6.0" = RealPlayer
"REAPER" = REAPER
"Recuva" = Recuva (remove only)
"Replay Media Catcher" = Replay Media Catcher
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"Riva FLV Player_is1" = Riva FLV Player
"RM to MP3 Converter_is1" = RM to MP3 Converter 1.48
"Rocket Mania Deluxe 1.0" = Rocket Mania Deluxe 1.0
"RSNet EDN" = Red Swoosh EDN Client (remove only)
"SAM3" = SAM Broadcaster (remove only)
"SCDNAS" = SHOUTcast DNAS (remove only)
"ScreenTime for Flash 2.5.2 Demo" = ScreenTime for Flash 2.5.2 Demo
"Shockwave" = Shockwave
"Shogo" = Shogo
"Shogo Demo" = Shogo Demo
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"SimCity 3000" = SimCity 3000
"SkillJam SecurePlayer" = Secure Game Player
"Sothink SWF to Video Converter_is1" = Sothink SWF to Video Converter
"Spyware Doctor" = Spyware Doctor 8.0
"ST6UNST #1" = LinkCheck V1.0
"SWI-Prolog" = SWI-Prolog (remove only)
"TeamViewer 4" = TeamViewer 4
"Train Simulator 1.0" = Microsoft Train Simulator
"Turbine Video Encoder_is1" = Turbine Video Encoder - Free Edition 1.0
"UnHackMe_is1" = UnHackMe 1.0
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"uTorrent" = µTorrent
"vcmm" = Vice City Mod Manager
"Visual C++ 6.0 Standard Edition" = Microsoft Visual C++ 6.0 Standard Edition
"VLC media player" = VLC media player 1.1.5
"vp31vfw codec" = vp31vfw codec
"Website Ripper Copier" = Website Ripper Copier
"Wheel of Fortune Deluxe" = Wheel of Fortune Deluxe (remove only)
"WinAce Archiver" = WinAce Archiver
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WM_Recorder_102" = WM Recorder + RM Recorder 10.21
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xenofex2Demo" = Alien Skin Xenofex 2.0 Demo
"Xenu's Link Sleuth" = Xenu's Link Sleuth
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CN Blackfoot Vegreville Subs v2 Route" = CN Blackfoot Vegreville Subs v2 Route
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III
"Warcraft III Demo" = Warcraft III Demo

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/04/2011 7:47:02 PM | Computer Name = DAWSON | Source = MySQL | ID = 100
Description =

Error - 20/04/2011 10:32:38 PM | Computer Name = DAWSON | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 2.0.0.4094, faulting module
npswf32.dll, version 10.2.153.1, fault address 0x0037bfd5.

Error - 20/04/2011 11:03:11 PM | Computer Name = DAWSON | Source = Application Hang | ID = 1002
Description = Hanging application gmer.exe, version 1.0.15.15570, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 23/04/2011 2:11:11 PM | Computer Name = DAWSON | Source = Apache Service | ID = 3299
Description = The Apache service named Apache.exe reported the following error: >>>
[Sat Apr 23 12:11:11 2011] [warn] Loaded DSO c:/Server/PHP-5-2-3/php5apache.dll
uses plain Apache 1.3 API, this module might crash under EAPI! (please recompile
it with -DEAPI) <<< before the error.log file could be opened. More information
may be available in the error.log file. .

Error - 23/04/2011 2:12:16 PM | Computer Name = DAWSON | Source = MySQL | ID = 100
Description =

Error - 23/04/2011 2:12:16 PM | Computer Name = DAWSON | Source = MySQL | ID = 100
Description =

Error - 23/04/2011 2:12:16 PM | Computer Name = DAWSON | Source = MySQL | ID = 100
Description =

Error - 28/04/2011 3:58:36 PM | Computer Name = DAWSON | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00372903.

Error - 30/04/2011 4:10:51 PM | Computer Name = DAWSON | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00372903.

Error - 30/04/2011 7:17:21 PM | Computer Name = DAWSON | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00372903.

[ System Events ]
Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The Kodak Camera Connection Software service failed to start due to
the following error: %%2

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The ATI WDM Specialized MVD Codec service failed to start due to the
following error: %%1058

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The ATI WDM Specialized PCD Codec service failed to start due to the
following error: %%1058

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the QBCFMonitorService service
to connect.

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The PC Tools Auxiliary Service service failed to start due to the
following error: %%5

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The PC Tools Security Service service failed to start due to the following
error: %%5

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The StarWind iSCSI Service service failed to start due to the following
error: %%2

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7034
Description = The MySQLNoguskaNolaPro service terminated unexpectedly. It has done
this 1 time(s).

Error - 27/04/2011 1:46:03 AM | Computer Name = DAWSON | Source = Print | ID = 6161
Description =

Error - 27/04/2011 1:47:06 AM | Computer Name = DAWSON | Source = Print | ID = 6161
Description =

[ TuneUp Events ]
Error - 02/12/2009 11:32:45 AM | Computer Name = DAWSON | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 03/12/2009 11:28:40 PM | Computer Name = DAWSON | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 19/01/2010 1:03:47 AM | Computer Name = DAWSON | Source = TuneUp Program Statistics | ID = 131840
Description =


< End of report >

Edited by dnirvine, 01 May 2011 - 03:20 PM.


#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:13 PM

Posted 01 May 2011 - 05:40 PM

Hi,

please run GooredFix next:
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

reagrds myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 dnirvine

dnirvine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 01 May 2011 - 11:50 PM

Here is the log...

GooredFix by jpshortstuff (03.07.10.1)
Log created at 22:47 on 01/05/2011 (Dawson Irvine)
Firefox version 3.6.17 (en-US)

========== GooredScan ==========

Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{C2981A6B-7A81-49F9-829A-42C40E8A4006} -> Success!
Deleting C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\{C2981A6B-7A81-49F9-829A-42C40E8A4006} -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [18:14 21/12/2004]
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [00:02 19/01/2010]
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [20:15 30/04/2011]

C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\
add-to-searchbox@maltekraus.de [07:28 21/02/2010]
battlefieldheroespatcher@ea.com [16:18 19/02/2011]
LogMeInClient@logmein.com [23:51 05/07/2010]
{403304EE-066A-4a2a-8F41-F12028480A0A} [05:33 27/03/2011]
{A5C87640-F7CF-11DA-974D-0800200C9A66} [06:00 15/11/2010]
{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [03:21 28/04/2011]
{c45c406e-ab73-11d8-be73-000a95be3b12} [16:16 14/01/2011]
{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [03:21 28/04/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{cb84136f-9c44-433a-9048-c5cd9df1dc16}"="C:\Program Files\PC Tools Security\BDT\Firefox\" [18:23 19/04/2011]
"jqs@sun.com"="G:\Program Files\Java\jre6\lib\deploy\jqs\ff" [00:01 19/01/2010]

-=E.O.F=-

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:13 PM

Posted 02 May 2011 - 12:47 PM

Hi,

this is looking good. How are the redirects doing?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 dnirvine

dnirvine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 02 May 2011 - 07:01 PM

The redirects appear to be gone... however as I mentioned before, now FireFox crashes anytime I search Google, without actually visiting their homepage first (www.google.ca). I cannot use the address bar, the search bar (top right corner beside the address bar), the Google/Mozilla FireFox homepage, Google Images, etc... they all crash FireFox. I also tried searching Google Images with Google Chrome and it crashes as well.... :\

#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:13 PM

Posted 03 May 2011 - 10:21 AM

Hi,

there must be some leftover causing confusion, can you please post a new log from OTL.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 dnirvine

dnirvine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 03 May 2011 - 06:18 PM

OTL.txt

OTL logfile created on: 03/05/2011 12:08:41 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Dawson Irvine\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
9.00 Gb Paging File | 8.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.72 Gb Total Space | 8.25 Gb Free Space | 7.39% Space Free | Partition Type: NTFS
Drive G: | 698.64 Gb Total Space | 446.26 Gb Free Space | 63.88% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: DAWSON | User Name: Dawson Irvine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/02 17:33:20 | 012,594,352 | ---- | M] (Mozilla Messaging) -- G:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2011/05/01 13:23:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawson Irvine\Desktop\OTL.exe
PRC - [2011/04/29 12:59:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/01/20 18:16:45 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/01/20 18:14:42 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/10/27 21:21:54 | 001,155,072 | ---- | M] (Last.fm) -- G:\Program Files\Last.fm\LastFM.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/05/17 02:39:06 | 002,651,576 | ---- | M] (LiveZilla GmbH) -- G:\Program Files\LiveZilla\LiveZilla.exe
PRC - [2010/04/19 14:29:28 | 001,420,288 | ---- | M] () -- C:\Program Files\No-IP\DUC30.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/12/03 21:55:30 | 000,024,576 | ---- | M] () -- C:\Server\Apache1\Apache\Apache.exe
PRC - [2009/10/01 18:12:46 | 000,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2009/10/01 18:12:27 | 000,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/06/05 00:00:00 | 000,843,776 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/04/07 09:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/02/23 00:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_FATIFRA.EXE
PRC - [2008/10/28 22:59:50 | 000,085,096 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2008/07/09 15:34:30 | 001,343,840 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp5\winamp.exe
PRC - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\SYSTEM32\PSIService.exe
PRC - [2007/04/17 14:03:52 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/05/03 10:48:46 | 000,307,200 | ---- | M] (ta2027) -- C:\Program Files\Styler\Styler.exe
PRC - [2004/08/16 09:00:00 | 002,994,176 | ---- | M] (Jasc Software, Inc.) -- G:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Paint Shop Pro 9.exe
PRC - [2004/08/04 00:56:54 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/12/17 09:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE
PRC - [2002/06/10 14:21:32 | 000,102,400 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe
PRC - [2002/04/03 01:01:00 | 000,135,264 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe


========== Modules (SafeList) ==========

MOD - [2011/05/01 13:23:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawson Irvine\Desktop\OTL.exe
MOD - [2011/01/20 18:26:12 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\SYSTEM32\guard32.dll
MOD - [2008/04/14 06:00:00 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007/10/19 13:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll
MOD - [2006/05/02 05:10:50 | 000,053,248 | ---- | M] (ta2027) -- C:\Program Files\Styler\StylerHelper.dll
MOD - [2004/08/04 00:56:44 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\mfc42.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (WUSB54GSSVC)
SRV - File not found [Disabled | Stopped] -- -- (WinVNC4)
SRV - File not found [On_Demand | Stopped] -- -- (UPS)
SRV - File not found [Disabled | Stopped] -- -- (tcpsys)
SRV - File not found [Auto | Stopped] -- -- (StyleXPService)
SRV - File not found [Auto | Stopped] -- -- (StarWindService)
SRV - File not found [Auto | Stopped] -- -- (SmartFinder_Uninstall)
SRV - File not found [Disabled | Stopped] -- -- (Ql12spv)
SRV - File not found [Disabled | Stopped] -- -- (NetTcpPortSharing)
SRV - File not found [Disabled | Stopped] -- -- (NetDDEdsdm)
SRV - File not found [Disabled | Stopped] -- -- (NetDDE)
SRV - File not found [On_Demand | Stopped] -- -- (Macromedia Licensing Service)
SRV - File not found [Auto | Stopped] -- -- (KodakCCS)
SRV - File not found [Unknown | Stopped] -- -- (idsvc)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (FontCache3.0.0.0)
SRV - File not found [On_Demand | Stopped] -- -- (FLEXnet Licensing Service)
SRV - File not found [Disabled | Stopped] -- -- (FAH)
SRV - File not found [Auto | Stopped] -- -- (EyelineService)
SRV - File not found [Disabled | Stopped] -- -- (DOSYRHCTGO)
SRV - File not found [Disabled | Stopped] -- -- (ClipSrv)
SRV - File not found [On_Demand | Stopped] -- -- (BroadCamService)
SRV - File not found [On_Demand | Stopped] -- -- (AWHelpServer)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/04 16:44:20 | 003,229,784 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_a35e6b9.dll -- (Akamai)
SRV - [2011/01/20 18:14:42 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/01/07 14:54:08 | 000,247,760 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/11/19 06:57:14 | 001,150,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/11/02 15:45:46 | 000,024,576 | ---- | M] (Intuit) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/15 14:02:36 | 000,366,840 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/12/03 23:58:12 | 000,147,456 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2009/12/03 21:55:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Server\Apache1\Apache\Apache.exe -- (Apache)
SRV - [2009/12/01 12:14:00 | 000,603,904 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009/12/01 12:13:56 | 000,362,240 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009/10/01 18:12:46 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/11/18 16:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/11/12 16:44:18 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/10/28 22:59:50 | 000,085,096 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008/01/14 11:17:49 | 005,701,632 | ---- | M] () [Auto | Stopped] -- G:\Program Files\Noguska\NolaPro\Apache\mysql\bin\mysqld-nt.exe -- (MySQLNoguskaNolaPro)
SRV - [2007/10/19 13:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SYSTEM32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/04/17 14:03:52 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV - [2011/04/20 18:51:17 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- G:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/20 18:51:17 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- G:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2011/04/20 18:51:16 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- G:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/01/20 18:26:08 | 000,094,784 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011/01/20 18:25:58 | 000,027,576 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdhlp.sys -- (cmdHlp)
DRV - [2011/01/20 18:25:55 | 000,015,592 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmderd.sys -- (cmderd)
DRV - [2011/01/20 18:25:53 | 000,239,368 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdGuard.sys -- (cmdGuard)
DRV - [2010/12/10 13:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/07/16 14:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 14:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2010/01/14 17:25:53 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/10/01 18:12:29 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/11/23 22:42:25 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2008/07/24 18:46:08 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/02/28 15:31:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/01/09 23:40:38 | 002,846,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2007/11/06 13:22:00 | 000,036,224 | ---- | M] (ArcSoft Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/10/19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Lvckap.sys -- (LVcKap)
DRV - [2007/10/11 18:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/06/18 14:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys -- (motmodem)
DRV - [2007/05/29 12:41:06 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbsermpt.sys -- (usbsermpt)
DRV - [2007/04/28 18:18:15 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CdaD10BA.SYS -- (CdaD10BA)
DRV - [2007/04/25 08:55:02 | 000,134,912 | ---- | M] (ArcSoft Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/03/07 17:51:00 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/03/07 17:51:00 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/12/28 10:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/01/31 06:21:48 | 000,025,900 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2005/10/19 09:34:02 | 000,015,872 | ---- | M] (LaCie Group) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LaCieUSBFilter.sys -- (LaCieUSBFilter) Silver USB Filter (USB BUS Filter Driver)
DRV - [2005/10/18 08:28:08 | 000,014,848 | ---- | M] (LaCie Group S.A.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LaCieFWFilter.sys -- (LaCieFWFilter) Silver 1394 Filter (1394 BUS Filter Driver)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\MarvinBus.sys -- (MarvinBus)
DRV - [2005/05/05 17:03:52 | 000,015,648 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005/03/02 14:26:02 | 000,018,560 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\x10ufx2.sys -- (XUIF)
DRV - [2005/02/23 18:40:26 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\asapiW2k.sys -- (ASAPIW2K)
DRV - [2005/02/09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pclepci.sys -- (PCLEPCI)
DRV - [2005/02/03 19:16:16 | 000,291,456 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005/02/03 19:15:46 | 000,024,064 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005/02/03 19:06:34 | 000,141,184 | ---- | M] (Windows ® 2000 DDK provider) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2005/02/03 19:02:58 | 000,202,368 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2005/02/03 19:01:54 | 000,023,808 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005/02/03 18:49:48 | 000,117,632 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2004/09/13 20:43:29 | 000,068,960 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Pcatip.sys -- (Pcatip)
DRV - [2004/08/22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004/08/22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2004/08/03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2004/08/03 23:04:34 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usb8023.sys -- (USB_RNDIS)
DRV - [2004/08/03 22:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nmnt.sys -- (nm)
DRV - [2004/08/03 22:29:50 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 22:29:48 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 22:29:46 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 22:29:44 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 22:29:44 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 22:29:42 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 22:29:38 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 22:29:38 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 22:29:38 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 22:29:38 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/04/01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2003/12/17 09:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/12/17 09:50:00 | 000,051,729 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\L8042pr2.Sys -- (L8042pr2)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/22 12:43:06 | 001,330,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\P16X.sys -- (P16X) Creative SB Live! Series (WDM)
DRV - [2003/09/22 08:48:06 | 000,130,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003/09/22 08:47:38 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2003/05/12 10:59:24 | 000,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinpdxx.sys -- (PCDCODEC)
DRV - [2003/05/12 10:59:10 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinmdxx.sys -- (MVDCODEC)
DRV - [2003/05/12 10:58:55 | 000,102,912 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinrvxx.sys -- (atinrvxx)
DRV - [2003/05/12 10:58:02 | 000,062,464 | ---- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinxsxx.sys -- (ATIXSAudio)
DRV - [2003/05/12 10:57:17 | 000,051,200 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinraxx.sys -- (ativraxx)
DRV - [2003/05/12 10:54:15 | 000,038,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atintuxx.sys -- (ATITUNEP)
DRV - [2003/03/28 12:31:53 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\x10uif.sys -- (X10UIF)
DRV - [2003/03/05 12:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\PFMODNT.SYS -- (PfModNT)
DRV - [2002/11/08 12:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/10/29 15:38:10 | 000,170,499 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2002/10/29 15:37:36 | 001,175,536 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2002/10/29 15:31:28 | 000,604,240 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2002/06/10 14:20:46 | 000,031,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\lvca.sys -- (QCAbsee) Logitech QuickCam Web(PID_0801)
DRV - [2002/06/10 14:20:32 | 000,034,816 | ---- | M] (Logitech Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVSound2.sys -- (lusbaudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\.DEFAULT\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dellnet.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\S-1-5-18\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://218.93.205.24/nospam/
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://218.93.205.24/nospam/
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ant.com"
FF - prefs.js..browser.search.selectedEngine: "Blacksun Domain Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.mozilla.org/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: add-to-searchbox@maltekraus.de:2.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {A5C87640-F7CF-11DA-974D-0800200C9A66}:0.2.1
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.300
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {403304EE-066A-4a2a-8F41-F12028480A0A}:1.8.71
FF - prefs.js..keyword.URL: "http://www.google.ca/search?q="
FF - prefs.js..network.proxy.backup.ftp: "65.213.194.11"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "65.213.194.11"
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "65.213.194.11"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "65.213.194.11"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "70.226.132.214"
FF - prefs.js..network.proxy.ftp_port: 3182
FF - prefs.js..network.proxy.gopher: "70.226.132.214"
FF - prefs.js..network.proxy.gopher_port: 3182
FF - prefs.js..network.proxy.http: "70.226.132.214"
FF - prefs.js..network.proxy.http_port: 3182
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "70.226.132.214"
FF - prefs.js..network.proxy.socks_port: 3182
FF - prefs.js..network.proxy.ssl: "70.226.132.214"
FF - prefs.js..network.proxy.ssl_port: 3182


FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\Firefox\ [2011/04/19 12:23:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla 1.4\Extensions\\Components: C:\Program Files\mozilla.org\Mozilla\Components [2010/01/23 13:04:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla 1.4\Extensions\\Plugins: C:\Program Files\mozilla.org\Mozilla\Plugins [2011/04/30 15:59:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/29 12:59:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 15:59:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: G:\Program Files\Mozilla Thunderbird\components [2011/05/02 17:33:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: G:\Program Files\Mozilla Thunderbird\plugins [2010/01/23 13:04:00 | 000,000,000 | ---D | M]

[2009/12/12 03:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Extensions
[2009/12/12 03:01:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/05/02 22:16:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions
[2011/03/26 23:33:59 | 000,000,000 | ---D | M] ("MicroFox") -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{403304EE-066A-4a2a-8F41-F12028480A0A}
[2010/11/15 00:00:53 | 000,000,000 | ---D | M] (Mobile Barcoder) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{A5C87640-F7CF-11DA-974D-0800200C9A66}
[2011/04/27 21:21:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011/01/14 10:16:23 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/04/27 21:21:49 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/02/21 01:28:04 | 000,000,000 | ---D | M] (Add to Search Bar) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\add-to-searchbox@maltekraus.de
[2011/04/27 21:21:49 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\battlefieldheroespatcher@ea.com
[2010/07/05 17:51:27 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\extensions\LogMeInClient@logmein.com
[2009/03/11 20:46:09 | 000,002,546 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\blacksun-domain-search.xml
[2008/04/25 00:24:18 | 000,002,568 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\celebrity-movie-archive--browse.xml
[2009/08/30 00:57:03 | 000,001,093 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\dns-stuff--ip-whois.xml
[2008/07/29 22:44:46 | 000,001,793 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\dnsstuff-ip-info.xml
[2008/05/27 19:31:19 | 000,002,809 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\google-images.xml
[2008/05/10 12:22:47 | 000,002,873 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\internet-movie-database.xml
[2010/11/17 00:15:55 | 000,001,218 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\lazygirlsinfo.xml
[2010/09/25 23:41:57 | 000,001,469 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\pirate-bay.xml
[2008/08/04 21:58:40 | 000,001,065 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\songs-search--ultimate-guitarcom.xml
[2010/12/08 18:14:53 | 000,001,113 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\yahoo-finance.xml
[2009/06/11 20:06:33 | 000,000,872 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\yahoo.gif
[2009/06/11 20:06:33 | 000,000,466 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\yahoo.src
[2009/06/11 20:06:33 | 000,001,767 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\yahoo.xml
[2009/01/02 15:51:16 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Profiles\fs6r6jx0.default\searchplugins\youtube---broadcast-yourself.xml
[2011/05/02 22:16:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/30 14:15:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/04/19 12:23:27 | 000,000,000 | ---D | M] (Browser Defender Toolbar) -- C:\PROGRAM FILES\PC TOOLS SECURITY\BDT\FIREFOX
[2010/01/18 18:01:47 | 000,000,000 | ---D | M] (Java Quick Starter) -- G:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/18 11:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2004/12/22 10:08:32 | 000,110,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2007/09/10 12:10:04 | 000,086,016 | ---- | M] (SpiralFrog Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPSFDMGR.dll
[2006/08/09 04:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll

Hosts file not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (NTIECatcher Class) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll (Xi)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [diagent] C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LiveZilla] G:\Program Files\LiveZilla\LiveZilla.exe (LiveZilla GmbH)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\WrtMon.exe ()
O4 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007..\Run: [Artisan 810(Network)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFRA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007..\Run: [PMSpeed] C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\mIRC.lnk = G:\mIRC_Program\mirc.exe (mIRC Co. Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Canada ULC.)
O4 - Startup: C:\Documents and Settings\Dawson Irvine\Start Menu\Programs\Startup\DUC 3.0.lnk = C:\Program Files\No-IP\DUC30.exe ()
O4 - Startup: C:\Documents and Settings\Dawson Irvine\Start Menu\Programs\Startup\Styler.lnk = C:\Documents and Settings\Dawson Irvine\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL (ATI Technologies Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O15 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..Trusted Domains: ([]msn in )
O15 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..Trusted Domains: dniwebdesign.com ([www] http in Local intranet)
O15 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..Trusted Domains: no-ip.com ([www.dni-server] http in Local intranet)
O15 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007\..Trusted Domains: utexts.ca ([www] http in Local intranet)
O16 - DPF: {0000000A-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmsp9dmo.cab (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab (Reg Error: Key error.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} http://download.microsoft.com/download/0/f/b/0fb0fab9-7f09-4bb6-86d8-8e791ba99ac5/VirtualEarth3D.cab (Reg Error: Key error.)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/download/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1DA0B259-8F4D-48C1-9889-DE2D568D4131} http://chevy.a.content.maven.net/mvms/vfs/chevy/chevylive/live/install/installerAX.cab (InstallerAX Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab (Reg Error: Key error.)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://spaces.msn.com//PhotoUpload/MsnPUpld.cab (Reg Error: Key error.)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab (Reg Error: Key error.)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebook.com/controls/FacebookPhotoUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} http://smms.sub.fulfillment.puretracks.com/onager_smms.cab (OnagerCtrl Class)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://rigs.precisiondrilling.com/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O16 - DPF: {637BB540-6ABA-11D4-901D-00D0090CB3BC} http://www.flashants.com/codebase/fmplayer.cab (FMClass Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197864916829 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab (AXELPlayer Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197864851907 (MUWebControl Class)
O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} http://www.gamehouse.com/games/gamehouse/ghplayer.cab (GameHouse Games Player)
O16 - DPF: {74EF5274-F439-2168-B543-14745B625C72} http://www.gamehouse.com/games/WeddingDash2.cab (CPlayFirstWeddingDasControl Object)
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} http://www.wylde.net/msrdp.cab (Microsoft RDP Client Control (redist))
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37954.9984953704 (Reg Error: Key error.)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (Reg Error: Key error.)
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} http://simcity.ea.com/play/classic/SimCityX.cab (SimCityX Control)
O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} http://simcity.ea.com/update/MaxisSimCity4PatcherX.cab (MaxisSimCity4PatcherX Control)
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab (NsvPlayX Control)
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697515} http://www.nullsoft.com/nsv/embed/nsvplayx_vp5_mp3.cab (NsvPlayX Control)
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/bingame/zpagames/zpa_pool.cab36107.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_01-win.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.4.1/jinstall-1_4_1_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-440000000000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553516000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} http://zone.msn.com/bingame/feed/default/SproutLauncher.cab (Reg Error: Key error.)
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} http://zone.msn.com/bingame/gold/default/gf.cab (Reg Error: Key error.)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab35645.cab (Reg Error: Key error.)
O16 - DPF: {FA5369ED-D19A-434C-8F59-EE90D690D36C} https://secure.logmein.com/activex/RACtrl.cab (Chat Activex Control)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: RaptisoftGameLoader http://www.miniclip.com/hamsterball/raptisoftgameloader.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 142.165.200.135 142.165.157.5
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\maven-8110 {8AD8E31C-8D60-4166-862E-54F748A76169} - C:\Program Files\Chevy\bin\bin-1\protocolHandler.dll ()
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - G:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-qt2007 {026BF40D-BA05-467b-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\SYSTEM32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-4205683485-3212168527-1303186231-1007 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 () - http://www.dni-server.no-ip.com/thunderfm/
O24 - Desktop WallPaper: C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dawson Irvine\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - G:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006/12/24 23:41:40 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5da8613b-cb32-11de-8a89-0007e95397b4}\Shell\AutoRun\command - "" = L:\.\kiss_player.exe
O33 - MountPoints2\{73718ed8-aba4-11dc-9c4e-000f66eebbe8}\Shell\AutoRun\command - "" = H:\ATI2EVXX.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (rmvirut.nt) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\WINDOWS\system32\mscert.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpFolder: C:^Documents and Settings^Dawson Irvine^Start Menu^Programs^Startup^Styler.lnk - - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} -
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} -
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4EE370A1-DED4-C6EB-4236-F32FA07C2534} - Outlook Express
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5F95E1AF-2620-4f15-BDF9-7FDCE4607E17} - BearShare
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {72ADAD5C-ACBF-02D3-7113-D59E2F8DD115} - Microsoft Windows Media Player 6.4
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {810F40D8-FEC2-D12C-B64A-7ACD60861C69} - Themes Setup
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {8D3E3F1E-2DC4-AA36-7739-4A656A94374B} - Adobe Shockwave Director 11.0
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {98A65F91-EFB5-11cf-87CA-0020AFEECF20} - Microsoft HTML Layout Control
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {C3A94137-9EBF-EA64-1487-7BFB9E5AE30D} - Internet Explorer
ActiveX: {C4EEE7F7-84A1-5402-F1A3-F1B0DA015A23} - Macromedia Shockwave Director 10.1
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {CE0BB69B-7E58-4571-D5DB-88A364013B35} - Vector Graphics Rendering (VML)
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {F13C5B0F-93B8-F795-C260-4BF9A5151837} - Vector Graphics Rendering (VML)
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: AutorunsDisabled -

