Browsers freezing up [Solved]

Hello, I have a problem. I was sent here from "Web Browsers and Email ". http://www.geekstogo...87#entry1688087

When I ran RootRepeal, I got a message. I ran it twice, once for each selection. Did I do something wrong?

RootRepeal:

Window:
Mismatch between the kernel reported by Windows and the one reported by a hardware scan. Do you want to use the kernel reported by Windows?

Entered - "NO":

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/19 07:07
Program Version: Version 1.3.5.0
Windows Version: Windows XP Media Center Edition SP2
==================================================

Drivers
-------------------
Name: dump_iastor.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_iastor.sys
Address: 0xEB974000 Size: 872448 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xEC47C000 Size: 49152 File Visible: No Signed: -
Status: -

SSDT
-------------------
ServiceTable Hooked [0x805614c0]!

#: 000 Function Name: NtAcceptConnectPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80588fbb

#: 001 Function Name: NtAccessCheck
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057c8e4

#: 002 Function Name: NtAccessCheckAndAuditAlarm
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805aecb8

#: 003 Function Name: NtAccessCheckByType
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805ad021

#: 004 Function Name: NtAccessCheckByTypeAndAuditAlarm
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805aed3f

#: 005 Function Name: NtAccessCheckByTypeResultList
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8063e3e4

#: 006 Function Name: NtAccessCheckByTypeResultListAndAuditAlarm
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80640575

#: 007 Function Name: NtAccessCheckByTypeResultListAndAuditAlarmByHandle
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806405be

#: 008 Function Name: NtAddAtom
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80578f6e

#: 009 Function Name: NtAddBootEntry
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e28b

#: 010 Function Name: NtAdjustGroupsToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8063dba7

#: 011 Function Name: NtAdjustPrivilegesToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805ae676

#: 012 Function Name: NtAlertResumeThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80635eba

#: 013 Function Name: NtAlertThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80582caf

#: 014 Function Name: NtAllocateLocallyUniqueId
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a91d5

#: 015 Function Name: NtAllocateUserPhysicalPages
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8062cd0a

#: 016 Function Name: NtAllocateUuids
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a3519

#: 017 Function Name: NtAllocateVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056fe06

#: 018 Function Name: NtAreMappedFilesTheSame
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a4415

#: 019 Function Name: NtAssignProcessToJobObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a501c

#: 021 Function Name: NtCancelDeviceWakeupRequest
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e277

#: 022 Function Name: NtCancelIoFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805b83ab

#: 023 Function Name: NtCancelTimer
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x804ebbb7

#: 024 Function Name: NtClearEvent
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056f718

#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056e9e9

#: 026 Function Name: NtCloseObjectAuditAlarm
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a8b7e

#: 027 Function Name: NtCompactKeys
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80654597

#: 028 Function Name: NtCompareTokens
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a7d92

#: 029 Function Name: NtCompleteConnectPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80587de6

#: 030 Function Name: NtCompressKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80654805

#: 031 Function Name: NtConnectPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a8c64

#: 033 Function Name: NtCreateDebugObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8065f554

#: 034 Function Name: NtCreateDirectoryObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805b9add

#: 035 Function Name: NtCreateEvent
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057545b

#: 036 Function Name: NtCreateEventPair
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e8dc

#: 037 Function Name: NtCreateFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057e500

#: 038 Function Name: NtCreateIoCompletion
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805afddb

#: 039 Function Name: NtCreateJobObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805e4714

#: 040 Function Name: NtCreateJobSet
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80636361

#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80576d63

#: 042 Function Name: NtCreateMailslotFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805e5dd4

#: 043 Function Name: NtCreateMutant
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057974a

#: 044 Function Name: NtCreateNamedPipeFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8058999e

#: 045 Function Name: NtCreatePagingFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805c4381

#: 046 Function Name: NtCreatePort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80594d80

#: 047 Function Name: NtCreateProcess
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805c0020

#: 048 Function Name: NtCreateProcessEx
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8058b3bc

#: 049 Function Name: NtCreateProfile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064eefd

#: 050 Function Name: NtCreateSection
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056ce25

#: 051 Function Name: NtCreateSemaphore
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805793d2

#: 052 Function Name: NtCreateSymbolicLinkObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a3fa8

#: 053 Function Name: NtCreateThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8058559a

#: 054 Function Name: NtCreateTimer
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80596d39

#: 055 Function Name: NtCreateToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805b5f03

#: 056 Function Name: NtCreateWaitablePort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805b9e48

#: 057 Function Name: NtDebugActiveProcess
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806606d1

#: 058 Function Name: NtDebugContinue
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8066082b

#: 059 Function Name: NtDelayExecution
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056db59

#: 060 Function Name: NtDeleteAtom
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a803e

#: 061 Function Name: NtDeleteBootEntry
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e277

#: 062 Function Name: NtDeleteFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805e3eea

#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80593b81

#: 064 Function Name: NtDeleteObjectAuditAlarm
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80640615

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805927d8

#: 066 Function Name: NtDeviceIoControlFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8058969a

#: 067 Function Name: NtDisplayString
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805c5820

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80580714

#: 069 Function Name: NtDuplicateToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057cc1c

#: 070 Function Name: NtEnumerateBootEntries
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e28b

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80577ed8

#: 072 Function Name: NtEnumerateSystemEnvironmentValuesEx
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e263

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80587881

#: 074 Function Name: NtExtendSection
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8062bcc9

#: 075 Function Name: NtFilterToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805dee2d

#: 076 Function Name: NtFindAtom
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805af652

#: 077 Function Name: NtFlushBuffersFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80582de5

#: 078 Function Name: NtFlushInstructionCache
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80585f07

#: 079 Function Name: NtFlushKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805b3e35

#: 080 Function Name: NtFlushVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a63f0

#: 081 Function Name: NtFlushWriteBuffer
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8062d569

