[sloppypa]

I was being sent to othehr sites in google, i cleaned up using all removal tools that were suggested, but i still have something going on. I cant run cmd or regedit. I was able to run them but it is intermittent. I am not really sure if i am 100% clean. My website was alsohit with Badware. gumblar.cn. So i am not sure where that came from either

Here are my logs:
Malwarebytes:
Malwarebytes' Anti-Malware 1.33
Database version: 1725
Windows 5.1.2600 Service Pack 3

5/17/2009 7:53:43 AM
mbam-log-2009-05-17 (07-53-43).txt

Scan type: Quick Scan
Objects scanned: 64593
Time elapsed: 5 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

OLt Extras
OTListIt Extras logfile created on: 5/17/2009 9:27:06 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = H:\mydocuments\applications
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 65.82% Memory free
3.35 Gb Paging File | 2.72 Gb Available in Paging File | 81.10% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 8.52 Gb Free Space | 5.72% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 232.88 Gb Total Space | 55.60 Gb Free Space | 23.88% Space Free | Partition Type: NTFS
Drive G: | 596.02 Gb Total Space | 489.92 Gb Free Space | 82.20% Space Free | Partition Type: FAT32
Drive H: | 232.88 Gb Total Space | 15.19 Gb Free Space | 6.52% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive N: | 232.88 Gb Total Space | 178.35 Gb Free Space | 76.58% Space Free | Partition Type: NTFS

Computer Name: JOE
Current User Name: Joe S
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] --
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"2190:UDP" = 2190:UDP:*:Enabled:HMO
"8081:TCP" = 8081:TCP:*:Enabled:HMO
"5353:UDP" = 5353:UDP:LocalSubNet:Enabled:mDNS-SD/Bonjour
"7288:TCP" = 7288:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7288
"7289:TCP" = 7289:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7289
"7290:TCP" = 7290:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7290
"7291:TCP" = 7291:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7291
"7292:TCP" = 7292:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7292
"7293:TCP" = 7293:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7293
"7294:TCP" = 7294:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7294
"7295:TCP" = 7295:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7295
"7296:TCP" = 7296:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7296
"7297:TCP" = 7297:TCP:LocalSubNet:Enabled:TiVo HME Host: Port 7297

