Here is the Rooter scan:
Microsoft Windows XP Professional (5.1.2600) Service Pack 2
C:\ [Fixed] - NTFS - (Total:235178 Mo/Free:3824 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
G:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)
Tue 04/14/2009|13:29
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\AskBarDis\bar\bin\AskService.exe
---------- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
---------- C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
---------- c:\program files\common files\mcafee\mna\mcnasvc.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
---------- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
---------- C:\Program Files\McAfee\MPF\MPFSrv.exe
---------- C:\Program Files\McAfee\MSK\MskSrver.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\PSIService.exe
---------- C:\Program Files\SiteAdvisor\6261\SAService.exe
---------- C:\Program Files\Sygate\SSA\smc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Viewpoint\Common\ViewpointService.exe
---------- C:\WINDOWS\system32\DRIVERS\WtSrv.exe
---------- C:\Program Files\Canon\CAL\CALMAIN.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Common Files\Stardock\SDMCP.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
---------- C:\WINDOWS\system32\wscntfy.exe
---------- C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\iTunes\iTunesHelper.exe
---------- C:\WINDOWS\system32\WService.EXE
---------- C:\Program Files\iPod\bin\iPodService.exe
---------- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
---------- c:\PROGRA~1\mcafee\msc\mcuimgr.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\Program Files\Spyware Terminator\sp_rsser.exe
---------- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
---------- C:\Program Files\AIM6\aim6.exe
---------- C:\Program Files\AIM6\aolsoftware.exe
---------- C:\program files\itunes\itunes.exe
---------- C:\PROGRA~1\MICROS~3\Office10\WINWORD.EXE
---------- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
---------- C:\WINDOWS\system32\cscript.exe
---------- C:\WINDOWS\system32\NOTEPAD.EXE
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
---------- C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
---------- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
---------- C:\Program Files\Sibelius Software\Sibelius 5\Sibelius.exe
---------- C:\Program Files\Windows Defender\MsMpEng.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
----------------------\\ Cracks & Keygens..
C:\DOCUME~1\S-chan\Desktop\Anime & TV\OBJECT DOCK PLUS v1.90.535+Crack.rar
C:\DOCUME~1\S-chan\Desktop\Anime & TV\OBJECT DOCK PLUS v1.90.535+Crack\objectdockplus_190.exe
C:\DOCUME~1\S-chan\Desktop\Anime & TV\OBJECT DOCK PLUS v1.90.535+Crack\README.txt
C:\DOCUME~1\S-chan\Desktop\Misc\Aimersoft DVD Ripper v1.1.14 [Hardcoder keygen][h33t][matt14]\aimer-dvd-ripper.exe
C:\DOCUME~1\S-chan\Desktop\Misc\Aimersoft DVD Ripper v1.1.14 [Hardcoder keygen][h33t][matt14]\keygen.exe
C:\DOCUME~1\S-chan\Desktop\Misc\Aimersoft DVD Ripper v1.1.14 [Hardcoder keygen][h33t][matt14]\Read Me !!!.txt
C:\DOCUME~1\S-chan\Desktop\Misc\Aimersoft DVD Ripper v1.1.14 [Hardcoder keygen][h33t][matt14]\tracked_by_h33t_com.txt
C:\DOCUME~1\S-chan\Desktop\Misc\File.Renamer.Deluxe.v4.0.3.Incl.Keygen-ORiON\File.Renamer.Deluxe.v4.0.3.Incl.Keygen-ORiON.rar
C:\DOCUME~1\S-chan\Desktop\Misc\File.Renamer.Deluxe.v4.0.3.Incl.Keygen-ORiON\FileRenamer.exe
C:\DOCUME~1\S-chan\Desktop\Misc\File.Renamer.Deluxe.v4.0.3.Incl.Keygen-ORiON\Keygen.exe
C:\DOCUME~1\S-chan\Desktop\Misc\File.Renamer.Deluxe.v4.0.3.Incl.Keygen-ORiON\Torrent downloaded from Demonoid.com.txt
1 - "C:\Rooter$\Rooter_1.txt" - Tue 04/14/2009|13:33
----------------------\\ Scan completed at 13:33
Here is the OTListIt2 scans:
OTListIt logfile created on: 4/14/2009 1:37:37 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\S-chan\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 30.97% Memory free
3.85 Gb Paging File | 2.05 Gb Available in Paging File | 53.25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.67 Gb Total Space | 103.73 Gb Free Space | 45.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TURCOTTESD1
Current User Name: S-chan
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Wireless Service)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
PRC - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\program files\common files\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\Program Files\SiteAdvisor\6261\SAService.exe ()
PRC - C:\Program Files\Sygate\SSA\smc.exe (Sygate Technologies, Inc.)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\WINDOWS\system32\DRIVERS\WtSrv.exe ()
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Common Files\Stardock\SDMCP.exe (Stardock)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\WService.EXE (Tablet Driver)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\MSC\mcuimgr.exe (McAfee, Inc.)
PRC - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
PRC - C:\Program Files\AIM6\aim6.exe (AOL LLC)
PRC - C:\Program Files\AIM6\aolsoftware.exe (AOL LLC)
PRC - C:\program files\itunes\itunes.exe (Apple Inc.)