#: 082 Function Name: NtFreeUserPhysicalPages
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8062d0bf

#: 083 Function Name: NtFreeVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805704a0

#: 084 Function Name: NtFsControlFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057cfde

#: 085 Function Name: NtGetContextThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80633e49

#: 086 Function Name: NtGetDevicePowerState
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80632317

#: 087 Function Name: NtGetPlugPlayEvent
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80599fca

#: 088 Function Name: NtGetWriteWatch
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8053ebf9

#: 089 Function Name: NtImpersonateAnonymousToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80594935

#: 090 Function Name: NtImpersonateClientOfPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a7705

#: 091 Function Name: NtImpersonateThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805869c1

#: 092 Function Name: NtInitializeRegistry
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805ba04d

#: 093 Function Name: NtInitiatePowerAction
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806320e3

#: 094 Function Name: NtIsProcessInJob
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80636217

#: 095 Function Name: NtIsSystemResumeAutomatic
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806322fe

#: 096 Function Name: NtListenPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805dc48c

#: 097 Function Name: NtLoadDriver
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805b8ba9

#: 098 Function Name: NtLoadKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805df2f6

#: 099 Function Name: NtLoadKey2
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805df144

#: 100 Function Name: NtLockFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a8632

#: 101 Function Name: NtLockProductActivationKeys
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805dc558

#: 102 Function Name: NtLockRegistryKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805da37b

#: 103 Function Name: NtLockVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805bdc85

#: 104 Function Name: NtMakePermanentObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a42c0

#: 105 Function Name: NtMakeTemporaryObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a4209

#: 106 Function Name: NtMapUserPhysicalPages
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8062c366

#: 107 Function Name: NtMapUserPhysicalPagesScatter
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8062c7bf

#: 108 Function Name: NtMapViewOfSection
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057f853

#: 109 Function Name: NtModifyBootEntry
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e277

#: 110 Function Name: NtNotifyChangeDirectoryFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805ac48c

#: 111 Function Name: NtNotifyChangeKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805adf1b

#: 112 Function Name: NtNotifyChangeMultipleKeys
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805add2d

#: 113 Function Name: NtOpenDirectoryObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80587723

#: 114 Function Name: NtOpenEvent
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80587ad6

#: 115 Function Name: NtOpenEventPair
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e9cd

#: 116 Function Name: NtOpenFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057e674

#: 117 Function Name: NtOpenIoCompletion
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8061fb23

#: 118 Function Name: NtOpenJobObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806365b9

#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80571cbc

#: 120 Function Name: NtOpenMutant
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805797f8

#: 121 Function Name: NtOpenObjectAuditAlarm
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805e8435

#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80580ba8

#: 123 Function Name: NtOpenProcessToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80576746

#: 124 Function Name: NtOpenProcessTokenEx
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057669d

#: 125 Function Name: NtOpenSection
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805792a3

#: 126 Function Name: NtOpenSemaphore
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a4387

#: 127 Function Name: NtOpenSymbolicLinkObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805876a6

#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805ae1fd

#: 129 Function Name: NtOpenThreadToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80574f0a

#: 130 Function Name: NtOpenThreadTokenEx
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80574e04

#: 131 Function Name: NtOpenTimer
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e803

#: 132 Function Name: NtPlugPlayControl
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80595e05

#: 133 Function Name: NtPowerInformation
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805b3ffa

#: 134 Function Name: NtPrivilegeCheck
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80596100

#: 135 Function Name: NtPrivilegeObjectAuditAlarm
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a365f

#: 136 Function Name: NtPrivilegedServiceAuditAlarm
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805dc210

#: 137 Function Name: NtProtectVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80580d2f

#: 138 Function Name: NtPulseEvent
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805b9da0

#: 139 Function Name: NtQueryAttributesFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057a0c0

#: 140 Function Name: NtQueryBootEntryOrder
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e28b

#: 141 Function Name: NtQueryBootOptions
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e28b

#: 142 Function Name: NtQueryDebugFilterState
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x804fb511

#: 143 Function Name: NtQueryDefaultLocale
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056e139

#: 144 Function Name: NtQueryDefaultUILanguage
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80586e9d

#: 145 Function Name: NtQueryDirectoryFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80581307

#: 146 Function Name: NtQueryDirectoryObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8058ee40

#: 147 Function Name: NtQueryEaFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8061fd6c

#: 148 Function Name: NtQueryEvent
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8058748d

#: 149 Function Name: NtQueryFullAttributesFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805847fa

#: 150 Function Name: NtQueryInformationAtom
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805ba48a

#: 151 Function Name: NtQueryInformationFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057fb72

#: 152 Function Name: NtQueryInformationJobObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8058bac3

#: 153 Function Name: NtQueryInformationPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80629969

#: 154 Function Name: NtQueryInformationProcess
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80574fee

#: 155 Function Name: NtQueryInformationThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057464a

#: 156 Function Name: NtQueryInformationToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80575534

#: 157 Function Name: NtQueryInstallUILanguage
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80587fd7

#: 158 Function Name: NtQueryIntervalProfile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064f3af

#: 159 Function Name: NtQueryIoCompletion
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8061fbe4

#: 160 Function Name: NtQueryKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80577ad8

#: 161 Function Name: NtQueryMultipleValueKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80653fb8

#: 162 Function Name: NtQueryMutant
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064ed36

#: 163 Function Name: NtQueryObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8058a02f

#: 164 Function Name: NtQueryOpenSubKeys
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806541be

#: 165 Function Name: NtQueryPerformanceCounter
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056f8fb

#: 166 Function Name: NtQueryQuotaInformationFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8062061d

#: 167 Function Name: NtQuerySection
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80586354

#: 168 Function Name: NtQuerySecurityObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80595128

#: 169 Function Name: NtQuerySemaphore
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064db3b

#: 170 Function Name: NtQuerySymbolicLinkObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80587517