Drivers32: msacm.avis - C:\WINDOWS\System32\ff_acm.acm ()
Drivers32: msacm.ctmp3 - C:\WINDOWS\SYSTEM32\ctmp3.acm (Creative Technology Ltd.)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\Vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSACM.MSNAUDIO - C:\WINDOWS\System32\msnaudio.acm (Microsoft Corporation)
Drivers32: MSACM.msrt24 - C:\WINDOWS\System32\msrt24.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.CFHD - C:\WINDOWS\System32\cfhd.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.DRAW - DVIDEO.DLL File not found
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\HUFFYUV.DLL (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\IR41_32.DLL (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.mjpx - C:\WINDOWS\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - pclepim1.dll File not found
Drivers32: vidc.rtmp - Roxio_DivX.dll File not found
Drivers32: VIDC.SP53 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP54 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP55 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP56 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP57 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP58 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.SP59 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus Corporation)
Drivers32: VIDC.VCR1 - ATIVCR1.DLL File not found
Drivers32: VIDC.VCR2 - ATIVCR2.DLL File not found
Drivers32: VIDC.VIFP - C:\WINDOWS\System32\VFCodec.dll ()
Drivers32: vidc.VP31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: vidc.VP60 - C:\WINDOWS\SYSTEM32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\SYSTEM32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YU12 - C:\WINDOWS\System32\atiyuv12.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/05/01 22:47:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dawson Irvine\Desktop\GooredFix Backups
[2011/05/01 22:42:39 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Dawson Irvine\Desktop\GooredFix.exe
[2011/05/01 13:23:31 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dawson Irvine\Desktop\OTL.exe
[2011/04/30 14:15:34 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/04/30 14:15:34 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/04/30 14:15:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/04/30 14:15:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/04/27 21:19:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/04/26 18:11:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Vista Games
[2011/04/26 00:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Identities
[2011/04/26 00:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Identities
[2011/04/19 12:23:22 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll
[2011/04/19 12:23:21 | 002,000,848 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll
[2011/04/19 12:23:21 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll
[2011/04/18 23:53:26 | 000,656,320 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2011/04/18 23:53:25 | 000,338,880 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2011/04/18 23:53:22 | 000,251,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011/04/18 23:53:04 | 000,239,168 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011/04/18 23:53:04 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011/04/18 23:53:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
[2011/04/18 23:52:51 | 000,070,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2011/04/18 23:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/04/18 23:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/04/18 23:52:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dawson Irvine\Application Data\PC Tools
[2011/04/18 23:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/12/11 19:33:45 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2004/09/12 00:52:11 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2004/09/12 00:52:11 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2003/10/29 18:26:31 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\Documents and Settings\Dawson Irvine\My Documents\*.tmp files -> C:\Documents and Settings\Dawson Irvine\My Documents\*.tmp -> ]
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/03 12:01:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4205683485-3212168527-1303186231-1007UA.job
[2011/05/03 12:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2011/05/03 11:37:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/03 08:37:01 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/03 02:01:03 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4205683485-3212168527-1303186231-1007Core.job
[2011/05/02 18:29:47 | 000,150,016 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/02 07:35:23 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Settings.cfg
[2011/05/01 22:42:40 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Dawson Irvine\Desktop\GooredFix.exe
[2011/05/01 13:23:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dawson Irvine\Desktop\OTL.exe
[2011/04/27 22:19:39 | 000,000,052 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Create PHP Session Folder.bat
[2011/04/27 21:38:21 | 000,001,657 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/27 21:38:21 | 000,001,639 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/04/27 16:20:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/25 07:31:50 | 000,034,876 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\208122_10150543766395526_618455525_17999915_1830838_n.jpg
[2011/04/23 12:21:09 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Start Menu\Programs\Startup\Styler.lnk
[2011/04/23 12:10:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/04/23 12:10:50 | 2683,375,616 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/23 10:04:00 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\defogger_reenable
[2011/04/18 23:54:01 | 000,644,924 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/04/18 23:48:24 | 000,512,992 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\sdsetup_revwire207.exe
[2011/04/14 05:08:11 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/04/14 05:08:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/04/14 05:08:09 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/04/14 05:07:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/04/14 02:40:22 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/04/12 21:10:31 | 000,215,248 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\e2363061.mp3
[2011/04/12 20:47:49 | 000,033,901 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\playoffdraft2011.pdf
[2011/04/10 16:30:38 | 000,411,709 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Codette_Google_2009_02.jpg
[2011/04/10 16:30:26 | 000,424,182 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Codette_Google_2009.jpg
[2011/04/09 12:26:29 | 000,007,434 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\26_2color_logo.jpg
[2011/04/09 09:27:43 | 000,018,472 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\paypalplatform.php
[2011/04/09 00:26:17 | 004,310,350 | ---- | M] () -- C:\Documents and Settings\Dawson Irvine\Desktop\PP_AdaptivePayments.pdf
[2011/04/04 21:24:47 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\Documents and Settings\Dawson Irvine\My Documents\*.tmp files -> C:\Documents and Settings\Dawson Irvine\My Documents\*.tmp -> ]
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/27 22:19:39 | 000,000,052 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Create PHP Session Folder.bat
[2011/04/25 07:31:49 | 000,034,876 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\208122_10150543766395526_618455525_17999915_1830838_n.jpg
[2011/04/23 10:02:57 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\defogger_reenable
[2011/04/20 17:42:41 | 2683,375,616 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/19 12:23:23 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2011/04/19 12:23:22 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2011/04/19 12:23:22 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2011/04/19 12:23:22 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2011/04/19 12:23:21 | 000,002,125 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2011/04/18 23:53:35 | 000,644,924 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/04/18 23:50:37 | 000,512,992 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\sdsetup_revwire207.exe
[2011/04/18 23:40:34 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/04/12 21:10:31 | 000,215,248 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\e2363061.mp3
[2011/04/12 20:47:49 | 000,033,901 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\playoffdraft2011.pdf
[2011/04/10 16:30:38 | 000,411,709 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Codette_Google_2009_02.jpg
[2011/04/10 16:30:26 | 000,424,182 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\Codette_Google_2009.jpg
[2011/04/09 12:26:27 | 000,007,434 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\26_2color_logo.jpg
[2011/04/09 09:27:42 | 000,018,472 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\paypalplatform.php
[2011/04/09 00:26:17 | 004,310,350 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Desktop\PP_AdaptivePayments.pdf
[2011/03/10 00:50:48 | 000,001,056 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\qif2csv.ini
[2011/02/05 23:35:19 | 000,000,272 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010/11/28 01:42:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/11/10 17:48:21 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/11/10 17:48:21 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/11/10 17:48:20 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/11/10 17:48:20 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/11/10 17:48:20 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/11/10 17:48:20 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/11/10 17:48:20 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/11/10 17:48:20 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/11/10 17:48:20 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/11/10 17:48:20 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/11/10 17:48:20 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/11/10 17:48:20 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/11/10 17:48:20 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/11/10 17:48:20 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/11/10 17:48:20 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/11/10 17:48:20 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/11/10 17:42:43 | 000,000,090 | ---- | C] () -- C:\WINDOWS\EPART810.ini
[2010/09/06 15:44:15 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/07/15 22:45:35 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010/03/27 02:01:24 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\default.rss
[2010/03/25 21:07:19 | 000,000,071 | ---- | C] () -- C:\WINDOWS\PrintCD.INI
[2010/01/26 21:10:04 | 000,000,037 | ---- | C] () -- C:\WINDOWS\SWFConverter.INI
[2009/12/27 00:06:42 | 000,000,153 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2009/12/27 00:03:58 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\Settings.cfg
[2009/12/21 01:23:53 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/12/13 04:19:12 | 000,000,121 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2009/12/11 19:33:46 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2009/12/11 19:33:41 | 000,005,917 | ---- | C] () -- C:\WINDOWS\SBMIXDEF.INI
[2009/12/11 16:27:48 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009/12/11 13:07:22 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2009/12/02 10:16:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\sc.exe
[2009/12/01 12:14:00 | 000,603,904 | ---- | C] () -- C:\WINDOWS\System32\TUProgSt.exe
[2009/11/24 01:24:38 | 000,001,130 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\FASTWiz.html
[2009/11/23 20:29:07 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\FASTApp.html
[2009/11/20 22:07:32 | 000,000,387 | ---- | C] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/20 22:07:32 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
[2009/11/20 22:07:32 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\config.data
[2009/11/20 18:23:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Gyuvikuwafon.bin
[2009/11/20 18:23:07 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Byojilul.dat
[2009/10/31 00:28:26 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2009/07/26 19:23:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\servbot.INI
[2009/07/17 17:10:15 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/07/17 17:10:13 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\PnkBstrK.sys
[2009/07/17 17:09:49 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/07/17 17:09:41 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/07/17 17:09:41 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/05/30 23:37:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009/05/17 00:31:54 | 000,000,095 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2009/05/16 18:11:23 | 000,000,195 | ---- | C] () -- C:\WINDOWS\WinHelp.ini
[2009/05/04 13:17:15 | 000,166,484 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/05/02 23:09:18 | 000,000,037 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2009/02/23 23:58:26 | 000,000,133 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2008/10/28 22:48:52 | 000,002,352 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2008/10/20 20:45:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/10/20 19:06:10 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/10/20 19:06:09 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/10/20 19:06:08 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/10/20 19:06:08 | 000,165,782 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/07/30 20:41:32 | 000,000,085 | ---- | C] () -- C:\WINDOWS\System32\everest_cpl.ini
[2008/05/22 23:05:58 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\VERMONT1.DLL
[2008/05/22 23:05:58 | 000,012,416 | ---- | C] () -- C:\WINDOWS\System32\VRX1.DLL
[2008/05/22 23:05:57 | 000,107,520 | ---- | C] () -- C:\WINDOWS\System32\SIMANT.DLL
[2008/03/26 20:29:08 | 000,017,723 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/10/23 23:23:15 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\CE5A8CCED5.sys
[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/10/04 22:19:11 | 002,097,152 | ---- | C] () -- C:\WINDOWS\System32\autorun.bin
[2007/08/21 16:51:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007/08/21 14:36:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2007/07/16 18:10:49 | 000,001,314 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2007/07/13 20:57:12 | 000,049,653 | ---- | C] () -- C:\WINDOWS\php.ini
[2007/07/13 19:20:20 | 000,040,609 | ---- | C] () -- C:\WINDOWS\php2asd.ini
[2007/06/05 13:20:32 | 000,177,704 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2007/05/22 19:14:58 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007/05/06 02:16:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2007/02/05 10:37:52 | 000,000,080 | RHS- | C] () -- C:\WINDOWS\System32\D5CE8C5ACE.dll
[2006/12/31 16:15:20 | 000,001,984 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/12/25 00:08:04 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2006/12/24 23:41:40 | 000,001,289 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2006/12/24 23:41:39 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2006/12/24 23:41:39 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2006/12/24 23:41:39 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2006/12/24 23:41:39 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2006/12/24 23:41:39 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006/08/29 23:15:49 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/08/29 23:15:49 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/07/16 22:03:28 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/07/16 22:03:28 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/07/16 22:03:28 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/07/16 22:03:27 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/07/16 22:03:27 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/07/16 22:03:27 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/04/27 21:24:19 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\$HCPINI$.DAT
[2006/04/10 18:28:22 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/03/14 22:30:05 | 000,000,082 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2006/03/14 16:24:47 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/02/25 23:29:18 | 000,012,840 | ---- | C] () -- C:\WINDOWS\W3DemoUnin.dat
[2005/11/24 21:22:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\defaultcode.cfg
[2005/11/08 00:43:30 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\shctxex.dll
[2005/11/05 02:12:22 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DVDSentry.ini
[2005/11/05 01:26:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/11/04 21:55:21 | 000,050,314 | ---- | C] () -- C:\WINDOWS\php3.ini
[2005/11/04 21:00:37 | 000,028,672 | ---- | C] () -- C:\WINDOWS\php4apache.dll
[2005/10/19 01:54:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2005/10/15 02:51:23 | 000,015,284 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/10/15 02:43:56 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv9869p2now.sys
[2005/10/15 02:40:55 | 000,000,068 | ---- | C] () -- C:\WINDOWS\System32\NCTTAudioFile.dll
[2005/10/03 12:53:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2005/10/03 12:14:28 | 000,000,083 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/23 09:00:07 | 000,000,871 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2005/09/12 17:18:37 | 000,601,532 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\imageCache7.db
[2005/09/09 21:45:38 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/07/29 08:41:18 | 000,032,771 | ---- | C] () -- C:\WINDOWS\System32\wupruni.dll
[2005/07/29 02:33:00 | 000,197,753 | ---- | C] () -- C:\WINDOWS\System32\lcwsc.dat
[2005/07/18 14:19:28 | 000,000,017 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/07/14 12:31:20 | 000,027,648 | RHS- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2005/07/04 03:29:03 | 000,006,019 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/07/04 03:29:03 | 000,000,503 | ---- | C] () -- C:\WINDOWS\iconeasl.ini
[2005/07/04 03:29:03 | 000,000,099 | ---- | C] () -- C:\WINDOWS\CTRec.INI
[2005/07/04 03:29:03 | 000,000,028 | ---- | C] () -- C:\WINDOWS\jgrprn.INI
[2005/06/21 22:37:42 | 000,045,568 | RHS- | C] () -- C:\WINDOWS\System32\cygz.dll
[2005/05/13 17:12:00 | 000,217,073 | RHS- | C] () -- C:\WINDOWS\meta4.exe
[2005/05/05 17:03:50 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2005/05/05 17:03:21 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/05/05 17:03:20 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/05/05 17:03:05 | 000,001,623 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2005/04/05 23:25:35 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2005/04/05 23:25:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\transkriber.INI
[2005/04/05 10:43:31 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2005/02/22 20:23:33 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2005/02/17 18:29:24 | 000,000,301 | ---- | C] () -- C:\WINDOWS\System32\obdb.DAT
[2005/02/05 13:46:00 | 000,004,608 | ---- | C] () -- C:\WINDOWS\fgexec.dll
[2005/01/28 00:19:13 | 000,000,026 | ---- | C] () -- C:\WINDOWS\MSwf2Avi.INI
[2005/01/04 14:24:52 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005/01/04 14:12:37 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2004/12/20 18:24:03 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/12/20 14:30:39 | 000,000,737 | ---- | C] () -- C:\WINDOWS\System32\msdrivertempxdc.dll
[2004/12/20 14:30:26 | 000,001,083 | ---- | C] () -- C:\WINDOWS\System32\udprdrv.dll
[2004/12/20 14:30:25 | 000,002,214 | ---- | C] () -- C:\WINDOWS\System32\msinstl.dll
[2004/12/20 14:30:25 | 000,001,515 | ---- | C] () -- C:\WINDOWS\System32\msactctr.dll
[2004/12/11 17:43:09 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\fusioncache.dat
[2004/11/12 23:55:55 | 000,000,171 | ---- | C] () -- C:\WINDOWS\icecast2.ini
[2004/10/26 16:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/10/07 16:23:41 | 000,081,972 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2004/09/16 22:19:20 | 000,892,946 | ---- | C] () -- C:\WINDOWS\System32\alleg40.dll
[2004/09/06 19:47:26 | 000,190,464 | ---- | C] () -- C:\WINDOWS\System32\landplot.dll
[2004/09/06 00:33:24 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Dawson Irvine.ini
[2004/08/22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/22 22:32:54 | 000,000,005 | ---- | C] () -- C:\WINDOWS\AXELPlayer.dat
[2004/06/27 23:20:36 | 000,000,013 | ---- | C] () -- C:\WINDOWS\System32\user.dat
[2004/03/25 18:23:37 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/03/18 11:12:13 | 000,000,273 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\devcpp.cfg
[2004/03/18 11:11:36 | 000,004,578 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\devcpp.ini
[2004/03/09 15:29:12 | 000,123,989 | ---- | C] () -- C:\WINDOWS\RSEDNClientUninstaller.exe
[2004/02/28 02:24:42 | 000,000,063 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2004/02/12 10:59:20 | 000,000,235 | ---- | C] () -- C:\Program Files\My Documents.htm
[2004/02/07 17:42:46 | 000,000,506 | ---- | C] () -- C:\WINDOWS\my.ini
[2004/02/06 17:18:42 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/01/30 22:10:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Ultra.dll
[2004/01/28 21:46:27 | 000,001,109 | ---- | C] () -- C:\Program Files\common.php
[2004/01/25 11:09:45 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\Regobj.dll
[2004/01/24 21:16:53 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2004/01/15 12:43:54 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2003/12/11 13:49:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MinGW.INI
[2003/11/13 07:13:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\netscape.INI
[2003/11/13 07:11:26 | 000,633,538 | ---- | C] () -- C:\WINDOWS\cd32.exe
[2003/11/09 21:09:01 | 000,000,196 | R--- | C] () -- C:\WINDOWS\htwtb.bin
[2003/11/04 21:00:30 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2003/11/03 00:00:02 | 000,872,448 | ---- | C] () -- C:\WINDOWS\System32\iconv.dll
[2003/10/31 23:58:17 | 000,000,103 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2003/10/29 18:26:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\BurnData.bin
[2003/10/22 17:17:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\J2ExeHook.dll
[2003/10/09 10:33:36 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\liplW7.dll
[2003/10/09 10:33:36 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\liplPX.dll
[2003/10/09 10:33:36 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\liplP6.dll
[2003/10/09 10:33:36 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\liplM6.dll
[2003/10/09 10:33:35 | 000,290,816 | ---- | C] () -- C:\WINDOWS\System32\liplA6.dll
[2003/10/09 10:33:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lipl.dll
[2003/10/09 10:33:35 | 000,005,187 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2003/09/27 16:58:12 | 000,000,225 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2003/09/20 18:36:30 | 000,000,039 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2003/09/18 23:28:56 | 000,000,867 | ---- | C] () -- C:\WINDOWS\easyicon.ini
[2003/09/16 15:42:08 | 000,032,246 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/09/16 15:41:59 | 000,095,440 | ---- | C] () -- C:\WINDOWS\MozillaUninstall.exe
[2003/09/16 15:41:47 | 000,024,003 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2003/09/08 19:41:26 | 000,006,688 | ---- | C] () -- C:\WINDOWS\movexe.exe
[2003/09/08 17:17:19 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2003/09/08 16:57:58 | 000,000,054 | ---- | C] () -- C:\WINDOWS\DNI Web Design.ini
[2003/09/01 10:06:14 | 000,002,696 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2003/08/25 18:44:33 | 000,000,094 | -H-- | C] () -- C:\WINDOWS\System32\tdb_G1asw.ini
[2003/08/17 12:21:10 | 000,000,048 | ---- | C] () -- C:\WINDOWS\NewSaver.ini
[2003/08/12 18:48:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Application Data\dm.ini
[2003/08/11 22:38:37 | 000,000,195 | ---- | C] () -- C:\WINDOWS\REGPSD20.INI
[2003/08/11 22:37:57 | 000,000,797 | ---- | C] () -- C:\WINDOWS\PSD2WIN.INI
[2003/08/11 22:37:57 | 000,000,089 | ---- | C] () -- C:\WINDOWS\psdxport.ini
[2003/08/11 17:23:16 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Morpheus.INI
[2003/08/09 19:49:51 | 000,000,793 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2003/08/08 20:57:50 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2003/08/08 17:57:17 | 000,000,051 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2003/08/08 17:54:20 | 000,000,537 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2003/08/07 12:39:26 | 000,000,470 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2003/08/06 20:03:24 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\Dawson Irvine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/08/06 12:29:18 | 000,000,124 | ---- | C] () -- C:\WINDOWS\cool.ini
[2003/08/06 12:27:47 | 000,000,754 | ---- | C] () -- C:\WINDOWS\wordpad.ini
[2003/08/06 12:04:02 | 000,001,858 | ---- | C] () -- C:\WINDOWS\instvise.ini
[2003/08/05 21:12:08 | 000,001,080 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2003/07/29 14:21:59 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/07/29 14:17:08 | 000,000,784 | ---- | C] () -- C:\WINDOWS\lrun32.ini
[2003/07/29 14:15:40 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/07/29 14:14:12 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2003/07/29 14:14:12 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/07/29 14:14:01 | 000,002,516 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2003/07/29 14:14:01 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/07/29 14:14:00 | 000,000,064 | ---- | C] () -- C:\WINDOWS\P16x.ini
[2003/07/29 14:13:36 | 000,000,245 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/07/29 14:09:29 | 000,000,883 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/07/29 14:00:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2003/07/29 13:58:10 | 000,459,796 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2003/07/29 13:58:10 | 000,077,188 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2003/07/29 13:46:28 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/03/28 14:31:52 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2003/03/28 14:31:52 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003/01/07 15:15:26 | 000,000,255 | ---- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2002/11/13 13:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2002/10/29 17:04:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2002/10/03 14:42:27 | 000,000,034 | ---- | C] () -- C:\WINDOWS\Q3version.ini
[2002/09/03 11:17:03 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 11:16:59 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/03 10:52:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/03 10:51:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/03 10:41:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/03 10:41:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/03 10:32:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/03 10:30:33 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/09/03 08:05:08 | 002,526,328 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/03 07:59:14 | 000,004,328 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 07:56:30 | 000,023,360 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2002/01/20 20:30:58 | 000,000,418 | ---- | C] () -- C:\WINDOWS\System32\FlashSaver.dat
[2002/01/13 16:47:48 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\FsmSaver.dat
[2001/08/17 16:36:28 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2000/07/22 16:49:46 | 000,431,104 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[1999/08/12 00:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999/08/12 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/08/12 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997/03/15 00:00:00 | 000,000,014 | ---- | C] () -- C:\WINDOWS\GLFHELP.INI
[1979/12/31 23:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2003/10/22 17:18:46 | 000,145,740 | ---- | M] () -- C:\Blotto.exe
[2003/10/22 17:19:09 | 000,145,724 | ---- | M] () -- C:\Blottos.exe
[2009/12/03 17:05:16 | 000,274,432 | ---- | M] () -- C:\FIMAIN.EXE