PRC - C:\Program Files\Microsoft Office\Office10\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\WINDOWS\system32\cscript.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Crawler\Toolbar\CToolbar.exe (Crawler.com)
PRC - C:\Program Files\Crawler\Toolbar\CToolbar.exe (Crawler.com)
PRC - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
PRC - C:\Program Files\Sibelius Software\Sibelius 5\Sibelius.exe (Sibelius Software, a division of Avid Technology, Inc. and its licensors.)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Documents and Settings\S-chan\Desktop\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (ADVService [On_Demand | Stopped]) -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe (Amazon.com)
SRV - (ANIWZCSdService [Auto | Running]) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Wireless Service)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ASKService [Auto | Running]) -- C:\Program Files\AskBarDis\bar\bin\AskService.exe ()
SRV - (ASKUpgrade [Auto | Running]) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (CCALib8 [Auto | Running]) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DSBrokerService [On_Demand | Stopped]) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (FreeAgentGoNext Service [Auto | Running]) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (hpqcxs08 [On_Demand | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (hpqddsvc [Auto | Running]) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (IAANTMon [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe (Intel Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (jswpsapi [On_Demand | Stopped]) -- C:\Program Files\D-Link\RangeBooster G WUA-2340\JSWUtil\jswpsapi.exe (Atheros Communications, Inc.)
SRV - (magaService [On_Demand | Stopped]) -- C:\Program Files\Sygate\SSA\maga\maga.exe (Sygate Technologies, Inc.)
SRV - (mcmscsvc [Auto | Running]) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McNASvc [Auto | Running]) -- c:\program files\common files\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (McODS [On_Demand | Stopped]) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McProxy [Auto | Running]) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McShield [Unknown | Running]) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon [On_Demand | Running]) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
SRV - (MpfService [Auto | Running]) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (MSK80Service [Auto | Running]) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (Net Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZinw12.dll (Hewlett-Packard)
SRV - (NetSvc [On_Demand | Running]) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe (Intel® Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\system32\HPZipm12.dll (Hewlett-Packard)
SRV - (ProtexisLicensing [Auto | Running]) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (SiteAdvisor Service [Auto | Running]) -- C:\Program Files\SiteAdvisor\6261\SAService.exe ()
SRV - (SmcService [Auto | Running]) -- C:\Program Files\Sygate\SSA\smc.exe (Sygate Technologies, Inc.)
SRV - (stllssvr [On_Demand | Stopped]) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WinTabService [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\WtSrv.exe ()
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (sp_rssrv [Auto | Running]) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com)
========== Driver Services (SafeList) ========== DRV - (A5AGU [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\A5AGU.sys (D-Link Corporation)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (ANIO [Auto | Running]) -- C:\WINDOWS\system32\ANIO.SYS (Alpha Networks Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (Aspi32 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (ATHFMWDL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\ATHFMWDL.sys (Windows ® 2000 DDK provider)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DLABOIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLACDBHM [System | Running]) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLADResN [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLAIFS_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLAOPIOM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLARTL_N [System | Running]) -- C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DLAUDFAM [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M [Auto | Running]) -- C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DRVMCDB [Boot | Running]) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DRVNDDM [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (DSproct [On_Demand | Stopped]) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (dsunidrv [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys (Gteko Ltd.)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (e1express [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\e1e5132.sys (Intel Corporation)
DRV - (FsVga [System | Running]) -- C:\WINDOWS\system32\DRIVERS\fsvga.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (ggflt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HPZid412 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys (HP)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (iastor [Boot | Running]) -- C:\WINDOWS\system32\drivers\iastor.sys (Intel Corporation)
DRV - (JSWSCIMD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\jswscimd.sys (Atheros Communications, Inc.)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mfeavfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfehidk [System | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mferkdk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (mfesmfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (MPFP [System | Running]) -- C:\WINDOWS\System32\Drivers\Mpfp.sys (McAfee, Inc.)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (MusCDriverV32 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MusCDriverV32.sys (Windows ® 2000/XP)
DRV - (MusCVideo32 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\MusCVideo32.sys (Windows ® 2000 DDK provider)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (s616bus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s616bus.sys (MCCI Corporation)
DRV - (s616mdfl [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s616mdfl.sys (MCCI Corporation)
DRV - (s616mdm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s616mdm.sys (MCCI Corporation)
DRV - (s616mgmt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s616mgmt.sys (MCCI Corporation)
DRV - (s616nd5 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s616nd5.sys (MCCI Corporation)
DRV - (s616obex [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s616obex.sys (MCCI Corporation)
DRV - (s616unic [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\s616unic.sys (MCCI Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (STEC3 [Auto | Running]) -- C:\WINDOWS\system32\STEC3.sys (AntiCracking)
DRV - (STHDA [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (Tablet2k [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\Tablet2k.sys (Windows ® 2000 DDK provider)
DRV - (TClass2k [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\TClass2k.sys (Tablet Driver)
DRV - (Teefer [Boot | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.)