#: 171 Function Name: NtQuerySystemEnvironmentValue
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e2b3

#: 172 Function Name: NtQuerySystemEnvironmentValueEx
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e24d

#: 173 Function Name: NtQuerySystemInformation
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80584945

#: 174 Function Name: NtQuerySystemTime
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a8f65

#: 175 Function Name: NtQueryTimer
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805acc20

#: 176 Function Name: NtQueryTimerResolution
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8058c9e9

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80572100

#: 178 Function Name: NtQueryVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805799d7

#: 179 Function Name: NtQueryVolumeInformationFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057e7b2

#: 180 Function Name: NtQueueApcThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805acb7b

#: 182 Function Name: NtRaiseHardError
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064d877

#: 183 Function Name: NtReadFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80579ceb

#: 184 Function Name: NtReadFileScatter
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80620ef3

#: 185 Function Name: NtReadRequestData
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a7c1d

#: 186 Function Name: NtReadVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805867d8

#: 187 Function Name: NtRegisterThreadTerminatePort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80585ceb

#: 188 Function Name: NtReleaseMutant
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056dbc4

#: 189 Function Name: NtReleaseSemaphore
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80582fb9

#: 190 Function Name: NtRemoveIoCompletion
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056e65f

#: 191 Function Name: NtRemoveProcessDebug
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806607a6

#: 192 Function Name: NtRenameKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806543ff

#: 193 Function Name: NtReplaceKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806548f2

#: 194 Function Name: NtReplyPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057c915

#: 195 Function Name: NtReplyWaitReceivePort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80574629

#: 196 Function Name: NtReplyWaitReceivePortEx
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80574141

#: 197 Function Name: NtReplyWaitReplyPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80629a48

#: 198 Function Name: NtRequestDeviceWakeup
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8063228b

#: 199 Function Name: NtRequestPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805e86b3

#: 200 Function Name: NtRequestWaitReplyPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805781a2

#: 201 Function Name: NtRequestWakeupLatency
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80632084

#: 202 Function Name: NtResetEvent
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805970a5

#: 203 Function Name: NtResetWriteWatch
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8053f072

#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80653410

#: 205 Function Name: NtResumeProcess
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80635e5a

#: 206 Function Name: NtResumeThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80585c11

#: 207 Function Name: NtSaveKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806534b7

#: 208 Function Name: NtSaveKeyEx
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8065354f

#: 209 Function Name: NtSaveMergedKeys
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80653623

#: 210 Function Name: NtSecureConnectPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805887f1

#: 211 Function Name: NtSetBootEntryOrder
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e28b

#: 212 Function Name: NtSetBootOptions
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e28b

#: 213 Function Name: NtSetContextThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8063406f

#: 214 Function Name: NtSetDebugFilterState
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80662188

#: 215 Function Name: NtSetDefaultHardErrorPort
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805bf911

#: 216 Function Name: NtSetDefaultLocale
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805e4d81

#: 217 Function Name: NtSetDefaultUILanguage
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805e4d28

#: 218 Function Name: NtSetEaFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806202b1

#: 219 Function Name: NtSetEvent
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8056f689

#: 220 Function Name: NtSetEventBoostPriority
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057a997

#: 221 Function Name: NtSetHighEventPair
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064ecc1

#: 222 Function Name: NtSetHighWaitLowEventPair
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064ebe5

#: 223 Function Name: NtSetInformationDebugObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80660145

#: 224 Function Name: NtSetInformationFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805833c8

#: 225 Function Name: NtSetInformationJobObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805e4868

#: 226 Function Name: NtSetInformationKey
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80653b1b

#: 227 Function Name: NtSetInformationObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80587f56

#: 228 Function Name: NtSetInformationProcess
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80579ead

#: 229 Function Name: NtSetInformationThread
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057a7aa

#: 230 Function Name: NtSetInformationToken
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805b559d

#: 231 Function Name: NtSetIntervalProfile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064eedb

#: 232 Function Name: NtSetIoCompletion
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8057490f

#: 233 Function Name: NtSetLdtEntries
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x80634d73

#: 234 Function Name: NtSetLowEventPair
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064ec57

#: 235 Function Name: NtSetLowWaitHighEventPair
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064eb73

#: 236 Function Name: NtSetQuotaInformationFile
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x806205f5

#: 237 Function Name: NtSetSecurityObject
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805a6e94

#: 238 Function Name: NtSetSystemEnvironmentValue
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e550

#: 239 Function Name: NtSetSystemEnvironmentValueEx
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064e24d

#: 240 Function Name: NtSetSystemInformation
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805e5227

#: 241 Function Name: NtSetSystemPowerState
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8066d103

#: 242 Function Name: NtSetSystemTime
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x8064d52b

#: 243 Function Name: NtSetThreadExecutionState
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805ea29a

#: 244 Function Name: NtSetTimer
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x804e7a15

#: 245 Function Name: NtSetTimerResolution
Status: Hooked by "C:\WINDOWS\system32\TUKERNEL.EXE" at address 0x805ea5==EOF==

Window:
Warning: The SSDT in our driver has been faked (0x80561500)!