< MD5 for: EXPLORER.EXE >
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2009/03/19 13:06:34 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\SYSTEM32\winlogon.exe
[2009/03/19 13:06:14 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 4870 bytes -> C:\WINDOWS\River Sumida.bmp:vhajvd
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\vpd.properties:hmeups
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\Viewer.ini:pumpvq
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\jgrprn.INI:jdmjvg
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\CTRec.INI:iitifb
@Alternate Data Stream - 206 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 197753 bytes -> C:\WINDOWS\iconeasl.ini:qcteav
@Alternate Data Stream - 197753 bytes -> C:\WINDOWS\cdPlayer.ini:xhqpjg
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 11736 bytes -> C:\WINDOWS\transkriber.INI:esjeyv
@Alternate Data Stream - 11736 bytes -> C:\WINDOWS\QSync.INI:kgwyzq

< End of report >


Extras.txt

OTL Extras logfile created on: 01/05/2011 1:27:14 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Dawson Irvine\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
9.00 Gb Paging File | 8.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.72 Gb Total Space | 8.79 Gb Free Space | 7.87% Space Free | Partition Type: NTFS
Drive G: | 698.64 Gb Total Space | 446.65 Gb Free Space | 63.93% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: DAWSON | User Name: Dawson Irvine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.scr [@ = scrfile] -- "%1" /s
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1

[HKEY_USERS\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = AutoCADScriptFile] -- C:\WINDOWS\system32\notepad.exe "%1"

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "G:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp5\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp5\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp5\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3702:UDP" = 3702:UDP:*:Enabled:Vista 1
"5357:TCP" = 5357:TCP:*:Enabled:Vista 2
"5358:TCP" = 5358:TCP:*:Enabled:Vista 3
"86:TCP" = 86:TCP:*:Enabled:BroadCam Web Server
"80:TCP" = 80:TCP:*:Enabled:Eyeline Web Control Panel
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"3306:TCP" = 3306:TCP:*:Enabled:MySQL Server