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Symantec\pcAnywhere\AWHOST32.EXE:*:Disabled:pcAnywhere Host Service (Symantec Corporation)
C:\Program Files\Symantec\pcAnywhere\awrem32.exe:*:Disabled:pcAnywhere Remote Service (Symantec Corporation)
C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 ()
C:\Program Files\Sierra\FEAR\FEAR.exe:*:Enabled:FEAR (Monolith Productions, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe:*:Enabled:Sid Meier's Railroads! (Firaxis Games, Inc)
C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent ()
C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice (Microsoft Corporation)
C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2 ()
C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2 Dedicated Server ()
C:\Program Files\SkillGround\Games\UTG\Main.exe:*:Enabled:UTG ()
C:\Program Files\Intuit\QuickBooks 2008\QBDBMgrN.exe:*:Enabled:QuickBooks 2008 Data Manager (iAnywhere Solutions, Inc.)
C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 (Crytek GmbH)
C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 (Crytek GmbH)
C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA ()
C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB ()
C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™ ()
C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe:*:Enabled:Dreamweaver 8 (Macromedia, Inc.)
C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax (Intuit, Inc.)
C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager (Intuit, Inc.)
C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup (Nero AG)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2 (Ubisoft Entertainment)
C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater (Ubisoft)
C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor (Ubisoft Entertainment)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server (Intuit Inc.)
C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget (FlashGet.com)
C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty® - World at War™ (Activision Blizzard, Inc.)
C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War™ (Activision Blizzard, Inc.)
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe:LocalSubNet:Enabled:TiVo Transfer Service (TiVo Inc.)
C:\Program Files\TiVo\Desktop\TiVoServer.exe:LocalSubNet:Enabled:TiVo Server Service (TiVo Inc.)
C:\Program Files\TiVo\Desktop\TiVoDesktop.exe:LocalSubNet:Enabled:TiVo Desktop User Interface (TiVo Inc.)
C:\Program Files\TiVo\Desktop\curl.exe:LocalSubNet:Enabled:TiVo Curl Service ()
C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server (Microsoft Corporation)
C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool (Microsoft Corporation)
C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary (Sun Microsystems, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis®
"{0054395C-D609-45A7-8C9F-9E18871D945C}" = Sesame Street Toddler Game CD
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam™
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2™
"{04AA1207-D8C6-45DC-A96D-48358EBE09F3}" = PSShortcuts
"{06E3E953-0570-4DFF-A7B5-46114C390228}" =
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{0B095086-7205-4D48-90DF-DCD16613C6D4}" =
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}" =
"{0E900196-D879-4905-0098-B3BCECF72AB9}" = NASCAR SimRacing
"{103BCDA0-E063-46AC-8028-64E78722ABA7}" =
"{119DC298-6496-4C0A-B899-8BF8972FEA87}" = Sonic Direct-To-Disc
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13CB71B3-A8D4-4C46-91EF-4EF22C30D25B}" = PS7700
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War™ 1.3 Patch
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1CE59656-4104-44AA-00BF-D2546C7EA497}" = Tiger Woods PGA TOUR 06
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}" = The Godfather™ The Game
"{1DB2FBA5-D57A-42A7-8E87-5B3EEBED8283}" = Wal-Mart Music Downloads Store
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}" =
"{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"{20ED157B-1A84-4DF7-945E-4951A38A9CBA}" = iPod Reset Utility
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Studio Deluxe Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24198A51-CBB9-43DB-9280-D58E825E1415}" = GALIDOR™ - Defenders of the Outer Dimension
"{25E6EB3A-F696-41AB-96B6-D76ECE6446BF}" =
"{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}" =
"{26792CA7-D87A-4DBE-896B-C2F66B344511}" = Sonic CinePlayer
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 13
"{274EAD3A-6036-46AB-BE36-70690BD6E445}" = Hot Wheels™ Velocity X
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War™ 1.2 Patch
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{303379C9-8610-4CCF-AF37-C4BF8998C591}" = Roxio Media Manager
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.1
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{32903944-19A2-418C-901D-4BBAF4C55ABA}" =
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{37CB1C81-3A6C-45C8-9321-01C2CD5ED5CC}" = Buzz Lightyear of Star Command
"{3B0F52AC-EF5C-4831-B221-06C782E41280}" = Quicken 2008
"{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{411C452C-7F92-405E-B9A0-EA6BD3C4A630}" = Mickey Mouse Preschool
"{44267176-A318-447F-A62A-0A5FD608C34F}" =
"{44E1DE63-C8FA-4C70-B4AA-0C49A947ACDE}" = Sid Meier's Railroads!
"{496DB87F-2D95-4924-8AE9-7DC6EFE0C081}" = Scratch LIVE 1.8.3 (18302)
"{4B9535BF-CC90-4158-AF32-CAF57A8820CA}" = Macromedia Contribute 3.11
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}" = Macromedia Fireworks 8
"{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}" =
"{4E839090-3B68-436A-B3CF-A2A08C38DD26}" = TiVo Desktop 2.7
"{4F2F3E0C-2025-4F5E-9583-AB8CD5AA88A6}" =
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{565BF9E2-A2FD-4F93-B015-A732F179B5D3}" = Company of Heroes Pre-Release Single-Player Beta
"{569A9538-86EC-44C3-8EE4-C68B165F2A75}" =
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" =
"{578FA426-47C0-4A3F-98A4-01ACD26B7556}" = LEGO Star Wars II
"{582876EC-A178-44D4-9823-C10D6C62EAFF}" =
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5C1DA723-24FC-48AD-93BA-925695C3EF26}" = Logitech Gaming Software
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}" =
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{5F87EF36-A373-11D5-AA2E-0008C760B784}" = Monsters Jr
"{6164D2E7-986B-42F5-B3A6-64D5E53FB889}" = Delta Force Black Hawk Down Team Sabre
"{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}" =
"{637099FB-45FD-4BC7-9651-6FB540DBB749}" = Sonic Backup MyPC
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{65134A38-8BA5-495D-A3DC-CE1DEDB92947}" = TomTom HOME
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{66BCC50C-22D9-4927-9251-27FA88A32214}" =
"{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}" = Call of Duty® 4 - Modern Warfare™ Demo
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A136B9A-1895-436F-83F8-30D9C68BB6EA}" = Rhapsody Player Engine
"{6BF90A01-FA3F-42B9-A071-7D744409967E}" =
"{6D392417-9089-4DAF-BBF1-04D068B0EB7E}" = BlackBerry Device Software v4.5.0 for the BlackBerry 8130 smartphone
"{70af630e-2e1b-470f-b600-9ae48f0b94d0}.sdb" = Disney Interactive Compatibility Update May 2002
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73919E2B-725C-4FAA-8473-45E063A3575F}" =
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{767ECF6F-2344-4103-0091-44584B70D7CA}" = Madden NFL 06
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}" =
"{7B5D7474-999D-4FEE-891C-995B0B4FFE9B}" = Hot Rod Garage to Glory
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7E820A0C-8CD6-44A2-9963-A243B224CDB4}" = TurboTax 2008 wpaiper
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{836612F0-1571-4C65-A4B7-58A39AA578EE}" =
"{84F573D3-0F71-4768-978A-D35310E3FBA6}" =
"{8681B1E6-CD96-46EF-9065-CE0D1085ED99}" = Star Wars JK II Jedi Outcast
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{897CA0D9-948F-4E5B-A20E-535E1060D3E6}" = MyDVD-VR Recorder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}" =
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B026740-A400-48FF-8F6B-B37C4F61C937}" =
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8ECB8220-F422-4BEB-9596-97033C533702}" = QuickBooks Pro 2008
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FE54D21-8254-4CCF-AEE0-066496AE43F4}" = Delta Force - Black Hawk Down
"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{923CAE62-30C9-425E-B4ED-F5E9C09C5C4A}" = TurboTax 2008 wnjiper
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9744AE38-1CC6-414F-96CE-0643AEE30A9B}" =
"{9794F6AD-AD2F-4BDB-00BA-09E270237604}" = FIFA 07
"{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}" =
"{9CD45D58-821F-4EEC-A2CF-2D18C849A6CC}" = Spider-Man and Friends Superhero Adventure
"{9E54F486-CD4A-44A5-B041-16D4E1E56A53}" =