Entered - "YES":

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/19 07:11
Program Version: Version 1.3.5.0
Windows Version: Windows XP Media Center Edition SP2
==================================================

Drivers
-------------------
Name: dump_iastor.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_iastor.sys
Address: 0xEB974000 Size: 872448 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB8451000 Size: 49152 File Visible: No Signed: -
Status: -

==EOF==


I ran OTL. I got two different reports:

OTL logfile created on: 11/19/2009 7:21:35 AM - Run 1
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Documents and Settings\Mike\My Documents
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.09 Mb Total Physical Memory | 406.29 Mb Available Physical Memory | 39.75% Memory free
2.40 Gb Paging File | 1.82 Gb Available in Paging File | 75.51% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 91.63 Gb Free Space | 63.49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D39XJF91
Current User Name: Mike
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/19 07:15:08 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\OTL.exe
PRC - [2009/11/02 22:23:08 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/09/17 14:29:04 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/09/17 14:29:04 | 00,645,328 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/09/16 10:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/09/16 09:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/09/15 10:23:54 | 00,894,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/07/08 11:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/02/25 16:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009/02/25 16:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008/12/18 09:47:08 | 09,158,656 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
PRC - [2008/12/05 16:11:54 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/06/09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/06/09 10:16:32 | 02,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2007/11/15 09:45:18 | 00,732,648 | ---- | M] (Staples and Serence Inc.) -- C:\Program Files\Staples Easy Button\EasyButton.exe
PRC - [2007/11/02 20:12:50 | 00,262,144 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
PRC - [2007/11/02 18:44:16 | 00,610,304 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2007/10/19 20:46:08 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2007/10/14 21:17:32 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/10/14 20:38:52 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2007/09/19 03:33:46 | 00,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2007/06/13 05:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/01 15:51:26 | 00,257,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2007/06/01 15:51:22 | 00,501,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/04/01 05:04:35 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/02/27 11:39:26 | 01,310,720 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2006/10/09 15:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe
PRC - [2005/09/08 20:20:46 | 00,464,384 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
PRC - [2005/09/08 20:20:46 | 00,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
PRC - [2005/08/05 14:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe
PRC - [2005/08/05 14:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2005/06/17 08:56:14 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2005/06/17 08:55:58 | 00,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005/06/10 11:44:02 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005/03/23 01:20:44 | 00,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/04/07 13:07:32 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2003/09/03 21:12:44 | 00,221,184 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
PRC - [2001/08/21 11:08:56 | 00,090,112 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\PELMICED.EXE
PRC - [2001/08/10 08:03:58 | 00,301,568 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\Lexbces.exe
PRC - [2001/08/10 08:01:22 | 00,169,472 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\Lexpps.exe
PRC - [2001/04/12 12:13:38 | 00,040,960 | ---- | M] (Lexmark International) -- C:\WINDOWS\system32\Shpc32.exe


========== Modules (SafeList) ==========

MOD - [2009/11/19 07:15:08 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\OTL.exe
MOD - [2006/08/25 10:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/10 06:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (PavPrSrv)
SRV - File not found -- -- (GoogleDesktopManager-061008-081103)
SRV - File not found -- -- (0009171258509795mcinstcleanup)
SRV - [2009/09/17 14:29:04 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/09/16 11:23:32 | 00,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/09/16 10:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/09/16 09:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/09/15 10:23:54 | 00,894,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/07/08 20:22:22 | 00,068,112 | ---- | M] (McAfee) -- C:\Program Files\McAfee\MBK\MBackMonitor.exe -- (MBackMonitor)
SRV - [2009/07/08 11:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/03/21 03:04:22 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/02/25 16:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009/02/25 14:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2008/12/18 09:47:08 | 09,158,656 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -- (MSSQL$MICROSOFTSMLBIZ)
SRV - [2008/12/05 16:11:54 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008/06/09 10:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/01/16 19:14:20 | 00,053,760 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/01/16 19:14:18 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2007/11/06 21:16:54 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/11/06 21:16:54 | 00,139,264 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2007/06/01 15:51:22 | 00,501,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2007/05/03 13:31:12 | 00,074,656 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007/03/29 11:17:56 | 00,887,544 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/10/09 15:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2006/09/16 21:08:00 | 00,071,184 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2006/05/30 18:03:57 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2005/12/12 17:52:32 | 00,180,224 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe -- (ELService)
SRV - [2005/08/05 14:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe -- (ehSched)
SRV - [2005/08/05 14:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc)
SRV - [2005/06/17 08:55:58 | 00,086,140 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMon)
SRV - [2005/05/03 21:50:28 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper)
SRV - [2005/05/03 20:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTSMLBIZ)
SRV - [2004/11/19 12:26:40 | 00,147,456 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/10 06:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2004/04/07 13:07:32 | 01,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001/08/10 08:03:58 | 00,301,568 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\Lexbces.exe -- (LexBceS)


========== Driver Services (SafeList) ==========

DRV - [2009/09/16 10:22:48 | 00,214,664 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 00,079,816 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 00,040,552 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 00,035,272 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 00,034,248 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/07/16 12:32:26 | 00,120,136 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009/02/25 17:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/11/20 14:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/11/01 06:28:07 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2007/11/01 06:28:06 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2007/11/01 06:28:06 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2007/02/27 11:39:26 | 00,032,256 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2006/10/10 12:53:48 | 00,005,632 | ---- | M] () -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2006/09/19 13:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2006/05/14 13:50:07 | 00,008,413 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\system32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2005/12/12 17:52:34 | 00,010,112 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ELhid.sys -- (ELhid)
DRV - [2005/12/12 17:52:34 | 00,007,040 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ELmon.sys -- (ELmon)
DRV - [2005/12/12 17:52:34 | 00,006,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ELkbd.sys -- (ELkbd)
DRV - [2005/12/12 17:52:34 | 00,006,400 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ELmou.sys -- (ELmou)
DRV - [2005/12/12 17:52:32 | 00,007,808 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2005/10/20 20:47:05 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx)
DRV - [2005/08/25 20:05:24 | 00,176,128 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express)
DRV - [2005/06/17 13:33:40 | 00,872,064 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iastor.sys -- (iastor)
DRV - [2005/06/14 23:40:08 | 00,180,864 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2004/08/12 18:45:54 | 00,137,728 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/10 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/04 00:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004/08/04 00:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/03 23:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/06/16 04:52:40 | 00,061,157 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 05:15:34 | 00,647,929 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 01,233,525 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 00,037,048 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/01/10 17:13:04 | 00,033,588 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2001/08/17 15:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 14:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B)
DRV - [2001/07/24 10:34:34 | 00,007,520 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\drivers\pelusblf.sys -- (pelusblf)
DRV - [2001/01/09 16:49:28 | 00,027,088 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2000/10/24 16:35:56 | 00,040,448 | ---- | M] (DeviceGuys, Inc.) -- C:\WINDOWS\system32\drivers\DgivEcp.sys -- (DgiVecp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn...autosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "eBay"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5
FF - prefs.js..extensions.enabledItems: {eb46c787-131a-4eb7-9b93-7f62ca550917}:0.4.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.0