DRV - (UCTblHid [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\UCTblHid.sys (Tablet Driver)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbser.sys (Microsoft Corporation)
DRV - (usbsermpt [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usbsermpt.sys (Microsoft Corporation)
DRV - (wg3n [Auto | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.)
DRV - (wg4n [Auto | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys (Sygate Technologies, Inc.)
DRV - (wg5n [Auto | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys (Sygate Technologies, Inc.)
DRV - (wg6n [Auto | Running]) -- C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys (Sygate Technologies, Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (WmaCDriverV32 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\WmaCDriverV32.sys (Windows ® 2000/XP)
DRV - (wpsdrvnt [System | Running]) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.)
DRV - (MBAMSwissArmy [Disabled | Running]) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (sp_rsdrv2 [System | Running]) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ()
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.msn.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {1650a312-02bc-40ee-977e-83f158701739}:26.6
FF - prefs.js..extensions.enabledItems: FFToolbar@upromise:5.2.2.5
FF - prefs.js..extensions.enabledItems:
[email protected]:1.4
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: {0620B69D-7B58-416d-A92A-0198860C2757}:3.0.2009040901
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX\ [2009/04/12 17:22:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/12 11:36:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/12 11:36:18 | 00,000,000 | ---D | M]
[2009/02/08 16:00:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\mozilla\Extensions
[2009/02/08 16:00:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/13 21:21:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\mozilla\Firefox\Profiles\r54andu2.default\extensions
[2009/04/10 11:08:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\mozilla\Firefox\Profiles\r54andu2.default\extensions\{0620B69D-7B58-416d-A92A-0198860C2757}
[2009/02/14 12:16:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\mozilla\Firefox\Profiles\r54andu2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/02/19 00:28:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\mozilla\Firefox\Profiles\r54andu2.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009/02/25 19:26:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\mozilla\Firefox\Profiles\r54andu2.default\extensions\FFToolbar@upromise
[2009/02/08 15:59:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/03/30 10:06:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/30 10:06:47 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/30 10:06:47 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/01/19 19:28:04 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/01/19 19:28:04 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2007/07/26 12:05:16 | 00,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2009/01/19 19:28:04 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/01/19 19:28:04 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/01/19 19:28:04 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/01/19 19:28:04 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/01/19 19:28:04 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (727 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll ()
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll ()
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {F4D76F09-7896-458a-890F-E1F05C46069F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F4D76F09-7896-458A-890F-E1F05C46069F} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" (Seagate LLC)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SmcService] C:\PROGRA~1\Sygate\SSA\smc.exe -startgui (Sygate Technologies, Inc.)
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe (Enigma Software Group USA, LLC.)
O4 - HKLM..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" (Crawler.com)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide (Microsoft Corporation)
O4 - HKLM..\Run: [WService] WService.EXE (Tablet Driver)
O4 - HKCU..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (AOL LLC)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\S-chan\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm File not found
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm File not found
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm File not found
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E}
http://www.musicnote...ad/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134}
http://lads.myspace....ploader1005.cab (MySpace Uploader Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
http://download.mcaf...01/mcinsctl.cab (McAfee.com Operating System Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java (Reg Error: Key error.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll ()
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\MCPClient: DllName - C:\Program Files\Common Files\Stardock\mcpstub.dll - C:\Program Files\Common Files\Stardock\mcpstub.dll (Stardock)
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files\Common Files\Stardock\MCPCore.dll (Stardock)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - Autorun File - C:\AUTOEXEC.BAT () - [ NTFS ]
O33 - MountPoints2\{81a52d5b-102e-11db-bd8a-0013721631be}\Shell - "" = AutoRun
O33 - MountPoints2\{81a52d5b-102e-11db-bd8a-0013721631be}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{81a52d5b-102e-11db-bd8a-0013721631be}\Shell\AutoRun\command - "" = F:\.\CRESUST.EXE -- File not found
========== Files/Folders - Created Within 30 Days ========== [2009/04/14 13:35:35 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\S-chan\Desktop\OTListIt2.exe
[2009/04/14 13:29:12 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/14 13:24:35 | 00,267,612 | ---- | C] () -- C:\Documents and Settings\S-chan\Desktop\Rooter.exe
[2009/04/13 23:45:00 | 00,048,241 | ---- | C] () -- C:\Documents and Settings\S-chan\Desktop\ST_abrams pursuit[arr].sib
[2009/04/13 21:46:15 | 01,902,656 | ---- | C] () -- C:\Documents and Settings\S-chan\My Documents\artadvocacy.pdf
[2009/04/12 18:23:49 | 00,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2009/04/12 17:21:10 | 00,000,000 | ---D | C] -- C:\Program Files\Crawler
[2009/04/12 17:21:09 | 00,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009/04/12 17:21:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\S-chan\Application Data\Spyware Terminator
[2009/04/12 17:21:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2009/04/12 17:21:05 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2009/04/12 17:13:33 | 00,000,000 | ---D | C] -- C:\Program Files\Hijack This
[2009/04/12 15:17:11 | 07,317,120 | ---- | C] () -- C:\Documents and Settings\S-chan\Desktop\17724539_01.mp3
[2009/04/12 11:46:32 | 00,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/12 11:43:12 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2009/04/12 11:22:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\S-chan\My Documents\Sony Ericsson