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War™ 1.4 Patch
"{A14F7508-B784-40B8-B11A-E0E2EEB7229F}" = Adobe Premiere Pro 1.5
"{A2104078-AAA5-449E-95DD-55C9443A1033}" = Nero 7 Essentials
"{A4513A7E-CF21-44D2-0082-E6498D9D70D4}" = NBA LIVE 06
"{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04
"{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}" =
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0.8
"{AC76BA86-7AD7-5464-3428-7050000000A7}" = Adobe Reader 7.0.5 Language Support
"{AE5C1C5B-664A-4855-85DF-9699E08D187D}" = Earobics Step 1 Home
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{AF131494-F5D8-45C5-938C-D5F020CF1B0D}" = Tom Clancy's Rainbow Six 3: Raven Shield
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B20EB9BE-3795-47BA-BDD6-889593E8FD55}" =
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B3076A28-345A-4d89-90A3-B68866C0DFB8}" = eFax Messenger 4.3
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B5AF6143-E738-4768-A5E6-C07C68A464A4}" =
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}" =
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes
"{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}" = Tom Clancy's Splinter Cell Chaos Theory
"{BAE20F4A-96D7-4D96-966F-41D7E87786E0}" = Philips PSS Device Manager
"{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}" =
"{BDAC64EB-F3CF-47EC-AB54-42D3BD3A8633}" = Winnie the Pooh Preschool
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C05E8183-866A-11D3-97DF-0000F8D8F2E9}" = Symantec pcAnywhere
"{C229589D-CC1A-43FF-9507-CDED3AB85325}" =
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{C6FCE47C-70E0-4480-BC2B-28DF47D4494C}" = Adobe® Flash® Media Encoder
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB99E420-8071-48F9-9567-4A53BE7569C4}" =
"{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life® 2
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" =
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D793A12F-E362-48BB-B332-1DA5E936B52D}" = BlackBerry Desktop Software 4.3
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™
"{D8A544F4-AC5F-4B67-9C74-F3E976798797}" =
"{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{DAAC5938-8026-4D0C-A476-D1954917B7F5}" =
"{DAFCC5EF-E4D0-47EF-8E4B-168B3644A1E3}" = Garmin City Navigator North America NT 2009 Update
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DD3F5BF0-ADC8-4143-9859-1062CEB04413}" = Disney's Extremely Goofy Skateboarding
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E7E254C0-94AA-4B33-AF6D-5276A169A680}" = TONKA Search & Rescue 2
"{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EA05CC60-8148-4B0D-A763-C0483A8FFFC8}" = YouSendIt Plug-in for Outlook
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}" = Sid Meier's Railroads!
"{EEDB23C9-50AB-4D25-B327-EE4FCDAE265F}" = Stanley Wild for Sharks
"{EFE26D3B-2789-4068-A5BB-77E389FAEB98}" = PSUsage
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6970FBD-809A-4C51-BAB3-D94A04C6C8E7}" = Garmin Communicator Plugin
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"3DGroove" = OTOY
"3DMIDI" =
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2007
"AddressBook" =
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}" =
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" =
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Audacity_is1" = Audacity 1.2.3
"AudioCS" = Creative Audio Control Panel
"AudioPlugin.dll" =
"AviSynth" = AviSynth 2.5
"BitTorrent" = BitTorrent 5.0.6
"BlackBerry_{D793A12F-E362-48BB-B332-1DA5E936B52D}" = BlackBerry Desktop Software 4.3
"Branding" =
"BrothersInArmsEiB" = Brothers In Arms EiB
"Call of Duty" = Call of Duty
"C-Media PCI Sound" = Diamond Xtreme Audio
"Connection Manager" =
"CopyNow.dll" =
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Create and Draw in Elmo's World™" = Create and Draw in Elmo's World™
"Creative Audio CD Ripper" =
"Creative Audio Creation Mode Console" =
"Creative Audio Device Selection" =
"Creative Auto Tag Cleaner" =
"Creative Console Launcher Component" =
"Creative Entertainment Mode Console" =
"Creative Game Mode Console" =
"Creative Import Wizard" =
"Creative Media Toolbox" = Creative Media Toolbox
"Creative MediaSource" =
"Creative MediaSource CD-ROM Burner Plugin" =
"Creative MediaSource Detector" =
"Creative MediaSource DVD-Audio Player" =
"Creative MediaSource Go!" =
"Creative MediaSource MiniDisc Plugin" =
"Creative MediaSource Player Skin Pack" =
"Creative Music Store Plugin" =
"Creative RemoteCenter" =
"Creative Speaker Connection Wizard" =
"Creative Sync Manager" =
"Creative Volume Panel" =
"Creative WaveStudio" =
"D2DPlugin.dll" =
"DataPlugin.dll" =
"Diagnostics 4_5" =
"DirectAnimation" =
"DirectDrawEx" =
"Disney Toontown Online" = Disney Toontown Online
"Disney's Toontown Online" = Disney's Toontown Online
"dlatray.exe" =
"Download Manager" = Download Manager 2.3.6
"Driver Cleaner" = Driver Cleaner 3
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"DTSNeo6 Settings" =
"DXM_Runtime" =
"ERUNT_is1" = ERUNT 1.1j
"FlashGet" = FlashGet 1.9.6.1073
"Fontcore" =
"Google Updater" = Google Updater
"ICW" =
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IE40" =
"IE4Data" =
"IE5BAKEX" =
"ie7" = Windows Internet Explorer 7
"IEData" =
"InstallShield Uninstall Information" =
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War™ 1.3 Patch
"InstallShield_{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB}" = iPod for Windows 2006-03-23
"InstallShield_{274EAD3A-6036-46AB-BE36-70690BD6E445}" = Hot Wheels™ Velocity X
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War™ 1.2 Patch
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"InstallShield_{578FA426-47C0-4A3F-98A4-01ACD26B7556}" = LEGO Star Wars II
"InstallShield_{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}" = Call of Duty® 4 - Modern Warfare™ Demo
"InstallShield_{897CA0D9-948F-4E5B-A20E-535E1060D3E6}" = Sonic MyDVD-VR
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War™ 1.4 Patch
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"InstallShield_{BAE20F4A-96D7-4D96-966F-41D7E87786E0}" = Philips PSS Device Manager
"InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"InstallShield_{E702BEC4-C843-41B1-ADCA-B920412AB4F5}" =
"InstallShield_{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars
"InstallShield_{EA05CC60-8148-4B0D-A763-C0483A8FFFC8}" = YouSendIt Plug-in for Outlook
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"JDSecure" = JD Secure 3.1
"legacyqcam_10.50" = Logitech Legacy USB Camera Driver Package
"LEGOLANDDeInstKey" = LEGOLAND
"LiveReg" = LiveReg (Symantec Corporation)
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Math Blaster 1st Grade" = Math Blaster 1st Grade
"Measurement Services Client" = Futuremark Measurement Services Client
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft NetShow Player 2.0" =
"MobileOptionPack" =
"Mode Switcher" =
"Move Networks Player_is1" = Move Networks Player for Internet Explorer
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI30a-KB884016" =
"MSI30-Beta1" =
"MSI30-Beta2" =
"MSI30-KB884016" =
"MSI30-RC1" =
"MSI30-RC2" =
"MSI31-Beta" =
"MSI31-RC1" =
"MSN Music Assistant" = MSN Music Assistant
"NetMeeting" =
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"On Screen Display" =
"OpenAL" = OpenAL
"OutlookExpress" =
"PartyPoker" = PartyPoker
"PCHealth" =
"PCI Audio Driver" = PCI Audio Driver
"Plaxo" = Plaxo Toolbar for Windows
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 6.0" = RealPlayer
"RecordNow.exe" =
"Ringling Bros. - Frankie Goes to the Circus" = Ringling Bros. - Frankie Goes to the Circus
"SBEWIN32.EXE" =
"SchedulingAgent" =
"SFBM" =
"Shockwave" =
"SkillGround" = SkillGround Game Manager
"Smart Recorder" =
"Sound Blaster X-Fi" =
"Sound Blaster X-Fi Windows Drivers" =
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"The Weather Channel Toolbar" = The Weather Channel Toolbar
"Thomas & Friends - Trouble on the Tracks" = Thomas & Friends - Trouble on the Tracks
"THX_Console" =
"TiVo Desktop 2.7" = TiVo Desktop 2.7
"TS2CC" = Toy Story 2 Cone Chaos
"TurboTax 2008" = TurboTax 2008
"TurboTax Deluxe 2005" = TurboTax Deluxe 2005
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"Vienna SoundFont Studio" =
"Virtools3DLifePlayer" = Virtools 3D Life Player
"VLC media player" = VideoLAN VLC media player 0.8.4a
"VPON Live Video ActiveX Control" = VPON Live Video ActiveX Control
"Wdf01000" =
"Wdf01001" =
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"WinAce Archiver" = WinAce Archiver
"WinAVI iPod" =
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMCSetup" =
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X-Fi Splash" =
"Xfire" = Xfire (remove only)
"Zuma Deluxe RA" = Zuma Deluxe RA