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/13 20:29:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/14 05:28:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/14 05:28:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.3.1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2009/06/04 12:19:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.3.1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins [2009/06/04 12:21:47 | 00,000,000 | ---D | M]

[2008/09/12 11:28:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2008/09/12 11:28:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/18 14:44:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions
[2008/04/05 10:10:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{1BF7AC8B-3EE4-46be-AD8B-7F1FA1F3E15D}
[2008/11/15 14:25:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{1f052e2a-b7b9-11d9-945f-00e08161165f}
[2009/07/20 12:37:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{2c088200-b973-11db-8314-0800200c9a66}(2)
[2008/09/12 11:30:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{2fbc1200-ad13-11db-abbd-0800200c9a66}
[2008/12/10 09:18:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/09/12 11:30:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{47d1d620-5e5b-11da-8cd6-0800200c9a66}
[2009/07/20 12:37:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}(2)
[2009/07/20 12:37:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{66871bd1-5ba2-4739-b485-2a15f5969bd8}(2)
[2008/11/15 14:24:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2008/06/19 04:51:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{81a7a680-d724-460d-aa2f-4b0d8d926fe3}
[2007/08/18 08:43:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2008/04/22 06:42:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2009/11/14 05:39:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2009/07/20 12:37:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}(2)
[2009/07/20 12:37:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{dd30bf68-268a-4815-ad48-8740b774c764}(2)
[2009/11/14 05:36:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\{eb46c787-131a-4eb7-9b93-7f62ca550917}
[2008/02/17 09:14:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\[email protected]
[2007/10/14 10:37:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\[email protected]
[2009/11/14 05:36:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\extensions\[email protected]
[2007/06/03 06:57:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mike\Application Data\Mozilla\Sunbird\Profiles\fo305jpd.default\extensions
[2007/02/28 06:17:42 | 00,002,386 | ---- | M] () -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\oai0whj8.default\searchplugins\siteadvisor.xml
[2009/11/17 09:53:42 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/14 05:28:14 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/10/27 06:58:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/11/02 22:23:26 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/02 22:23:27 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007/04/10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2007/08/07 13:35:32 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2008/06/10 19:03:12 | 01,335,600 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2008/06/10 19:03:38 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2007/06/01 15:51:16 | 00,069,632 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npitunes.dll
[2009/11/02 22:23:28 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/03/22 18:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/06/04 12:21:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/06/04 12:21:46 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/04/06 17:19:27 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/11/02 20:16:17 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/11/02 20:16:17 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/11/02 20:16:17 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/11/02 20:16:17 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/11/02 20:16:17 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/11/02 20:16:17 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