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\ProgramFiles\mIRC\mirc.exe" = C:\ProgramFiles\mIRC\mirc.exe:*:Enabled:mIRC
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
"C:\Documents and Settings\Dawson Irvine\Desktop\utorrent.exe" = C:\Documents and Settings\Dawson Irvine\Desktop\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client
"C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe" = C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Disabled:SmartFTP Client 2.0 -- (SmartFTP GmbH)
"C:\Server\1st SMTP Server\SMTPServer.exe" = C:\Server\1st SMTP Server\SMTPServer.exe:*:Disabled:SMTPServer
"C:\Program Files\BearShare\BearShare.exe" = C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Program Files\Visicom Media\AceFTP 3\aceftp3.exe" = C:\Program Files\Visicom Media\AceFTP 3\aceftp3.exe:*:Enabled:AceFTP v3 -- (Visicom Media Inc.)
"C:\Program Files\J2SE 1.4.2\j2sdk1.4.2\bin\java.exe" = C:\Program Files\J2SE 1.4.2\j2sdk1.4.2\bin\java.exe:*:Enabled:java
"G:\Program Files\mIRC\dbClammer\mirc.exe" = G:\Program Files\mIRC\dbClammer\mirc.exe:*:Enabled:mIRC
"C:\Program Files\SpacialAudio\SAMBC4\SAMBC.exe" = C:\Program Files\SpacialAudio\SAMBC4\SAMBC.exe:*:Enabled:SAMBC
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"G:\Program Files\FrostWire\FrostWire.exe" = G:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire
"G:\Program Files\Intuit\QuickBooks 2009\QBDBMgrN.exe" = G:\Program Files\Intuit\QuickBooks 2009\QBDBMgrN.exe:*:Enabled:QuickBooks 2009 Data Manager
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
"C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN30.tmp" = C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN30.tmp:*:Disabled:BN30
"C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN26.tmp" = C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN26.tmp:*:Disabled:BN26
"C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN25.tmp" = C:\Documents and Settings\Dawson Irvine\Local Settings\Temp\BN25.tmp:*:Disabled:BN25
"D:\Program Files\LiveZilla\LiveZilla Server Admin.exe" = D:\Program Files\LiveZilla\LiveZilla Server Admin.exe:*:Enabled:LiveZilla Server Admin
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"G:\Program Files\Noguska\NolaPro\Apache\bin\Apache.exe" = G:\Program Files\Noguska\NolaPro\Apache\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
"C:\Program Files\Visicom Media\AceFTP 3 Pro\aceftp3.exe" = C:\Program Files\Visicom Media\AceFTP 3 Pro\aceftp3.exe:*:Enabled:AceFTP v3 -- (Visicom Media Inc.)
"C:\WINDOWS\SYSTEM32\USMT\migwiz.exe" = C:\WINDOWS\SYSTEM32\USMT\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"G:\mIRC_Program\mirc.exe" = G:\mIRC_Program\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"G:\Program Files\Java\jre6\bin\java.exe" = G:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"G:\Downloads\pp2-0.81-win32\pp2.exe" = G:\Downloads\pp2-0.81-win32\pp2.exe:*:Enabled:pp2 -- ()
"G:\Program Files\LiveZilla\LiveZilla Server Admin.exe" = G:\Program Files\LiveZilla\LiveZilla Server Admin.exe:*:Enabled:LiveZilla Server Admin -- (LiveZilla GmbH)
"C:\Program Files\SpacialAudio\SAMBC4.2.2\SAMBC.exe" = C:\Program Files\SpacialAudio\SAMBC4.2.2\SAMBC.exe:*:Enabled:SAMBC -- ()
"C:\Program Files\SHOUTcast\sc_serv.exe" = C:\Program Files\SHOUTcast\sc_serv.exe:*:Enabled:sc_serv -- ()
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager.exe -- (SEIKO EPSON CORPORATION)
"C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe" = C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe:*:Enabled:EpsonNet Setup -- (SEIKO EPSON CORPORATION)
"G:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe" = G:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe:*:Enabled:QuickBooks 2011 Data Manager -- (Intuit, Inc.)
"G:\Program Files\gnucash\bin\gnucash-bin.exe" = G:\Program Files\gnucash\bin\gnucash-bin.exe:*:Enabled:GnuCash Free Finance Manager -- ()
"G:\Program Files\gnucash\bin\gconfd-2.exe" = G:\Program Files\gnucash\bin\gconfd-2.exe:*:Enabled:GConf Settings Manager -- ()
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Free SMTP Server\localsrv.exe" = C:\Program Files\Free SMTP Server\localsrv.exe:*:Enabled:localsrv
"C:\Program Files\NewSoft\Presto! PageManager 8 for EP\LicenseCheck.exe" = C:\Program Files\NewSoft\Presto! PageManager 8 for EP\LicenseCheck.exe:*:Enabled:License Check -- (NewSoft Technology Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{053EC7D7-25D6-87DE-FB3C-21EDA3AC1B3D}" = CCC Help Japanese
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{084709F7-38C5-4609-B55F-2417939315EB}" = Adobe Premiere Pro
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{09E03881-E349-18A2-2AFC-CADE51DF080E}" = CCC Help Thai
"{0A21C24B-51D8-49B9-ABD2-BD8E7BF59BC6}" = EiffelStudio 5.6
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C8364B1-AFD8-45B7-ACE8-B76113B6C418}" = FugVS2005
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = The Sims Deluxe Edition
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12C11D57-0E6B-64F2-B99E-E40E785AEB56}" = CCC Help Hungarian
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert
"{152441C1-D4DA-EE78-7E4A-514DD0361256}" = CCC Help Dutch
"{15561f98-6d90-4465-b761-c1dc5bbc369b}" = Nero 9 Trial
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16C291EE-B2F5-1636-D382-FEB776F677BE}" = CCC Help Italian
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{18941178-396B-0CC4-2168-17112315EBB8}" = ccc-utility
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B3D70BF-F1E5-1548-C1ED-22F0D47BDDD1}" = CCC Help Finnish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20FA8AEE-E785-4F79-98EB-2067A8F395F4}" = Monopoly
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22CCA04F-DFE0-5337-770C-3CFD2CDCF2D9}" = ccc-core-static
"{22EC35BD-F8F2-45EB-8DCB-1C7FB65D0A71}" = QuickTax 2007
"{23FF9E63-A8E3-43A7-8AA0-D714F475299F}" = Maya 5.0
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 25
"{28644560-6A34-4D36-B016-C49A17D96901}" = CPR AC4400 9590
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2CC982C0-7EAE-11D4-ACC3-0050568AD318}" = Avery DesignPro
"{2DDBE461-3A0D-A6C2-6944-92D694AFB12A}" = Catalyst Control Center Localization French
"{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}" = Cypress USB Mass Storage Driver Installation
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{3283A1B6-CF15-46F6-82AF-E4EC666B4E98}" = MySQL Server 5.1
"{3373AFA7-672F-407C-68F0-955FB5930A47}" = Catalyst Control Center Localization Turkish
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34E47D64-8A6F-47DC-937B-6454EDFC4FC7}" = InstallShield X
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{35CB8AFB-0376-9D4F-24E5-1EEC1CEE1A4B}" = CCC Help Chinese Standard
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36417A39-B6A6-BE0F-0AD0-6D9B116985D1}" = CCC Help Swedish
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{37B1F7CD-13E4-47DA-9E84-51AD6972ADC5}" = Stereoscopic Player
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FAFEF64-911D-8013-18B5-E0BDF223A5C0}" = CCC Help Korean
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{3FEC3A5B-60FF-4626-B425-08E09B121A15}" = LogMeIn
"{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}" = Google Earth
"{40AB54C3-DD4B-467A-847E-162035CD252C}" = Logitech ImageStudio
"{40E4166C-460E-65F8-F84B-88A2F9EA69F4}" = CCC Help Polish
"{421D1CB2-0C0B-AC1D-06E5-14B0974376B5}" = Catalyst Control Center Localization Korean
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{437E061E-F98D-4D6C-A764-DAA16B7CA8B7}" = MySQL Administrator 1.0
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{451CEE76-0FFE-802D-1F5E-615D69BC7007}" = Catalyst Control Center Localization Greek
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{4609F28C-0BDB-F2B2-9DC7-B35A28478312}" = Catalyst Control Center Localization Czech
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{46E1C9E1-9CC6-D432-F2BB-7CFC27B32EC9}" = Catalyst Control Center Localization Russian
"{46F441C8-4193-4D54-9F93-751D27EFB8F4}" = MySQL Server 5.0
"{478A3F2D-2C8B-4ABC-A6E2-2C161107F35C}" = MyInvoices & Estimates Deluxe
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{519118EE-ACFD-16B7-7FEA-6B47D529B50C}" = Catalyst Control Center Core Implementation
"{5325AF31-8FEF-EEA6-084E-6784F834B5C0}" = Catalyst Control Center Graphics Full Existing
"{53A0BE5E-F813-43BD-AEDF-8A0036724648}" = QuickBooks Customer Manager Version 1
"{5404E185-BD7C-4A72-ABD0-91A411A05726}" = Ulead VideoStudio 6 Trial
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57105084-049B-008E-165A-92AF92B0C60F}" = ccc-core-preinstall
"{5783F2D7-7001-0409-0002-0060B0CE6BBA}" = AutoCAD 2009 - English
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.7.0519
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5D29A4EF-A57F-4F47-89F8-4EB3C5302A53}" = Apache HTTP Server 1.3.29
"{5DE136A9-DCAE-69D0-08CB-02F07CFC9398}" = CCC Help Spanish
"{5E7AD152-771A-52C9-8394-E2F3BA629E06}" = CCC Help Greek
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6782B259-804B-301D-0DE9-13000375C2D2}" = Catalyst Control Center Localization Japanese
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6924B6B2-EEA2-441D-A939-A6C26EE278F9}" = ATIRW15
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D58E839-9E34-3979-7BFD-145BD5E9401C}" = CCC Help Norwegian
"{6FA439F8-EBD8-FF4D-8EE5-A52FE69A4248}" = Catalyst Control Center Localization Finnish
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73CD9967-000C-49C6-A900-C87D5B2D253F}" = Presto! PageManager 8.15.01 SE
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 ESD
"{757E0E87-8F54-46FD-BA00-54CCF341F4A9}" = ArcSoft Print Creations
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{773D872F-2FCB-4F5C-9E63-8E2291EBCF04}" = Railroad Tycoon 3 Demo
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{78B283AC-7F3C-41ED-9102-28E12CE08026}" = Audiator3
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{793E79A5-B52D-E287-37F2-398F530D74C7}" = Catalyst Control Center Localization Polish
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CF31609-270B-11D6-9445-000102308676}" = Java 2 Runtime Environment, SE v1.4.0_01
"{7CFFE053-748A-44DC-A248-06EA38E4BC03}" = School Tycoon
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7DCCF254-772C-11D6-941E-0002B31090EC}" = Helix Producer Plus 9
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{7F2FF077-4A0C-0F26-717C-617DED010B33}" = CCC Help English
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}" = Motorola Driver Installation 3.4.0
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84B08A69-C8B5-4EBF-ACB2-E0F97899A6E5}" = QuickBooks EasyStart Free Starter Edition
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8AD2EA30-5049-11D4-A08E-0080AD97BBF5}" = DJ Java Decompiler v.3.9.9.91
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 TBYB
"{8BF103B8-8C8E-2246-8C0D-C6C256E5E428}" = CCC Help French
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8C92D38B-C1DE-490A-B6D1-AAAA8E17DCE2}" = WinTasks Trial
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}" = SigmaTel MSCN Audio Player
"{8E9BA9AF-6A06-C7AC-5863-4A40CF29CE05}" = Catalyst Control Center Localization German
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon® 3
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{90E5D6A9-C373-357B-6659-8BF019E3C1D4}" = Catalyst Control Center Localization Dutch
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{9366C5C6-9434-C4C9-9804-FB4D7142874D}" = Catalyst Control Center Localization Portuguese
"{942DD738-A9F7-BBFA-3960-4558CB0EE272}" = Catalyst Control Center Localization Chinese Standard
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}" = Sound Blaster Live!
"{9860A9CF-7E71-43AC-888F-0B4D3EA212D1}" = Roxio Burn Engine
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{99D34763-7E45-4FE5-8424-28DBC3A5F0BF}" = GUIDE PLUS+™ for Windows® System - ATI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2F0810-3619-4E86-9072-973FBE1679C5}" = QuickBooks Simple Start 2009
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9EDE7573-F2B0-4FAC-8928-A7E9381BCB91}" = ArcSoft MediaImpression for Kodak
"{A0857F54-AE2D-F453-4069-C7D65AE36426}" = Catalyst Control Center Localization Chinese Traditional
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A0C0C34B-88FA-41F9-BFD7-30947A57421E}" = WLM Connector
"{A1B0117D-90D3-B3B5-D55C-76AEDD8F9F55}" = QRreader
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A21A4591-3608-4664-8CB2-64D02598B93F}" = QuickBooks
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2FA61E6-B46A-3489-BD5A-2991144A5BC4}" = CCC Help Portuguese
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A705B903-5186-4DC4-84FA-FB6DF9B20B11}" = CPR Locomotive Pack 1
"{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI (Studio 10)