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting/GoToWebinar 3.0.0.198
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/17/2009 7:55:28 AM | Computer Name = JOE | Source = Application Error | ID = 1000
Description = Faulting application tfswctrl.exe, version 1.4.8.0, faulting module
unknown, version 0.0.0.0, fault address 0x01058fd0.

Error - 5/17/2009 7:55:29 AM | Computer Name = JOE | Source = Application Error | ID = 1000
Description = Faulting application ctdetect.exe, version 3.0.2.0, faulting module
unknown, version 0.0.0.0, fault address 0x00db8fd0.

Error - 5/17/2009 7:55:29 AM | Computer Name = JOE | Source = Application Error | ID = 1000
Description = Faulting application isuspm.exe, version 6.0.100.65101, faulting module
unknown, version 0.0.0.0, fault address 0x10078fd0.

Error - 5/17/2009 7:59:29 AM | Computer Name = JOE | Source = Application Error | ID = 1000
Description = Faulting application ctdetect.exe, version 3.0.2.0, faulting module
unknown, version 0.0.0.0, fault address 0x00db8ac0.

Error - 5/17/2009 7:59:38 AM | Computer Name = JOE | Source = Application Error | ID = 1000
Description = Faulting application tivonotify.exe, version 1.2.323.86, faulting
module unknown, version 0.0.0.0, fault address 0x010e8fd0.

Error - 5/17/2009 7:59:41 AM | Computer Name = JOE | Source = Application Error | ID = 1000
Description = Faulting application ctdetect.exe, version 3.0.2.0, faulting module
unknown, version 0.0.0.0, fault address 0x00db8ac0.

Error - 5/17/2009 7:59:41 AM | Computer Name = JOE | Source = Application Error | ID = 1000
Description = Faulting application tivonotify.exe, version 1.2.323.86, faulting
module unknown, version 0.0.0.0, fault address 0x010e8fd0.

Error - 5/17/2009 8:00:06 AM | Computer Name = JOE | Source = Application Error | ID = 1000
Description = Faulting application tivonotify.exe, version 1.2.323.86, faulting
module kernel32.dll, version 5.1.2600.5781, fault address 0x0000df3c.

Error - 5/17/2009 7:22:21 PM | Computer Name = JOE | Source = Windows Search Service | ID = 3079
Description = Notifications for the volume f:\ are not active. Context: Windows
Application Details: The device is not ready. (0x80070015)

Error - 5/17/2009 9:12:29 PM | Computer Name = JOE | Source = nview_info | ID = 11141121
Description =

[ System Events ]
Error - 5/14/2009 6:53:39 PM | Computer Name = JOE | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{804DCCC1-537D-4548-A17A-BD1A093BA9E8}. The
backup browser is stopping.

Error - 5/14/2009 8:24:27 PM | Computer Name = JOE | Source = Service Control Manager | ID = 7000
Description = The BDVEDISK service failed to start due to the following error: %%2

Error - 5/14/2009 8:27:10 PM | Computer Name = JOE | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{804DCCC1-537D-4548-A17A-BD1A093BA9E8}. The
backup browser is stopping.

Error - 5/14/2009 9:18:28 PM | Computer Name = JOE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 5/14/2009 9:18:28 PM | Computer Name = JOE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 5/14/2009 9:18:40 PM | Computer Name = JOE | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{804DCCC1-537D-4548-A17A-BD1A093BA9E8}
because another computer on the network has the same name. The server could not
start.

Error - 5/15/2009 9:18:30 AM | Computer Name = JOE | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.6 for the Network Card with network
address 00111129EC0E has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 5/15/2009 8:44:16 PM | Computer Name = JOE | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 5/17/2009 7:54:22 AM | Computer Name = JOE | Source = Service Control Manager | ID = 7034
Description = The Process Monitor service terminated unexpectedly. It has done
this 1 time(s).