[2009/04/11 21:04:20 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/11 21:04:17 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/11 21:04:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/11 20:52:14 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/11 16:21:27 | 00,056,660 | ---- | C] () -- C:\Documents and Settings\S-chan\Desktop\ST_abrams pursuit.sib
[2009/04/08 12:05:37 | 00,613,600 | ---- | C] () -- C:\Documents and Settings\S-chan\Desktop\Education Week_ Obama Echoes Bush on Education Ideas.pdf
[2009/04/07 00:58:21 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\S-chan\My Documents\meriden foundation3.doc
[2009/04/04 16:27:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\S-chan\Application Data\Acoustica
[2009/04/04 13:39:36 | 00,057,344 | ---- | C] (NexiTech, Inc.) -- C:\WINDOWS\System32\Wnaspint.dll
[2009/04/04 13:39:32 | 00,000,000 | ---D | C] -- C:\Program Files\Acoustica Shared Effects
[2009/04/04 13:32:31 | 00,000,000 | ---D | C] -- C:\Program Files\VST
[2009/04/04 13:32:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2009/04/04 13:31:50 | 00,000,000 | ---D | C] -- C:\Program Files\Acoustica Mixcraft 4
[2009/04/02 00:23:15 | 00,029,184 | ---- | C] () -- C:\Documents and Settings\S-chan\My Documents\facebook licata letter.doc
[2009/04/01 22:46:29 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\S-chan\My Documents\blanksignatures.doc
[2009/03/31 01:06:41 | 00,026,112 | ---- | C] () -- C:\Documents and Settings\S-chan\My Documents\Dr. Licata Petition.doc
[2009/02/28 08:33:52 | 01,665,505 | -HS- | C] () -- C:\WINDOWS\System32\inuvazol.ini
[2009/02/27 20:34:16 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\wovahuzo.dll
[2009/02/27 20:33:56 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\nomepeya.dll
[2009/02/27 20:33:55 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\jopopaya.dll
[2008/09/19 17:57:34 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/19 17:55:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/19 17:55:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/09/19 17:54:18 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/07/12 22:01:18 | 00,176,128 | ---- | C] () -- C:\WINDOWS\System32\boost_python-vc71-mt-1_32.dll
[2008/07/12 21:32:01 | 00,193,024 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll
[2008/05/22 23:28:41 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\WlanApp.dll
[2008/05/22 23:28:41 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2008/02/11 20:14:22 | 00,716,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/12/16 19:28:48 | 00,000,005 | ---- | C] () -- C:\WINDOWS\System32\wrnreg5.sys
[2007/08/17 00:43:21 | 00,000,023 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2007/08/11 16:25:48 | 00,165,888 | ---- | C] () -- C:\WINDOWS\System32\hpgt53.dll
[2007/02/08 21:35:15 | 00,000,103 | ---- | C] () -- C:\WINDOWS\pro.INI
[2007/02/06 16:51:18 | 00,002,880 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/02/06 16:51:18 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\C1E97D7037.sys
[2007/02/01 01:44:47 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/23 16:15:22 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/12/17 00:00:50 | 00,000,024 | ---- | C] () -- C:\WINDOWS\System32\sysogg.dll
[2006/12/13 21:54:49 | 00,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv208325p1now.sys
[2006/12/04 13:47:38 | 00,027,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sys8042.sys
[2006/10/21 12:59:59 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2006/10/18 18:38:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\transkriber.INI
[2006/09/21 10:30:24 | 00,268,242 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-parse.dll
[2006/09/21 10:30:12 | 02,287,458 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-enc.dll
[2006/09/21 10:28:42 | 00,030,693 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-int.dll
[2006/09/15 20:14:52 | 00,000,049 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/07/18 00:17:38 | 00,000,656 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2006/06/20 12:32:06 | 00,568,850 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2006/06/20 12:32:05 | 00,856,064 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/06/20 12:32:05 | 00,217,088 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/06/20 12:32:03 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006/06/20 12:32:03 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2006/06/19 15:23:42 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/19 13:35:30 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/06/15 07:30:50 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/15 07:24:53 | 00,000,143 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/06/15 06:57:48 | 00,000,387 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/06/01 10:39:30 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\LDECMPG22.dll
[2006/06/01 10:39:20 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\LENCMPG22.dll
[2006/06/01 10:38:36 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\LENCMPG2KRN2.dll
[2006/05/31 11:52:54 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\LDECMPG2KRN2.dll
[2006/05/28 18:31:26 | 00,405,504 | ---- | C] () -- C:\WINDOWS\System32\LEncMPG4Krn.dll
[2006/05/23 08:35:22 | 01,814,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15_n.dll
[2005/11/17 13:57:30 | 00,258,560 | ---- | C] () -- C:\WINDOWS\System32\MusicTagsAX.dll
[2005/10/14 22:10:24 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2005/06/06 18:05:38 | 00,226,456 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll
[2005/04/27 14:38:00 | 00,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2004/08/11 17:24:19 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 17:00:37 | 00,000,659 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/11 17:00:35 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/02/01 15:21:56 | 00,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2003/08/07 15:01:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2003/04/19 08:52:20 | 00,286,208 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
[2003/03/24 12:00:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ucinst32.dll
[2002/10/29 22:53:26 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\PcHook.DLL
========== Files - Modified Within 30 Days ========== [3 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/04/14 13:35:39 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\S-chan\Desktop\OTListIt2.exe
[2009/04/14 13:24:40 | 00,267,612 | ---- | M] () -- C:\Documents and Settings\S-chan\Desktop\Rooter.exe
[2009/04/14 02:06:02 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009/04/14 00:05:33 | 00,048,241 | ---- | M] () -- C:\Documents and Settings\S-chan\Desktop\ST_abrams pursuit[arr].sib
[2009/04/13 21:46:15 | 01,902,656 | ---- | M] () -- C:\Documents and Settings\S-chan\My Documents\artadvocacy.pdf