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA75AFFC-C5F3-2497-FE56-48AA163EFE2B}" = CCC Help Russian
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.1
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B5C68E1B-A651-33AA-21A6-7CC2D69EEFA2}" = CCC Help Czech
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6DC0CAF-0D27-4ACE-8E34-8594C8D7C1DA}" = MMC85
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B74D4E10-0000-0000-0000-EDED00000102}" = Adobe ExtendScript Toolkit 1.0
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BBC370E3-309C-11D6-9445-000102308676}" = Java 2 SDK, SE v1.4.0_01
"{BC14A1F6-0511-4360-8351-FB7964979317}" = 3ds max 6 Reference Files
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE2686A1-ECF2-FF0E-9DF5-EC7A806AEED8}" = Catalyst Control Center Localization Thai
"{BED27751-CD2A-4C2F-9813-00B9B60C76FE}" = Railroad Tycoon II - Platinum
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4C91E02-D4E2-481E-BCBA-7D90CC8D43E1}" = LiveZilla
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C7EEF2B9-8C16-4A04-B98D-B1A952A47E55}" = Linksys Wireless-G USB Network Adapter
"{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2B8406-F144-3B99-F66E-8D1703C9A9C5}" = Catalyst Control Center Graphics Previews Common
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D064F16E-88DA-4E8F-BBAE-0E2AA9A6AE61}" = VP6 Decoder
"{D0DC1674-B5E8-4364-009E-B350048DD006}" = NHL 2005
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D3661269-10B6-495F-B4EE-539ABE3F9AA9}" = DVDDec
"{D4F3A4D4-84B1-3A40-14AA-422DE60EF96A}" = Skins
"{D51D9840-FABE-390B-24D2-D052332B311A}" = Catalyst Control Center Localization Spanish
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D88857C8-B36B-42CE-AC26-9FFFEEDB181A}" = RssReader
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{D9E96902-5743-D105-BCB7-FBD3C0DF3989}" = Catalyst Control Center Localization Swedish
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DC4CA6AE-0648-4BBF-B77C-354D48935A42}" = mProjector v2
"{DCE27619-6822-0D22-1405-9D2899DC1896}" = Catalyst Control Center Localization Norwegian
"{DD362256-A7A2-4524-9457-213DDC2AFC2A}" = Adobe After Effects 7.0
"{DF631413-9582-4114-8861-F84C15CB1510}" = QIF2CSV Pro
"{DF80DB18-7179-EB18-5818-E7F761DA59AE}" = CCC Help Danish
"{E1423608-F529-40A1-93CA-C7F396F30DF0}" = Google SketchUp
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5AED31E-3474-4C85-B492-42149DE37891}" = MySQL Server 5.0
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E698F77C-216C-8409-F4DC-E4AAECF5DEFF}" = Catalyst Control Center Localization Italian
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E7DAAF26-A0B0-1D77-0794-20D1314297F1}" = Catalyst Control Center Graphics Light
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}" = Styler
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EBE7050B-7988-4BC3-BBFD-5C6828859483}" = Game Cam v1.4
"{ECD94AA1-D865-4EF4-8F7C-5AA68D37ABE9}" = Autodesk MapGuide® Viewer ActiveX Control Release 6.3
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EED50C97-C79E-4149-BD82-7C5A22437708}" = Adobe Setup
"{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID (Studio 10)
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{EFCE5837-FC21-11D6-9D24-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_02
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F16A317A-6128-39E2-9607-20B5C70132E6}" = Catalyst Control Center Localization Hungarian
"{F2B34A83-5345-910F-EC0F-0D92A00D6E3B}" = CCC Help Turkish
"{F2BDC47D-18FA-5B10-58C0-9FFBDBE0B031}" = Catalyst Control Center Graphics Full New
"{F2EC36E8-62CE-46C3-824E-16654ABC2F62}" = Maya Shader Library for Maya 4.5
"{F3D677C8-612D-F5A8-A22F-2EF74F44000B}" = CCC Help Chinese Traditional
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{F66C0680-EBE5-4A01-BC13-D5F360CFA0EF}" = PHP 5.2.3
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F9220DB6-8E1A-4CBA-A6CB-45CF28B5ED9B}" = Flash Player Update for Flash 8
"{F92AB933-9FE7-4335-92BD-D1C3BA27613C}" = 3ds max 7
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9AB0D25-0085-8345-3F1A-5E5C714092B9}" = Catalyst Control Center Localization Danish
"{FABC8838-8153-480F-B084-F7ADB138EBEE}" = InstallShield X
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FD3D9B16-44E4-4231-E1E2-85C40A115F87}" = ATI Catalyst Install Manager
"{FEFE846E-DF0E-0AC6-0EA0-F85CE63CA275}" = CCC Help German
"{FFC18A8F-40A9-4C52-B1CD-BF4F65A61C55}" = MyInvoices & Estimates Deluxe
"{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup
"265ee61839e741e0a2fedd697c40b6c6" = NetBeans IDE 3.5.1
"7-Zip" = 7-Zip 4.42
"AceFTP 3 Pro" = AceFTP 3 Pro
"Adobe After Effects 7.0" = Adobe After Effects 7.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0.1" = Adobe Photoshop 7.0.1
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Adobe_a68eec966ce913ddaa63251dc82ed31" = Adobe Flash CS4 Professional
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ADShareit.com SWF2Video Converter Lite Trial_is1" = version 4.9.2
"Age of Empires" = Microsoft Age of Empires
"Akamai" = Akamai NetSession Interface
"AMIP" = AMIP (remove only)
"ATI Display Driver" = ATI Display Driver
"AutoCAD 2009 - English" = AutoCAD 2009 - English
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"Autoruner" = Patches Programming Autoruner .0.1
"AviSynth" = AviSynth 2.5
"AviSynth2" = AviSynth 2 (remove only)
"BandwidthSimulator" = RealPlayer Bandwidth Simulator
"BearShare" = BearShare
"Bridge Builder" = Bridge Builder
"BroadCam" = BroadCam
"Browser Defender_is1" = Browser Defender 3.0
"CCleaner" = CCleaner
"Chess Titans" = Chess Titans
"CNXT_MODEM_PCI_VEN_14F1&DEV_2702" = Conexant SmartHSFi V92 56K Speakerphone PCI Modem
"CodeLifter 5.0" = CodeLifter 5.0
"CoinManage_2001" = CoinManage 2004
"Color Schemer Studio_is1" = Color Schemer Studio
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.dansl.QRreader.49F9C73396E2B5C8FD7A794D4AA84ADE24BBC9FB.1" = QRreader
"ConquerCam_is1" = ConquerCam 2.7b3
"CrossCheck" = CrossCheck
"Cult3D ActiveX Player" = Cult3D ActiveX Player
"CurrencyManage_2001" = CurrencyManage 2004
"Defraggler" = Defraggler
"Dell AIO Printer A920" = Dell AIO Printer A920
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriverGuide DriverScan" = DriverGuide DriverScan
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Identifier_is1" = DVD Identifier
"DVD Shrink_is1" = DVD Shrink 3.2
"DVD2SVCD Software Bundle_is1" = DVD2SVCD 1.2.2 Build 3
"Easy Real Converter_is1" = Easy Real Converter V1.2
"Easy Thumbnails_is1" = Easy Thumbnails (Remove only)
"Easy Video Capture_is1" = Easy Video Capture 1.0
"EO_Video_1.3" = EO Video 1.36
"EPSON Artisan 810 Series" = EPSON Artisan 810 Series Printer Uninstall
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Excessive Plus1.02a" = Excessive Plus
"Eyeline" = Eyeline
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FileZilla Client" = FileZilla Client 3.2.2.1
"Flash Saver Maker_is1" = Flash Saver Maker 1.60
"Flash to Video Encoder Pro_is1" = Flash to Video Encoder Pro
"Flashants SWF2Video Plug-in for Adobe Premiere Pro_is1" = SWF2Video Plug-in for Adobe Premiere Pro
"Flashants SWF2Video Pro 1.0" = Flashants SWF2Video Pro 1.0
"Flashants SWF2Video Pro 1.0 Trial" = Flashants SWF2Video Pro 1.0 Trial
"FLV Direct Player" = FLV Direct Player
"Flv Recorder_is1" = FlvRecorder
"FLVPlayer" = FLV Player 1.3.3
"FontCreator55_is1" = FontCreator 5.5
"Free Fire Screensaver" = Free Fire Screensaver
"FreeJava 2" = FreeJava 2
"FTPRush_is1" = FTPRush v1 Unicode
"Fugawi TiffConverter" = Fugawi TiffConverter
"Fugawi45_is1" = Fugawi 4.5
"Garfield Fall Screensaver" = Garfield Fall Screensaver Screen Saver
"gmms_is1" = gmms 0.0.1
"GnuCash_is1" = GnuCash 2.2.9
"GOM Player" = GOM Player
"Google Desktop" = Google Desktop
"GoogleVideoPlayer" = Google Video Player
"GTK 2.0" = GTK+ Runtime 2.6.9 rev a (remove only)
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Gutterball" = Gutterball
"HammerHead Rhythm Station" = HammerHead Rhythm Station
"HideOE" = HideOE v1.1 (build 1)
"HijackThis" = HijackThis 1.99.1
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"IceBreaker" = IceBreaker
"IconCool Studio Pro 5" = IconCool Studio Pro 5
"ICQ" = ICQ
"iMeshBar Uninstall" = iMeshBar
"InfraRecorder" = InfraRecorder
"Installer VISE 3.5.1" = Installer VISE 3.5.1
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{A0C0C34B-88FA-41F9-BFD7-30947A57421E}" = WLM Connector
"InstallShield_{B6DC0CAF-0D27-4ACE-8E34-8594C8D7C1DA}" = ATI Multimedia Center 8.5.0.0
"InstallShield_{D3661269-10B6-495F-B4EE-539ABE3F9AA9}" = ATI DVD Decoder 2.2.0.0
"InterActual Player" = InterActual Player
"IPALOOKUP0200_is1" = IP Address Lookup v1.0.090604
"IrfanView" = IrfanView (remove only)
"jGRASP" = jGRASP
"jlGui2.2" = jlGui2.2
"LaCie Device Updater" = LaCie Device Updater
"LastFM_is1" = Last.fm 1.5.4.27091
"LiveZilla" = LiveZilla
"Logitech Print Service" = Logitech Print Service
"LucasArts' Rogue Squadron" = LucasArts' Rogue Squadron
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Matroska Pack" = Matroska Pack
"Maya 5.0 Documentation Server" = Maya 5.0 Documentation Server
"Maya 5.0 en_US documentation" = Maya 5.0 en_US documentation
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Microsoft Press Interactive Training" = Microsoft Interactive Training
"Mini Golf Mayhem demo" = Mini Golf Mayhem demo
"mIRC" = mIRC
"Monster Truck Madness 2.0" = Microsoft Monster Truck Madness 2
"Mozilla (1.4)" = Mozilla (1.4)
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"mProjector v2 r10d" = mProjector v2 r10d
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSGOLF30" = Microsoft Golf 3.0
"MSMONEYV60" = Microsoft Money 98
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Musicnotes Player_is1" = Musicnotes Player V1.22.2
"MVApplication1" = SureThing CD Labeler 4 SE
"MySQL Servers and Clients 4.0.17" = MySQL Servers and Clients 4.0.17
"Need For Speed III" = Need For Speed III
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Net Transport_is1" = Net Transport 1.94.282
"No-IP.com DUC" = No-IP.com DUC (remove only)
"NoIPDUC" = No-IP DUC
"NSIS" = Nullsoft Install System
"NSVEnc" = NSV Encoder (remove only)
"Opera" = Opera
"Paintball Party_is1" = Paintball Party 1.51
"PayPal Shopping Cart" = PayPal Shopping Cart
"Photobleepet" = Photobleepet
"Pinnacle Hollywood FX Pack - ATI FX" = Pinnacle Hollywood FX Pack - ATI FX
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PopUp Maker 5.0" = PopUp Maker 5.0
"Power Tab Editor 1.7" = Power Tab Editor 1.7
"PowerISO" = PowerISO
"PPTView97" = Microsoft PowerPoint Viewer 97
"PROSet" = Intel® PRO Network Adapters and Drivers
"PunkBusterSvc" = PunkBuster Services
"Quake 3 Arena Demo" = Quake 3 Arena Demo
"Quake III Arena" = Quake III Arena
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"Radio Toolbox" = Radio Toolbox
"RadioToolBox" = Radio ToolBox
"RealPlayer 6.0" = RealPlayer
"REAPER" = REAPER
"Recuva" = Recuva (remove only)
"Replay Media Catcher" = Replay Media Catcher
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"Riva FLV Player_is1" = Riva FLV Player
"RM to MP3 Converter_is1" = RM to MP3 Converter 1.48
"Rocket Mania Deluxe 1.0" = Rocket Mania Deluxe 1.0
"RSNet EDN" = Red Swoosh EDN Client (remove only)
"SAM3" = SAM Broadcaster (remove only)
"SCDNAS" = SHOUTcast DNAS (remove only)
"ScreenTime for Flash 2.5.2 Demo" = ScreenTime for Flash 2.5.2 Demo
"Shockwave" = Shockwave
"Shogo" = Shogo
"Shogo Demo" = Shogo Demo
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"SimCity 3000" = SimCity 3000
"SkillJam SecurePlayer" = Secure Game Player
"Sothink SWF to Video Converter_is1" = Sothink SWF to Video Converter
"Spyware Doctor" = Spyware Doctor 8.0
"ST6UNST #1" = LinkCheck V1.0
"SWI-Prolog" = SWI-Prolog (remove only)
"TeamViewer 4" = TeamViewer 4
"Train Simulator 1.0" = Microsoft Train Simulator
"Turbine Video Encoder_is1" = Turbine Video Encoder - Free Edition 1.0
"UnHackMe_is1" = UnHackMe 1.0
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"uTorrent" = µTorrent
"vcmm" = Vice City Mod Manager
"Visual C++ 6.0 Standard Edition" = Microsoft Visual C++ 6.0 Standard Edition
"VLC media player" = VLC media player 1.1.5
"vp31vfw codec" = vp31vfw codec
"Website Ripper Copier" = Website Ripper Copier
"Wheel of Fortune Deluxe" = Wheel of Fortune Deluxe (remove only)
"WinAce Archiver" = WinAce Archiver
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WM_Recorder_102" = WM Recorder + RM Recorder 10.21
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xenofex2Demo" = Alien Skin Xenofex 2.0 Demo
"Xenu's Link Sleuth" = Xenu's Link Sleuth
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4205683485-3212168527-1303186231-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CN Blackfoot Vegreville Subs v2 Route" = CN Blackfoot Vegreville Subs v2 Route
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III
"Warcraft III Demo" = Warcraft III Demo