Error - 5/17/2009 10:13:46 AM | Computer Name = JOE | Source = Service Control Manager | ID = 7000
Description = The BDVEDISK service failed to start due to the following error: %%2


< End of report >

OTListIt logfile created on: 5/17/2009 9:27:06 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = H:\mydocuments\applications
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 65.82% Memory free
3.35 Gb Paging File | 2.72 Gb Available in Paging File | 81.10% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 8.52 Gb Free Space | 5.72% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 232.88 Gb Total Space | 55.60 Gb Free Space | 23.88% Space Free | Partition Type: NTFS
Drive G: | 596.02 Gb Total Space | 489.92 Gb Free Space | 82.20% Space Free | Partition Type: FAT32
Drive H: | 232.88 Gb Total Space | 15.19 Gb Free Space | 6.52% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive N: | 232.88 Gb Total Space | 178.35 Gb Free Space | 76.58% Space Free | Partition Type: NTFS

Computer Name: JOE
Current User Name: Joe S
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\CTsvcCDA.EXE (Creative Technology Ltd)
PRC - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\WINDOWS\system32\LxrJD31s.exe ()
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\PnkBstrA.exe ()
PRC - C:\WINDOWS\system32\PnkBstrB.exe ()
PRC - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
PRC - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
PRC - C:\WINDOWS\system32\UAService7.exe ()
PRC - C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\WINDOWS\System32\MsPMSPSv.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\Mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - C:\Program Files\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)
PRC - C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe (TiVo Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - H:\mydocuments\applications\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (awhost32 [Disabled | Stopped]) -- C:\Program Files\Symantec\pcAnywhere\awhost32.exe (Symantec Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Creative Audio Engine Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Creative Service for CDROM Access [Auto | Running]) -- C:\WINDOWS\system32\CTsvcCDA.EXE (Creative Technology Ltd)
SRV - (CTAudSvcService [Auto | Running]) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (IntuitUpdateService [Auto | Running]) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LBTServ [On_Demand | Stopped]) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (LVCOMSer [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (LVPrcSrv [Auto | Running]) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVSrvLauncher [Auto | Stopped]) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (lxbt_device [On_Demand | Stopped]) -- C:\WINDOWS\system32\lxbtcoms.exe (Lexmark International, Inc.)
SRV - (LxrJD31s [Auto | Running]) -- C:\WINDOWS\system32\LxrJD31s.exe ()
SRV - (MDM [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NMIndexingService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12 [On_Demand | Stopped]) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (PnkBstrA [Auto | Running]) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (PnkBstrB [Auto | Running]) -- C:\WINDOWS\system32\PnkBstrB.exe ()
SRV - (QBCFMonitorService [Auto | Running]) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (QBFCService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (Roxio UPnP Renderer 9 [On_Demand | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe (Sonic Solutions)
SRV - (Roxio Upnp Server 9 [On_Demand | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe (Sonic Solutions)
SRV - (RoxLiveShare9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (Sonic Solutions)
SRV - (RoxMediaDB9 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (RoxWatch9 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
SRV - (Symantec Core LC [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (UserAccess7 [Auto | Running]) -- C:\WINDOWS\system32\UAService7.exe ()
SRV - (WMDM PMSP Service [Auto | Running]) -- C:\WINDOWS\System32\MsPMSPSv.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (awlegacy [System | Running]) -- C:\WINDOWS\System32\Drivers\awlegacy.sys (Symantec Corporation)
DRV - (AW_HOST [System | Running]) -- C:\WINDOWS\system32\drivers\aw_host5.sys (Symantec Corporation)
DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (bvrp_pci [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\bvrp_pci.sys ()
DRV - (Cdr4_xp [System | Running]) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (Cdralw2k [System | Running]) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (cmpci [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc)
DRV - (cmuda3 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\cmudax3.sys (C-Media Inc)
DRV - (CT20XUT [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\CT20XUT.SYS (Creative Technology Ltd.)
DRV - (CT20XUT.SYS [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\CT20XUT.SYS (Creative Technology Ltd.)
DRV - (CTEXFIFX [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.)
DRV - (CTEXFIFX.SYS [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.)
DRV - (CTHWIUT [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\CTHWIUT.SYS (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\CTHWIUT.SYS (Creative Technology Ltd.)
DRV - (drvmcdb [Boot | Running]) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (drvnddm [Auto | Running]) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (ENTECH [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ENTECH.sys (EnTech Taiwan)
DRV - (gameenum [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (GcKernel [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\GcKernel.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (Gernuwa [Boot | Running]) -- C:\WINDOWS\System32\drivers\GERNUWA.SYS (Symantec Corporation)
DRV - (HIDSwvd [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys (Microsoft Corporation)
DRV - (HPZid412 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys (HP)
DRV - (IntelC51 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (IntelC52 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC53 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (L8042Kbd [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys (Logitech, Inc.)
DRV - (LHidFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LHidKe [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\LHidKE.Sys (Logitech, Inc.)
DRV - (LHidUsbK [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\LHidUsbK.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (LMouKE [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\LMouKE.Sys (Logitech, Inc.)
DRV - (LUsbFilt [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\LUsbFilt.Sys (Logitech, Inc.)
DRV - (LVcKap [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LVcKap.sys (Logitech Inc.)
DRV - (LVMVDrv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys (Logitech Inc.)
DRV - (LVPr2Mon [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys ()
DRV - (LVUSBSta [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LxrJD31d [Auto | Running]) -- C:\WINDOWS\system32\Drivers\LxrJD31d.sys ()
DRV - (MODEMCSA [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (mohfilt [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mohfilt.sys (Intel Corporation)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (OMCI [System | Running]) -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS (Dell Computer Corporation)
DRV - (pepifilter [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\lv302af.sys (Logitech Inc.)
DRV - (PID_PEPI [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LV302V32.SYS (Logitech Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (RimUsb [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\RimUsb.sys (Research In Motion Limited)
DRV - (RimVSerPort [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\RimSerial.sys (Research in Motion Ltd)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sfdrv01 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (sfsync02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sscdbhk5 [System | Running]) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (ssrtln [System | Running]) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (tfsnboio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsncofs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsndrct [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (tfsnifs [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsnopio [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsnudf [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnudfa [Auto | Running]) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (WinDriver6 [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\windrvr6.sys (Jungo)
DRV - (WmBEnum [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmFilter [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmVirHid [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmXlCore [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07076007
FF - prefs.js..extensions.enabledItems: {642BD07B-43AB-4157-921B-3E62B71AD39F}:1.8.2.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/17 08:49:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/28 19:55:38 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/28 19:55:38 | 00,000,000 | ---D | M]