O1 HOSTS File: (242797 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.139mm.com
O1 - Hosts: 8505 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LexStart] File not found
O4 - HKLM..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.0\masqform.exe (PureEdge Solutions Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MimBoot] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\PELMICED.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SHPC32] C:\WINDOWS\System32\Shpc32.exe (Lexmark International)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Staples Easy Button] C:\Program Files\Staples Easy Button\EasyButton.exe (Staples and Serence Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SmarThru Engine.lnk = C:\Program Files\Samsung\SmarThru\QS.exe (Samsung Electronics Co., Ltd., Samsung Software Center.)
O4 - Startup: C:\Documents and Settings\Mike\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 37 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 44 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Documents) - File not found
O20 - HKLM Winlogon: UIHost - (and) - File not found
O20 - HKLM Winlogon: UIHost - (Settings\All) - File not found
O20 - HKLM Winlogon: UIHost - (Users\Application) - File not found
O20 - HKLM Winlogon: UIHost - (Data\TuneUp) - File not found
O20 - HKLM Winlogon: UIHost - (Software\TuneUp) - File not found
O20 - HKLM Winlogon: UIHost - (Utilities\WinStyler\tu_logonui.exe) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{26fe82ca-d934-11dd-922c-00038a000015}\Shell\AutoRun\command - "" = wdsync.exe
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/19 07:15:08 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\OTL.exe
[2009/11/19 06:45:17 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Mike\My Documents\RootRepeal.exe
[2009/11/19 06:44:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/19 06:41:37 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/11/19 06:40:50 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Mike\My Documents\erunt_setup.exe
[2009/11/19 06:39:43 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Mike\My Documents\SysRestorePoint.exe
[2009/11/19 06:35:57 | 00,891,208 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Mike\My Documents\avg_free_stb_en_9_40.exe
[2009/11/18 07:39:53 | 00,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2009/11/18 07:39:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/11/17 21:08:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/11/17 21:08:36 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/11/17 21:08:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\SUPERAntiSpyware.com
[2009/11/17 21:07:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/11/17 21:03:23 | 00,079,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2009/11/17 21:03:23 | 00,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2009/11/17 21:03:23 | 00,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2009/11/17 21:03:20 | 00,120,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2009/11/17 21:02:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/11/17 21:00:52 | 00,034,248 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2009/11/17 20:58:07 | 01,296,288 | ---- | C] (McAfee, Inc.) -- C:\Documents and Settings\Mike\My Documents\DMSetup-Serial.exe
[2009/11/17 18:18:02 | 00,000,000 | ---D | C] -- C:\Program Files\support.com
[2009/11/17 18:18:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Support.com
[2009/11/14 07:42:20 | 00,339,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\TFC.exe
[2009/11/14 06:01:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Local Settings\Application Data\Temp
[2009/11/14 06:00:50 | 00,563,864 | ---- | C] (Google Inc.) -- C:\Documents and Settings\Mike\My Documents\ChromeSetup.exe
[2009/11/13 20:28:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/11/13 20:28:04 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/11/13 20:27:56 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/11/13 20:27:22 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/11/13 20:27:22 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/11/13 20:27:22 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/11/13 20:27:22 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/11/13 20:27:22 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/11/13 20:27:21 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/11/13 20:27:21 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/11/13 20:27:21 | 00,000,000 | ---D | C] -- C:\7c723371edc0a154af6dbc5fce
[2009/11/13 20:22:46 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2009/11/13 20:10:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mike\Application Data\MSNInstaller
[2006/07/11 18:16:55 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[1 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/19 07:19:53 | 00,095,232 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\reports_gtg.doc
[2009/11/19 07:17:26 | 00,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2009/11/19 07:15:08 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\OTL.exe
[2009/11/19 07:06:02 | 00,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-401365990-284758978-2747912450-1005UA.job
[2009/11/19 07:02:42 | 00,056,534 | ---- | M] () -- C:\logfile
[2009/11/19 07:01:19 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/19 07:01:07 | 00,009,603 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/11/19 06:59:23 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/11/19 06:59:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/19 06:59:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/19 06:45:18 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Mike\My Documents\RootRepeal.exe
[2009/11/19 06:41:39 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\NTREGOPT.lnk
[2009/11/19 06:41:39 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\ERUNT.lnk
[2009/11/19 06:40:50 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Mike\My Documents\erunt_setup.exe
[2009/11/19 06:39:43 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Mike\My Documents\SysRestorePoint.exe
[2009/11/19 06:36:11 | 00,891,208 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Mike\My Documents\avg_free_stb_en_9_40.exe
[2009/11/19 06:27:20 | 09,175,040 | ---- | M] () -- C:\Documents and Settings\Mike\NTUSER.DAT
[2009/11/19 06:27:20 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Mike\ntuser.ini
[2009/11/18 06:06:03 | 00,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-401365990-284758978-2747912450-1005Core.job
[2009/11/17 21:33:01 | 00,125,440 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/17 21:08:41 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/17 21:07:46 | 05,797,152 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\SUPERAntiSpyware.exe
[2009/11/17 21:05:58 | 00,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/11/17 21:05:47 | 00,223,632 | ---- | M] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/11/17 21:03:05 | 00,000,338 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/11/17 21:03:04 | 00,000,316 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/11/17 20:58:08 | 01,296,288 | ---- | M] (McAfee, Inc.) -- C:\Documents and Settings\Mike\My Documents\DMSetup-Serial.exe
[2009/11/17 18:19:23 | 00,000,990 | ---- | M] () -- C:\net_save.dna
[2009/11/17 18:18:45 | 00,002,469 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dell Support Center.lnk
[2009/11/14 07:42:21 | 00,339,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\My Documents\TFC.exe
[2009/11/14 06:01:20 | 00,002,277 | ---- | M] () -- C:\Documents and Settings\Mike\Desktop\Google Chrome.lnk
[2009/11/14 06:00:51 | 00,563,864 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Mike\My Documents\ChromeSetup.exe
[2009/11/14 05:28:17 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/14 05:12:40 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Mike\Ÿ9Ÿ9
[2009/11/13 20:34:05 | 00,651,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/13 20:31:46 | 00,533,654 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/13 20:31:46 | 00,463,200 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/13 20:31:46 | 00,080,328 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/13 20:10:22 | 00,001,857 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2009/11/13 20:10:08 | 00,003,788 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\Documents and Settings\Mike\My Documents\*.tmp files -> C:\Documents and Settings\Mike\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/19 07:04:27 | 00,095,232 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\reports_gtg.doc
[2009/11/19 06:41:39 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\NTREGOPT.lnk
[2009/11/19 06:41:39 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\ERUNT.lnk
[2009/11/17 21:08:41 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/17 21:08:08 | 00,009,603 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2009/11/17 21:07:38 | 05,797,152 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\SUPERAntiSpyware.exe
[2009/11/17 21:05:58 | 00,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2009/11/17 21:03:04 | 00,000,338 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/11/17 21:03:04 | 00,000,316 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/11/17 18:19:23 | 00,000,990 | ---- | C] () -- C:\net_save.dna
[2009/11/17 18:18:45 | 00,002,469 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dell Support Center.lnk
[2009/11/14 06:01:20 | 00,002,277 | ---- | C] () -- C:\Documents and Settings\Mike\Desktop\Google Chrome.lnk
[2009/11/14 06:01:01 | 00,000,974 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-401365990-284758978-2747912450-1005UA.job
[2009/11/14 06:01:01 | 00,000,922 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-401365990-284758978-2747912450-1005Core.job
[2009/11/14 05:15:53 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/11/14 05:12:40 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Mike\Ÿ9Ÿ9
[2009/11/13 20:10:22 | 00,001,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2009/03/25 06:28:28 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\$_hpcst$.hpc
[2009/02/18 16:45:50 | 00,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009/02/12 22:17:49 | 00,000,061 | ---- | C] () -- C:\WINDOWS\PureEdgeAPI.ini
[2009/02/12 22:17:47 | 00,167,936 | ---- | C] () -- C:\WINDOWS\System32\MSQOLE.DLL
[2009/01/30 07:07:50 | 00,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/01/21 18:49:55 | 00,001,152 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/06/10 19:07:20 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/06/10 19:03:26 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/06/10 19:03:26 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/05/22 17:18:54 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/05/02 17:19:24 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/04/09 18:20:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/04/07 06:55:20 | 00,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007/02/21 02:04:01 | 00,979,362 | -HS- | C] () -- C:\WINDOWS\System32\lmllm.ini
[2006/12/13 23:01:36 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/12/13 23:01:36 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/07/03 09:45:04 | 00,002,263 | ---- | C] () -- C:\WINDOWS\ssnew01.ini
[2006/07/03 09:38:38 | 00,102,400 | ---- | C] () -- C:\WINDOWS\dll2kusb.dll
[2006/07/03 09:38:38 | 00,098,304 | ---- | C] () -- C:\WINDOWS\dll32.dll
[2006/07/03 09:38:38 | 00,061,440 | ---- | C] () -- C:\WINDOWS\InstZ82.dll
[2006/07/03 09:38:38 | 00,012,160 | ---- | C] () -- C:\WINDOWS\LxUsbOpn.dll
[2006/07/03 09:38:38 | 00,002,563 | ---- | C] () -- C:\WINDOWS\Ssds32.ini
[2006/07/03 09:38:38 | 00,002,269 | ---- | C] () -- C:\WINDOWS\Ssdef32.ini
[2006/07/03 09:38:38 | 00,001,152 | ---- | C] () -- C:\WINDOWS\MyScan.ini
[2006/06/29 14:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 14:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/06/01 15:16:19 | 00,001,086 | ---- | C] () -- C:\WINDOWS\FORM32.INI
[2006/05/22 21:05:06 | 00,000,082 | ---- | C] () -- C:\WINDOWS\savers.ini
[2006/04/24 19:10:51 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/04/23 16:35:21 | 00,000,096 | ---- | C] () -- C:\WINDOWS\bizpub32.INI
[2006/04/18 15:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 15:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/04/04 05:37:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2006/03/18 07:10:05 | 00,000,173 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2006/02/28 07:13:30 | 00,000,417 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/02/17 19:00:19 | 00,006,686 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/02/12 21:02:03 | 00,003,971 | ---- | C] () -- C:\WINDOWS\System32\Setup2k.ini
[2006/02/12 21:02:03 | 00,000,280 | ---- | C] () -- C:\WINDOWS\System32\presetup.ini
[2006/02/11 17:44:16 | 00,000,196 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
[2006/02/11 17:23:00 | 00,000,117 | ---- | C] () -- C:\WINDOWS\groupwar.ini
[2006/02/11 15:42:49 | 00,125,440 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/11 08:45:59 | 00,223,632 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/02/11 08:45:55 | 00,000,152 | RHS- | C] () -- C:\WINDOWS\System32\63F5D3F583.sys
[2006/02/11 07:47:38 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\PFP120JPR.{PB
[2006/02/11 07:47:38 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\PFP120JCM.{PB
[2006/02/11 07:29:40 | 00,000,127 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\fusioncache.dat
[2006/02/11 07:29:40 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Mike\Application Data\desktop.ini
[2006/02/07 15:45:17 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/07 15:33:25 | 00,000,181 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/07 15:08:18 | 00,000,387 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 05:37:24 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 05:33:24 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/08/16 05:18:41 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/16 05:12:25 | 00,000,956 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/05 15:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1998/09/01 12:10:20 | 00,164,864 | ---- | C] () -- C:\WINDOWS\System32\Ldepcl32.dll
[1997/10/24 09:56:36 | 00,000,643 | ---- | C] () -- C:\WINDOWS\Lexstat.ini
[1997/06/17 10:07:50 | 00,328,704 | ---- | C] () -- C:\WINDOWS\System32\Dosfnt32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Mike\My Documents\MSCOMCTL.ZIP: SummaryInformation
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2F3B25D5
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A64A7256
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F4921BC9
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:96F344DB
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B894C266
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:22404AE2
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57DE3FD3
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6E141455
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A518B662
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FE376726
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:061FEEDF
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4804DAC2
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:31080D0E
< End of report >