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/04/2011 7:47:02 PM | Computer Name = DAWSON | Source = MySQL | ID = 100
Description =

Error - 20/04/2011 10:32:38 PM | Computer Name = DAWSON | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 2.0.0.4094, faulting module
npswf32.dll, version 10.2.153.1, fault address 0x0037bfd5.

Error - 20/04/2011 11:03:11 PM | Computer Name = DAWSON | Source = Application Hang | ID = 1002
Description = Hanging application gmer.exe, version 1.0.15.15570, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 23/04/2011 2:11:11 PM | Computer Name = DAWSON | Source = Apache Service | ID = 3299
Description = The Apache service named Apache.exe reported the following error: >>>
[Sat Apr 23 12:11:11 2011] [warn] Loaded DSO c:/Server/PHP-5-2-3/php5apache.dll
uses plain Apache 1.3 API, this module might crash under EAPI! (please recompile
it with -DEAPI) <<< before the error.log file could be opened. More information
may be available in the error.log file. .

Error - 23/04/2011 2:12:16 PM | Computer Name = DAWSON | Source = MySQL | ID = 100
Description =

Error - 23/04/2011 2:12:16 PM | Computer Name = DAWSON | Source = MySQL | ID = 100
Description =

Error - 23/04/2011 2:12:16 PM | Computer Name = DAWSON | Source = MySQL | ID = 100
Description =

Error - 28/04/2011 3:58:36 PM | Computer Name = DAWSON | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00372903.

Error - 30/04/2011 4:10:51 PM | Computer Name = DAWSON | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00372903.

Error - 30/04/2011 7:17:21 PM | Computer Name = DAWSON | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00372903.

[ System Events ]
Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The Kodak Camera Connection Software service failed to start due to
the following error: %%2

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The ATI WDM Specialized MVD Codec service failed to start due to the
following error: %%1058

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The ATI WDM Specialized PCD Codec service failed to start due to the
following error: %%1058

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the QBCFMonitorService service
to connect.

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The PC Tools Auxiliary Service service failed to start due to the
following error: %%5

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The PC Tools Security Service service failed to start due to the following
error: %%5

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7000
Description = The StarWind iSCSI Service service failed to start due to the following
error: %%2

Error - 23/04/2011 2:13:28 PM | Computer Name = DAWSON | Source = Service Control Manager | ID = 7034
Description = The MySQLNoguskaNolaPro service terminated unexpectedly. It has done
this 1 time(s).

Error - 27/04/2011 1:46:03 AM | Computer Name = DAWSON | Source = Print | ID = 6161
Description =

Error - 27/04/2011 1:47:06 AM | Computer Name = DAWSON | Source = Print | ID = 6161
Description =

[ TuneUp Events ]
Error - 02/12/2009 11:32:45 AM | Computer Name = DAWSON | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 03/12/2009 11:28:40 PM | Computer Name = DAWSON | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 19/01/2010 1:03:47 AM | Computer Name = DAWSON | Source = TuneUp Program Statistics | ID = 131840
Description =


< End of report >

#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:13 PM

Posted 03 May 2011 - 06:26 PM

Hi,

did you set these proxies:

FF - prefs.js..network.proxy.backup.ftp: "65.213.194.11"
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "65.213.194.11"
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "65.213.194.11"
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "65.213.194.11"
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "70.226.132.214"
FF - prefs.js..network.proxy.ftp_port: 3182
FF - prefs.js..network.proxy.gopher: "70.226.132.214"
FF - prefs.js..network.proxy.gopher_port: 3182
FF - prefs.js..network.proxy.http: "70.226.132.214"
FF - prefs.js..network.proxy.http_port: 3182
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "70.226.132.214"
FF - prefs.js..network.proxy.socks_port: 3182
FF - prefs.js..network.proxy.ssl: "70.226.132.214"
FF - prefs.js..network.proxy.ssl_port: 3182

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 dnirvine

dnirvine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 08 May 2011 - 06:29 PM

Howdy,
I did not set those proxies... and looking at them I figure that would cause the problem... wouldn't it. :)

In the mean time however my computer got a severe case of the BSOD. I couldn't start up my computer in any mode (safe mode, normal, command prompt) nothing. It just gave me the BSOD. So I went out, Bought a new (bigger) Hard Drive and re-installed XP. I am now moving the data I need from my old hard drive to my new one.

Thanks for the help but I don't need it any more. At least, until the next time I get infected and can't fix it. :)

#12 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:13 PM

Posted 11 May 2011 - 10:42 AM

Hi,

sorry to hear things ended badly. Best of luck with the new hard drive.

Do you have any moer questions or should I go ahead and close this thread?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#13 dnirvine

dnirvine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 12 May 2011 - 12:48 AM

I don't think I have any questions...
You should be able to close the thread. :-)

Thanks again for the help you did provide!

#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:02:13 PM

Posted 12 May 2011 - 09:55 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users