[2008/07/21 09:08:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joe S\Application Data\mozilla\Extensions
[2008/07/21 09:08:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joe S\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/17 20:34:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joe S\Application Data\mozilla\Firefox\Profiles\4mcqj0vs.default\extensions
[2008/02/10 16:53:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joe S\Application Data\mozilla\Firefox\Profiles\4mcqj0vs.default\extensions\{642BD07B-43AB-4157-921B-3E62B71AD39F}
[2008/02/15 23:03:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Joe S\Application Data\mozilla\Firefox\Profiles\4mcqj0vs.default\extensions\[email protected]
[2009/05/17 20:34:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/28 19:55:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/03/22 08:37:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/07/20 09:04:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/17 08:49:39 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/13 23:42:07 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/28 19:55:34 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/28 19:55:34 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/10 02:46:30 | 00,049,664 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2009/03/08 08:15:36 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/08 08:15:36 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/03/08 08:15:36 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/08 08:15:36 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/03/08 08:15:36 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/03/08 08:15:36 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/08 08:15:36 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (TwcToolbarBhoApp Class) - {AA1F9DDB-E605-4ba6-81D4-E427DEE012AD} - C:\WINDOWS\system32\TwcToolbarBho.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (BHO Class) - {B0D3D090-CE97-4E3E-A388-CFD55B1F5E63} - Reg Error: Key error. File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" (Creative Technology Ltd.)
O4 - HKLM..\Run: [C-Media Mixer] Mixer.exe /startup File not found
O4 - HKLM..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" (Creative Technology Ltd)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" ()
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup (Creative Technology Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R (Creative Technology Ltd)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork (IGN Entertainment)
O4 - HKCU..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (Macrovision Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify (TiVo Inc.)
O4 - HKCU..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry (TiVo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm ()
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyds...DSL/tgctlcm.cab (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} https://www.plaxo.co...laxoInstall.cab (PlxInstall Class)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...p/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {0F733F27-5BBB-4D03-8D6B-19E2143880BF} http://www1.skillgro...SkillGround.cab (SkillGround Game Manager)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} http://psdnotes1.pen...a.us/iNotes.cab (iNotes Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane...C_2.3.6.108.cab (CDownloadCtrl Object)
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} http://zone.msn.com/...bGameLoader.cab (WebGameLoader Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.snapfish....fishActivia.cab (Snapfish Activia)
O16 - DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} http://www.blackberr...re/AxLoader.cab (AxLoaderPassword Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.3.cab (DLM Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4B48D5DF-9021-45F7-A240-60304302A215} http://download.micr.../WebCleaner.cab (Malicious Software Removal Tool)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg...l_v1-0-3-36.cab (EPUImageControl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1120444978437 (WUWebControl Class)
O16 - DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} http://151.204.184.13/ActiveView.cab (ActiveView Control)
O16 - DPF: {69F62FC3-3FEC-4073-BF33-5C64401C0E5D} http://151.204.184.13/ImageCalc.cab (ImageCalc Control)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1220846768015 (MUWebControl Class)
O16 - DPF: {71F8F25A-A792-11D5-A842-0050BF6C4E9E} http://www.flashback...l/AngelCalc.cab (Angelcalc.B612Calc)
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} http://mediaplayer.w...ler/install.cab (Reg Error: Key error.)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://atv.disney.go...y/OTOYAX29b.cab (Groove Control)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://sympatico.zon...mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} http://vsp.closetmai..._downloader.cab (Maid Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} http://echat.us.dell...t/TLIEFlash.CAB (TLIEFlashObj Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/...ro.cab34246.cab (ZoneIntro Class)
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} http://merillat.view...p/View22RTE.cab (View22RTE Class)
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} http://a.download.to...9.11/ttinst.cab (Toontown Installer ActiveX Control)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://gameadvisor.f...obal/msc311.cab (Measurement Services Client v.3.11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai...l/installer.exe (Virtools WebPlayer Class)
O16 - DPF: RGFCPlugin http://www.robotgala.../RGFCPlugin.CAB (Reg Error: Key error.)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\PCANotify: DllName - PCANotify.dll - C:\WINDOWS\system32\PCANotify.dll (Symantec Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/07/03 21:57:11 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/07 10:48:46 | 00,000,000 | ---D | M] - G:\autorun -- [ FAT32 ]
O33 - MountPoints2\{4bae2162-ddbe-11dc-9d70-00111129ec0e}\Shell\AutoRun\command - "" = G:\wd_windows_tools\WDEULA.exe -- File not found
O33 - MountPoints2\{6eae6c7f-ce0d-11dc-9d6b-00111129ec0e}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/14 20:20:32 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[10 C:\WINDOWS\*.tmp files]
[2009/05/17 21:22:51 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/05/17 07:54:13 | 00,000,000 | ---D | C] -- C:\deweebs.exe
[2009/05/13 17:11:55 | 00,000,000 | ---D | C] -- C:\Program Files\LEGO Media
[2009/05/13 17:11:46 | 00,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2009/05/13 16:44:32 | 00,000,000 | ---D | C] -- H:\mydocuments\Galidor
[2009/05/13 16:43:45 | 00,001,771 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\GALIDOR™ - Defenders of the Outer Dimension.lnk
[2009/05/13 16:39:52 | 00,000,000 | ---D | C] -- C:\Program Files\LEGO Interactive
[2009/05/11 13:39:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joe S\Local Settings\temp
[2009/05/11 13:19:05 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/05/11 13:19:02 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/05/11 13:18:58 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/05/11 13:17:00 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/05/11 13:17:00 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/05/11 13:17:00 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/05/11 13:17:00 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/05/11 13:17:00 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/05/11 13:17:00 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/05/11 13:17:00 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/05/11 13:17:00 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/05/11 13:16:43 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/11 13:12:48 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW.0.tmp
[2009/05/11 12:27:40 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/11 12:13:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/11 12:13:13 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/09 23:25:40 | 00,000,000 | ---D | C] -- H:\mydocuments\test
[2009/05/06 22:26:59 | 00,097,205 | ---- | C] () -- H:\mydocuments\full_101-101-4187low.jpg
[2009/05/06 22:25:21 | 00,058,502 | ---- | C] () -- H:\mydocuments\john-t-unger-great-bowl-o-fire-portable-fire-pit.jpg
[2009/05/06 22:24:16 | 00,318,455 | ---- | C] () -- H:\mydocuments\covert.jpg
[2009/05/04 22:45:43 | 00,027,136 | ---- | C] () -- H:\mydocuments\Loanmodrequest.doc
[2009/05/04 20:53:00 | 00,157,184 | ---- | C] () -- H:\mydocuments\GGP Resume 5-09.doc
[2009/05/04 10:43:52 | 00,000,000 | ---D | C] -- H:\mydocuments\Fizz
[2009/04/27 22:20:00 | 00,328,878 | ---- | C] () -- H:\mydocuments\backfromthebeach.jpg
[2009/04/25 00:36:22 | 00,010,727 | ---- | C] () -- H:\mydocuments\Group
[2009/04/19 19:48:33 | 00,000,000 | ---D | C] -- H:\mydocuments\Johnanotherdimension
[2009/04/19 19:46:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Joe S\Application Data\U3
[2009/04/15 08:43:42 | 00,000,066 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2009/04/15 08:43:08 | 00,001,480 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2009/04/15 08:43:05 | 00,002,267 | ---- | C] () -- C:\WINDOWS\cmudax3.ini