[2009/04/13 13:36:08 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/12 17:21:09 | 00,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009/04/12 15:22:54 | 07,317,120 | ---- | M] () -- C:\Documents and Settings\S-chan\Desktop\17724539_01.mp3
[2009/04/12 15:18:38 | 00,056,660 | ---- | M] () -- C:\Documents and Settings\S-chan\Desktop\ST_abrams pursuit.sib
[2009/04/12 11:45:56 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/12 11:26:07 | 00,002,880 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/04/12 11:19:55 | 00,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/04/12 11:19:40 | 00,018,962 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/04/12 11:17:59 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/04/12 11:17:57 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/04/08 12:05:41 | 00,613,600 | ---- | M] () -- C:\Documents and Settings\S-chan\Desktop\Education Week_ Obama Echoes Bush on Education Ideas.pdf
[2009/04/08 09:59:03 | 00,039,424 | ---- | M] () -- C:\Documents and Settings\S-chan\My Documents\blanksignatures.doc
[2009/04/07 00:58:21 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\S-chan\My Documents\meriden foundation3.doc
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/03 14:06:09 | 00,139,776 | ---- | M] () -- C:\Documents and Settings\S-chan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/02 00:23:15 | 00,029,184 | ---- | M] () -- C:\Documents and Settings\S-chan\My Documents\facebook licata letter.doc
[2009/04/01 23:31:10 | 00,026,112 | ---- | M] () -- C:\Documents and Settings\S-chan\My Documents\Dr. Licata Petition.doc
[2009/03/30 21:06:29 | 00,000,581 | ---- | M] () -- C:\Documents and Settings\S-chan\My Documents\My Sharing Folders.lnk
[2009/03/29 14:32:21 | 00,525,044 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/03/29 14:32:21 | 00,443,274 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/03/29 14:32:21 | 00,072,096 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
========== LOP Check ========== [2009/04/12 17:21:06 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2007/12/15 18:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{0727B42B-1697-465F-8CDC-53A1EA7110EB}
[2009/02/16 13:15:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/11/18 10:03:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/04/04 13:32:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acoustica
[2008/03/05 16:11:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008/11/18 10:03:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2008/12/01 01:04:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Amazon
[2008/02/20 21:29:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2008/11/18 10:02:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL Downloads
[2007/02/01 01:47:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2007/07/04 19:30:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2007/02/05 20:32:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2007/06/18 00:11:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest Software
[2009/02/19 00:24:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2007/06/19 22:10:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2007/04/12 11:58:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2007/02/14 23:16:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2007/09/16 19:53:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GTek
[2007/08/31 13:27:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2008/05/18 21:43:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2007/08/31 13:36:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2007/08/31 13:44:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
[2006/06/15 07:22:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2008/12/11 01:58:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2007/02/10 18:05:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2007/02/11 01:05:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee.com
[2009/02/21 01:36:26 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/02/23 18:09:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2007/10/10 14:24:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2009/03/07 22:19:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2007/02/04 15:59:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2006/06/15 07:17:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2006/06/20 12:32:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2004/08/11 17:25:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2008/11/24 20:02:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2008/08/14 18:52:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sibelius Software
[2007/09/11 00:05:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2008/08/22 12:29:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2008/08/22 12:55:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2009/04/12 17:37:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/04/14 09:13:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2008/08/28 18:57:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/18 10:03:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/08/31 15:38:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2006/06/19 20:22:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2007/12/14 22:08:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2009/02/08 16:34:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
[2009/04/12 17:21:09 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\S-chan\Application Data
[2007/06/20 23:28:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\.BitTornado
[2007/02/01 01:47:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\acccore
[2009/04/04 16:27:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Acoustica
[2009/02/27 12:30:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Adobe
[2007/03/09 15:28:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\AdobeUM
[2007/02/05 22:02:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Aim
[2008/04/24 11:06:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Amazon
[2007/08/21 02:59:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Apple Computer
[2009/03/09 18:00:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Audacity
[2009/02/19 00:24:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\AVS4YOU
[2009/04/11 21:15:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Azureus
[2007/06/19 20:32:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\BitTorrent
[2009/04/12 11:26:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Corel
[2008/02/11 20:19:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\DAEMON Tools
[2007/12/30 01:37:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\DivX
[2008/07/29 21:15:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\dvdcss
[2009/02/16 12:51:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Engelmann Media
[2008/11/02 00:21:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\FLV Extract
[2007/02/04 17:09:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Fujitsu
[2008/01/20 15:39:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\GetRight
[2008/01/20 15:38:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\GetRightToGo