OTL Extras logfile created on: 11/19/2009 7:21:36 AM - Run 1
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Documents and Settings\Mike\My Documents
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.09 Mb Total Physical Memory | 406.29 Mb Available Physical Memory | 39.75% Memory free
2.40 Gb Paging File | 1.82 Gb Available in Paging File | 75.51% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 91.63 Gb Free Space | 63.49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D39XJF91
Current User Name: Mike
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" "%1" (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" "%1" (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{054C3038-FFAC-446D-9682-E25891DC2E05}" = QuickBooks Product Listing Service
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{16F0EE77-B2B1-4417-A8CC-07E06C78CCC4}" = Matrix-ks
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26558946-FDAF-4A44-929B-7058C9855BD7}" = 2006 National Painting Cost Estimator
"{29F1159B-A14A-4B2D-84CF-F1231F68178E}" = Duke Nukem - Manhattan Project (DEMO v1.0.1)
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{35E1A8C8-6646-4101-B0AA-42D1EB2AB3AE}" = Windows Live Outlook Toolbar (Windows Live Toolbar)
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{35F1A728-000F-4F77-909F-71A745BC6BB0}" = OELScreensaverStudio
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3a6f8a27-fa78-48a4-bbd1-399b000bcc9a}" = C8100_Help
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta)
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{439c835d-aefd-4951-9669-9543080ab7e2}" = Nero 9 Trial
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CEA6811-DFAD-4892-828D-49941FE3B779}" = Intel® PROSet for Wired Connections
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{53B2CFE9-A508-4457-B2CA-5D253536BFB7}" = OneCare Advisor (Windows Live Toolbar)
"{548B3DC6-2300-47E1-BA7B-74AD25F8DEBF}" = Form Fill (Windows Live Toolbar)
"{553E56C3-7AA1-45FE-A2FC-2C43DC27F765}" = iTunes
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{688BD258-9A15-49E7-85A7-C6D0131C206F}" = MyProfessionalBusinessCards
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6C6F0968-2B86-42B4-AF34-46A5F06E8FA4}" = MySoftware Fonts
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7CE979C6-E5FF-41C5-B6CC-4EE18071563B}" = SierraAddressBook 3.0
"{7E545666-F422-45FD-B3DF-C0B99A1A579F}" = QuickBooks Pro 2007
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111234247}" = Mega Bounce
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112027253}" = Reaxxion
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C22F265-DE76-44D1-8A79-A71D819137DA}" = Intel® Quick Resume Technology Drivers
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{903CE8F7-6C7B-41E6-A1CF-3BF1176264EC}" = Intel® Viiv™
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{93C4FBD0-FC5A-40E8-826B-772BE2C6BC89}" = Learning QuickBooks 2007
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9B94BE6F-7CA3-4C40-A266-62667FF746CC}" = ATI Drivers
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AD05F1FF-F284-402D-952A-ABCA6A6063FB}" = Adobe Illustrator CS2
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BEF106F8-2689-4530-925A-E1117836E8CD}" = Google SketchUp 7
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DDAC27F9-8293-465f-A4B0-011F1D38BBA1}" = RoxioShim
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E0000600-0600-0600-0600-000000000600}" = ICS Viewer 6.0
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EF3F9770-CA7B-4c5d-8A98-49AB97216546}" = C8100
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F413D795-B077-4A96-AE75-810BBA673A0E}" = Microsoft Office Small Business Accounting 2006
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"3D Grandfather Clock Screensaver_is1" = 3D Grandfather Clock Screensaver 1.0
"9F039904-7B01-478A-B1F1-1E0C6933BC9C" = Blasterball 2 Remix from WildTangent (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2 Tryout
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"America Online us" = America Online (Choose which version to remove)
"AOL Connectivity Services" = AOL Connectivity Services
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.4 (Unicode)
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"BitTornado" = BitTornado 0.3.7
"camaro_logo" = camaro_logo Screen Saver
"CCleaner" = CCleaner (remove only)
"D1A6F3FD-7B40-443F-8767-BADB25A0D222" = Blasterball 2
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"EncFlac" = EncFlac 1.1.2
"ERUNT_is1" = ERUNT 1.1j
"ESPNMotion" = ESPNMotion
"FLAC" = FLAC Installer 1.1.2a (remove only)
"Google Updater" = Google Updater
"HijackThis" = HijackThis 1.99.1
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IGN Download Manager" = IGN Download Manager 2.1.2
"InstallShield_{29F1159B-A14A-4B2D-84CF-F1231F68178E}" = Duke Nukem - Manhattan Project (DEMO v1.0.1)
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"Intel® Quick Resume Technology" = Intel® Quick Resume Technology Drivers
"Lexmark Z82" = Lexmark Z82 Drivers
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MouseSuite98" = Mouse Suite
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Sunbird (0.3.1)" = Mozilla Sunbird (0.3.1)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMIX!UninstallKey" = NeroMIX
"Picasa 3" = Picasa 3
"PROSet" = Intel® PRO Network Connections Drivers
"RealArcade 1.2" = RealArcade
"RealPlayer 6.0" = RealPlayer
"Salma Hayek V4 Screen Saver" = Salma Hayek V4 Screen Saver
"Sandlot Games Client Services_is1" = Sandlot Games Client Services
"SmarThru" = SmarThru 2
"StreetPlugin" = Learn2 Player (Uninstall Only)
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = HTC Touch Diamond™ User Guide
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Internet Mail" = Yahoo! Internet Mail