[2009/03/03 00:10:42 | 00,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2009/02/18 21:10:24 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\lxbthwdf.dll
[2009/02/18 21:10:24 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\lxbtcoin.dll
[2009/02/18 21:10:24 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\lxbtsnls.dll
[2009/02/18 21:10:24 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbtvs.dll
[2009/02/18 21:10:24 | 00,001,832 | ---- | C] () -- C:\WINDOWS\System32\lxbtprod.ini
[2008/12/12 23:37:27 | 00,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2008/10/08 00:41:40 | 00,002,560 | ---- | C] () -- C:\WINDOWS\System32\CtxfiRes.dll
[2008/10/08 00:41:40 | 00,002,560 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2008/06/11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/06/11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/06/11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/06/11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/06/11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/06/11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/06/11 10:02:32 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/06/11 10:02:32 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/06/11 10:02:32 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/06/05 09:58:26 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/04/23 18:34:48 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll
[2008/03/04 23:59:06 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/12/25 00:26:18 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/12/09 23:46:19 | 00,059,500 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/10/11 19:59:24 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/09/27 11:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/19 08:06:21 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2007/08/19 08:06:21 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2007/08/19 08:06:21 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2007/08/19 08:06:20 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2007/08/19 08:06:20 | 00,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2007/06/28 12:43:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/06/28 12:43:00 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/06/28 12:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/06/28 12:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/06/28 12:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/06/26 20:50:30 | 00,000,070 | ---- | C] () -- C:\WINDOWS\A729E19A.ini
[2006/12/30 16:26:00 | 00,000,058 | ---- | C] () -- C:\WINDOWS\cgela.ini
[2006/12/30 14:28:21 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2006/12/30 14:28:21 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2006/12/30 14:28:21 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2006/12/11 22:31:18 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\TwcToolbarIe7.dll
[2006/12/11 22:31:18 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\TwcToolbarBho.dll
[2006/09/15 06:48:31 | 00,000,400 | ---- | C] () -- C:\WINDOWS\ka.ini
[2006/08/25 17:30:05 | 00,000,204 | ---- | C] () -- C:\WINDOWS\ACTIVITY.INI
[2006/06/25 08:19:42 | 00,000,043 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2006/06/25 07:53:01 | 00,007,520 | ---- | C] () -- C:\WINDOWS\disney.ini
[2006/06/25 07:52:52 | 00,000,199 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2006/03/15 22:02:18 | 00,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2006/03/15 22:02:18 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2006/03/15 22:02:18 | 00,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2006/03/15 22:02:17 | 02,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2006/02/26 09:36:34 | 00,000,427 | ---- | C] () -- C:\WINDOWS\CTWave32.INI
[2006/02/25 22:26:43 | 00,000,152 | ---- | C] () -- C:\WINDOWS\CoolPlay.ini
[2006/02/25 02:18:29 | 00,000,029 | ---- | C] () -- C:\WINDOWS\sfbm.INI
[2006/01/12 17:09:14 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\DXFLib.dll
[2006/01/12 17:08:06 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\opcode.dll
[2005/11/12 10:22:45 | 00,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2005/09/04 21:36:13 | 00,185,344 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2005/08/09 18:13:31 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/08/09 18:13:31 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/08/09 18:12:28 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/07/31 22:44:04 | 00,000,819 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2005/07/31 11:50:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2005/07/31 11:50:32 | 00,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2005/07/31 11:50:32 | 00,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2005/07/31 11:50:32 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2005/07/04 00:41:46 | 00,000,766 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2005/07/03 23:50:51 | 00,000,165 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/07/03 23:20:36 | 00,000,026 | ---- | C] () -- C:\WINDOWS\UpdaterDVW58E.INI
[2005/07/03 23:13:52 | 00,000,321 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/07/03 22:55:08 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/07/03 22:31:46 | 00,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/07/03 22:10:04 | 00,004,272 | R--- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2005/06/27 13:33:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/06/11 11:47:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\fpprintmon.dll
[2005/06/07 09:10:50 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[2005/04/01 06:42:36 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\DvsNDKEx.dll
[2005/03/22 00:50:34 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\Audio.dll
[2005/01/13 00:03:46 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\TextOverlayEx.dll
[2004/10/15 05:10:00 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2004/08/03 17:30:56 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\decompress.dll
[2004/07/08 00:18:40 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\CreateAvi.dll
[2004/05/27 20:33:44 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\M4DecoderDll.dll
[2004/05/05 22:22:40 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\AudioACM.dll
[2003/10/02 02:00:00 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 02:00:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/07/16 16:51:23 | 00,000,797 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/07/16 16:47:28 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/13 18:14:16 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\netdecdll.dll
[2001/11/19 21:05:18 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[1998/08/16 05:00:00 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1997/10/24 15:56:36 | 00,000,643 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[1997/06/13 20:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[12 C:\WINDOWS\System32\*.tmp files]
[10 C:\WINDOWS\*.tmp files]
[2009/05/17 21:01:14 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/17 10:14:15 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/17 10:13:06 | 00,192,431 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/05/17 10:11:41 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Joe S\Local Settings\desktop.ini
[2009/05/17 10:11:20 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/17 08:00:06 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/17 07:11:13 | 00,001,848 | -H-- | M] () -- H:\mydocuments\Default.rdp
[2009/05/13 16:43:45 | 00,001,771 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\GALIDOR™ - Defenders of the Outer Dimension.lnk
[2009/05/13 06:18:52 | 00,002,187 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Safari.lnk
[2009/05/11 23:55:01 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/11 13:27:25 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/05/11 13:19:05 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/05/11 12:26:27 | 00,001,352 | ---- | M] () -- C:\WINDOWS\System\Cmicnfg3.ini
[2009/05/07 03:16:30 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/06 22:32:35 | 00,250,880 | -HS- | M] () -- H:\mydocuments\Thumbs.db
[2009/05/06 22:31:54 | 00,318,455 | ---- | M] () -- H:\mydocuments\covert.jpg
[2009/05/06 22:27:05 | 00,097,205 | ---- | M] () -- H:\mydocuments\full_101-101-4187low.jpg
[2009/05/06 22:25:21 | 00,058,502 | ---- | M] () -- H:\mydocuments\john-t-unger-great-bowl-o-fire-portable-fire-pit.jpg
[2009/05/04 22:45:43 | 00,027,136 | ---- | M] () -- H:\mydocuments\Loanmodrequest.doc
[2009/05/04 20:53:00 | 00,157,184 | ---- | M] () -- H:\mydocuments\GGP Resume 5-09.doc
[2009/05/01 15:36:46 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe
[2009/04/27 22:20:00 | 00,328,878 | ---- | M] () -- H:\mydocuments\backfromthebeach.jpg
[2009/04/25 00:36:22 | 00,010,727 | ---- | M] () -- H:\mydocuments\Group
[2009/04/20 12:56:28 | 00,031,232 | ---- | M] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/04/20 12:13:47 | 00,511,072 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/20 12:13:47 | 00,430,276 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/20 12:13:47 | 00,071,426 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/18 18:26:21 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/18 18:18:51 | 00,000,797 | ---- | M] () -- C:\WINDOWS\win.ini
< End of report >