[2009/02/27 13:40:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Google
[2007/04/08 14:42:41 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\S-chan\Application Data\Gtek
[2006/07/12 03:56:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Help
[2008/05/18 21:43:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\HP
[2008/06/14 15:29:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\HPAppData
[2004/08/11 17:20:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Identities
[2007/07/30 18:48:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\InstallShield
[2006/10/11 19:22:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\InterTrust
[2006/07/13 03:10:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Jasc
[2007/08/26 23:55:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Lavasoft
[2006/06/19 14:09:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Leadertech
[2007/05/19 16:52:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Macromedia
[2008/12/11 01:58:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Malwarebytes
[2006/06/23 00:05:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Media Player Classic
[2007/07/30 18:49:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Megaupload
[2007/12/14 22:14:25 | 00,000,000 | --SD | M] -- C:\Documents and Settings\S-chan\Application Data\Microsoft
[2008/11/20 23:18:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Move Networks
[2009/02/08 16:00:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Mozilla
[2008/11/20 17:25:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\My Games
[2008/09/25 16:08:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Neuratron
[2007/10/10 16:47:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\NJStar
[2008/02/20 17:33:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Real
[2006/12/17 00:19:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\RTPlayer
[2007/12/18 20:02:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Ruckus Network
[2007/06/22 22:30:51 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\S-chan\Application Data\SecuROM
[2008/04/08 13:11:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Sibelius Software
[2008/05/27 15:19:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\SiteAdvisor
[2007/12/16 00:11:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\SmartFTP
[2008/08/22 12:29:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Sony
[2009/04/14 02:00:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Spyware Terminator
[2006/06/15 07:10:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Sun
[2007/05/09 06:28:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\tunebite
[2007/12/06 23:10:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\U3
[2007/09/17 19:14:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Uniblue
[2008/05/11 14:02:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\UseNeXT
[2009/02/28 12:33:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\uTorrent
[2007/01/18 09:56:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\Viewpoint
[2006/07/10 15:11:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\vlc
[2008/05/27 16:35:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\WinRAR
[2006/12/14 00:24:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\ZangoToolbar
[2009/02/08 16:34:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\S-chan\Application Data\ZoomBrowser EX
[2009/04/13 13:36:08 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/04/14 02:06:02 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2009/04/12 11:17:59 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B174FAE
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C39E55C5
< End of report >
Extras:
OTListIt Extras logfile created on: 4/14/2009 1:37:37 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.14.0 Folder = C:\Documents and Settings\S-chan\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.62 Gb Available Physical Memory | 30.97% Memory free
3.85 Gb Paging File | 2.05 Gb Available in Paging File | 53.25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 229.67 Gb Total Space | 103.73 Gb Free Space | 45.17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TURCOTTESD1
Current User Name: S-chan
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"41214:UDP" = 41214:UDP:*:Enabled:Azureus
"7416:TCP" = 7416:TCP:*:Enabled:BitComet 7416 TCP
"7416:UDP" = 7416:UDP:*:Enabled:BitComet 7416 UDP
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL File not found
C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger (America Online, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
%windir%\system32\drivers\svchost.exe:*:Enabled:svchost File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL File not found
C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL File not found
C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus (Vuze Inc.)
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice (Microsoft Corporation)
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire File not found
C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger (America Online, Inc.)
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader (AOL LLC)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Ruckus Player\Ruckus.exe:*:Enabled:Ruckus File not found
C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent File not found
C:\Program Files\BitTornado\btdownloadgui.exe:*:Enabled:btdownloadgui File not found
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client File not found
C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM (AOL LLC)
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe ()
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe ()
C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe ( )
C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe (Hewlett-Packard Co.)
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe (Hewlett-Packard Co.)
C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player (Apple Inc.)
C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian (Cerulean Studios)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) (Microsoft Corporation)
C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5 (SmartSoft Ltd.)
C:\Documents and Settings\S-chan\Local Settings\Temp\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard File not found
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent ()
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent (McAfee, Inc.)
C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2 (Sony Creative Software Inc.)
C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service ()
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player (Veoh Networks)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Your Freedom\freedom.exe:*:Enabled:freedom ()
C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client File not found
%windir%\system32\drivers\svchost.exe:*:Enabled:svchost File not found
C:\WINDOWS\explorer.exe:*:Enabled:Explorer (Microsoft Corporation)
C:\Program Files\Common Files\SureThing Shared\stllssvr.exe:*:Enabled:stllssvr (MicroVision Development, Inc.)