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/17/2009 3:06:05 PM | Computer Name = D39XJF91 | Source = Google Update | ID = 20
Description =

Error - 11/17/2009 4:06:05 PM | Computer Name = D39XJF91 | Source = Google Update | ID = 20
Description =

Error - 11/17/2009 5:06:05 PM | Computer Name = D39XJF91 | Source = Google Update | ID = 20
Description =

Error - 11/17/2009 6:06:05 PM | Computer Name = D39XJF91 | Source = Google Update | ID = 20
Description =

Error - 11/17/2009 10:08:12 PM | Computer Name = D39XJF91 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 11/17/2009 10:08:12 PM | Computer Name = D39XJF91 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 11/17/2009 10:08:12 PM | Computer Name = D39XJF91 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 11/17/2009 10:08:12 PM | Computer Name = D39XJF91 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 11/17/2009 10:08:12 PM | Computer Name = D39XJF91 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 11/17/2009 10:08:12 PM | Computer Name = D39XJF91 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

[ IntelDH Events ]
Error - 11/18/2009 8:06:54 AM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 11/18/2009 8:44:10 AM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 11/18/2009 3:27:08 PM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 11/18/2009 3:32:31 PM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 11/18/2009 5:28:18 PM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 11/18/2009 5:44:00 PM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 11/19/2009 7:11:21 AM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 11/19/2009 7:18:20 AM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 11/19/2009 7:29:20 AM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

Error - 11/19/2009 7:49:06 AM | Computer Name = D39XJF91 | Source = IntelQRTD | ID = 7
Description = Could not attach to EL Acpi driver.

[ System Events ]
Error - 11/19/2009 7:49:06 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7023
Description = The Intel® Quick Resume Technology Drivers service terminated with
the following error: %%203

Error - 11/19/2009 7:50:28 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/19/2009 7:50:28 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ShldDrv

Error - 11/19/2009 7:50:33 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7034
Description = The LexBce Server service terminated unexpectedly. It has done this
1 time(s).

Error - 11/19/2009 7:59:32 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7000
Description = The Panda Process Protection Driver service failed to start due to
the following error: %%2

Error - 11/19/2009 7:59:32 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7000
Description = The Panda Process Protection Service service failed to start due to
the following error: %%3

Error - 11/19/2009 7:59:34 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7023
Description = The Intel® Quick Resume Technology Drivers service terminated with
the following error: %%203

Error - 11/19/2009 8:00:54 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/19/2009 8:00:54 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ShldDrv

Error - 11/19/2009 8:00:54 AM | Computer Name = D39XJF91 | Source = Service Control Manager | ID = 7034
Description = The LexBce Server service terminated unexpectedly. It has done this
1 time(s).


< End of report >



Thanks!