C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (Mozilla Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{034F8C89-C4F4-4731-A32B-F4294C04729F}" = HP Photosmart All-In-One Software 9.0
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{03CE1BCB-03F5-4C6A-B37E-69799AA3C544}" = SpyHunter
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{176B3593-72F1-459C-829C-5E9671E2CB35}" = GameSpy Comrade
"{188CEE76-0503-4910-A845-E1DC45685DA0}" = RangeBooster G WUA-2340
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3BE575A0-101F-49A4-BE65-CC641D499DBF}" = DELETER CG illust 2E
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{438BC259-E54C-4392-008E-2808B9C251CA}" = The Sims 2 Body Shop
"{44B2E182-DD85-45FC-9F51-326B81D7C7F1}" = Fax
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4CEA6811-DFAD-4892-828D-49941FE3B779}" = Intel® PROSet for Wired Connections
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{79546A5F-AE7C-4693-8670-A3401B43ABD2}" = HP Deskjet 5900 series
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{8228343D-258D-4AAC-86F8-861CD33B78F7}" = Sygate Security Agent 4.1
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{85CFC80F-B410-42E7-855F-F2AE1DF64315}" = DELETER COMICWORKS
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{892C010C-2C53-4746-9EB8-834E0B85A8C8}" = Mega Manager
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{913D0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard for Students and Teachers
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{9DE9E293-5D7B-4312-88C2-BDFAEC5310AE}" = Microsoft .NET Framework 3.0
"{9EB1504E-FD95-4BCD-8E93-B4039F59C469}" = Sony Ericsson Media Manager 1.2
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A5222E5A-13CB-4C98-9F5C-21CF6896A25C}" = HPDeskjet5900Series
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A67C4EF9-725D-4C83-A67A-BB7B7DE96CF4}" = Sibelius 5 Demo
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Windows Live Sign-in Assistant
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = The Sims 2 HomeCrafter Plus
"{B34E4B72-37C6-4f79-A5B3-008EEFC6EA8B}" = PS_AIO_02_Software_min
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7E5D642-E74E-40a4-B5C7-6AB6EE916814}" = PS_AIO_02_ProductContext
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BAFFEF7F-08B3-45b3-B215-418175C4E9DD}" = c5200_Help
"{BC10649A-983B-494e-AD1F-DE0BF717D701}" = PS_AIO_02_Software
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C169D3BB-9A27-43F5-9979-09A0D65FE95C}" = SmartFTP Client
"{C23B8C30-E05E-4CB5-8188-F27CC3B2DD3E}" = Sibelius 5
"{C708333C-B1B9-43be-B797-49FEC7A8D15B}" = C5200
"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}" = Blaze Media Pro
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D1E03284-66FD-4292-8239-504CEC5B0CC3}" = C5200_doccd
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A}" = iPod for Windows 2005-10-12
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}" = Corel Paint Shop Pro Photo XI
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F5461615-8BA2-4C31-871F-259C0B184493}" = Arabic Calligrapher 1.1
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 4.5" = Acoustica Mixcraft 4.5
"Adobe Acrobat 5.0" = Adobe Acrobat 4.0, 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AIM Toolbar" = AIM Toolbar
"AIM_6" = AIM 6
"Aimersoft DVD Ripper_is1" = Aimersoft DVD Ripper(Build 1.1.10)
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"AOL Instant Messenger" = AOL Instant Messenger
"Apophysis 2.0" = Apophysis 2.0
"Ask Toolbar_is1" = Vuze Toolbar
"AskPBar Uninstall" = Ask Toolbar
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.7 (Unicode)
"Bink and Smacker" = Bink and Smacker
"Blaze Media Pro" = Blaze Media Pro
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CDex" = CDex extraction audio
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"CSCLIB" = Canon Camera Support Core Library
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"EOS Utility" = Canon Utilities EOS Utility
"ffdshow_is1" = ffdshow [rev 1685] [2007-12-06]
"File Renamer - Basic" = File Renamer - Basic
"Finale NotePad 2009" = Finale NotePad 2009
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"Homestead SiteBuilder" = Homestead SiteBuilder LPX
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photo & Imaging" = HP Image Zone 5.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"InstallShield_{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A}" = iPod for Windows 2005-10-12
"JAIELangPack" = Japanese Language Support
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 1.53
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Matroska Pack" = Matroska Pack
"McAfee Uninstall Utility" = McAfee Uninstaller
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"Mpeg2Decoder_is1" = Mpeg2Decoder 1.3
"mpegable DS" = mpegable DS decoder
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neuratron PhotoScore Lite" = Neuratron PhotoScore Lite
"NJStar Japanese WP" = NJStar Japanese WP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"ObjectDock" = ObjectDock
"ObjectDock Plus" = ObjectDock Plus
"PhotoStitch" = Canon Utilities PhotoStitch
"PROR" = Microsoft Office Professional 2007 Trial
"PROSet" = Intel® PRO Network Connections Drivers
"Protected Music Converter_is1" = Protected Music Converter 0.99.29b
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Sibelius Sounds Essentials" = Sibelius Sounds Essentials
"SimPE_is1" = SimPE 0.68 (alpha)
"SmartFTP Client 2.5 Setup Files" = SmartFTP Client 2.5 Setup Files (remove only)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpeedUpMyPC_is1" = Uniblue SpeedUpMyPC 3
"Spyware Terminator_is1" = Spyware Terminator
"Teleport Pro" = Teleport Pro
"The Rosetta Stone" = The Rosetta Stone
"ToolBox" = NCH Toolbox
"Transcribe!_is1" = Transcribe! 7.51
"Trillian" = Trillian
"TwelveKeys" = TwelveKeys Music Transcription Software
"Update Service" = Update Service
"Veoh Web Player Beta" = Veoh Web Player Beta
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6
"Vuze" = Vuze
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"WinAce Archiver" = WinAce Archiver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Your_Deploy_0" = Your Freedom 20090218-01
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 4/12/2009 11:45:44 AM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/12/2009 12:48:05 PM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/12/2009 12:48:13 PM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/13/2009 2:04:24 AM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/13/2009 2:07:23 AM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1000
Description = Faulting application MsMpEng.exe, version 1.1.1593.0, faulting module
mpengine.dll, version 1.1.4502.0, fault address 0x003cedff.
Error - 4/13/2009 11:27:45 PM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1000
Description = Faulting application spybotsd.exe, version 1.6.2.46, faulting module
spybotsd.exe, version 1.6.2.46, fault address 0x002e5bb0.
Error - 4/13/2009 11:28:00 PM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1000
Description = Faulting application spybotsd.exe, version 1.6.2.46, faulting module
spybotsd.exe, version 1.6.2.46, fault address 0x002e5bb0.
Error - 4/13/2009 11:28:08 PM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1001
Description = Fault bucket 1126636898.
Error - 4/14/2009 1:55:02 AM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/14/2009 1:57:28 AM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1000
Description = Faulting application MsMpEng.exe, version 1.1.1593.0, faulting module
mpengine.dll, version 1.1.4502.0, fault address 0x003cedff.
[ Application Events ]
Error - 4/12/2009 11:45:44 AM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/12/2009 12:48:05 PM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/12/2009 12:48:13 PM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/13/2009 2:04:24 AM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/13/2009 2:07:23 AM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1000
Description = Faulting application MsMpEng.exe, version 1.1.1593.0, faulting module
mpengine.dll, version 1.1.4502.0, fault address 0x003cedff.
Error - 4/13/2009 11:27:45 PM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1000
Description = Faulting application spybotsd.exe, version 1.6.2.46, faulting module
spybotsd.exe, version 1.6.2.46, fault address 0x002e5bb0.
Error - 4/13/2009 11:28:00 PM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1000
Description = Faulting application spybotsd.exe, version 1.6.2.46, faulting module
spybotsd.exe, version 1.6.2.46, fault address 0x002e5bb0.
Error - 4/13/2009 11:28:08 PM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1001
Description = Fault bucket 1126636898.
Error - 4/14/2009 1:55:02 AM | Computer Name = TURCOTTESD1 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.
Error - 4/14/2009 1:57:28 AM | Computer Name = TURCOTTESD1 | Source = Application Error | ID = 1000
Description = Faulting application MsMpEng.exe, version 1.1.1593.0, faulting module
mpengine.dll, version 1.1.4502.0, fault address 0x003cedff.
[ System Events ]
Error - 4/13/2009 2:04:02 AM | Computer Name = TURCOTTESD1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 4/13/2009 2:04:02 AM | Computer Name = TURCOTTESD1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 4/13/2009 2:07:19 AM | Computer Name = TURCOTTESD1 | Source = WinDefend | ID = 5008
Description = %%827 engine has been terminated due to an unexpected error. Failure
Type: %%830 Exception code: 0xc0000005 Resource: driver:at84zy5d
Error - 4/13/2009 2:12:25 AM | Computer Name = TURCOTTESD1 | Source = Service Control Manager | ID = 7031
Description = The Windows Defender service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 15000 milliseconds:
Restart the service.
Error - 4/13/2009 3:49:29 AM | Computer Name = TURCOTTESD1 | Source = ipnathlp | ID = 31008
Description = The DNS proxy agent was unable to read the local list of name-resolution
servers
from the registry. The data is the error code.
Error - 4/13/2009 9:49:29 AM | Computer Name = TURCOTTESD1 | Source = ipnathlp | ID = 31008
Description = The DNS proxy agent was unable to read the local list of name-resolution
servers
from the registry. The data is the error code.
Error - 4/14/2009 1:55:01 AM | Computer Name = TURCOTTESD1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 4/14/2009 1:55:01 AM | Computer Name = TURCOTTESD1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 4/14/2009 1:57:21 AM | Computer Name = TURCOTTESD1 | Source = WinDefend | ID = 5008
Description = %%827 engine has been terminated due to an unexpected error. Failure
Type: %%830 Exception code: 0xc0000005 Resource: driver:at84zy5d
Error - 4/14/2009 2:02:33 AM | Computer Name = TURCOTTESD1 | Source = Service Control Manager | ID = 7031
Description = The Windows Defender service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 15000 milliseconds:
Restart the service.
< End of report >