ROOTER
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:152578 Mo/Free:534 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Fixed] - NTFS - (Total:238472 Mo/Free:3690 Mo)
G:\ [Fixed] - FAT32 - (Total:610328 Mo/Free:1962 Mo)
H:\ [Fixed] - NTFS - (Total:238472 Mo/Free:3271 Mo)
I:\ [Removable] (Total:0 Mo/Free:0 Mo)
J:\ [Removable] (Total:0 Mo/Free:0 Mo)
K:\ [Removable] (Total:0 Mo/Free:0 Mo)
L:\ [Removable] (Total:0 Mo/Free:0 Mo)
M:\ [Removable] (Total:0 Mo/Free:0 Mo)
N:\ [Fixed] - NTFS - (Total:238472 Mo/Free:2405 Mo)

Sun 05/17/2009|21:24

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
---------- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\system32\CTsvcCDA.EXE
---------- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
---------- C:\WINDOWS\system32\LxrJD31s.exe
---------- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
---------- C:\WINDOWS\system32\nvsvc32.exe
---------- C:\WINDOWS\system32\PnkBstrA.exe
---------- C:\WINDOWS\system32\PnkBstrB.exe
---------- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
---------- C:\WINDOWS\system32\dla\tfswctrl.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
---------- C:\WINDOWS\system32\UAService7.exe
---------- C:\WINDOWS\System32\vssvc.exe
---------- C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
---------- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
---------- C:\WINDOWS\System32\MsPMSPSv.exe
---------- C:\WINDOWS\system32\SearchIndexer.exe
---------- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
---------- C:\WINDOWS\system32\RUNDLL32.EXE
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\WINDOWS\Mixer.exe
---------- C:\WINDOWS\system32\rundll32.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
---------- C:\Program Files\TiVo\Desktop\TiVoNotify.exe
---------- C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
---------- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
---------- C:\WINDOWS\system32\wscntfy.exe
---------- C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
---------- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
---------- C:\WINDOWS\system32\SearchProtocolHost.exe
---------- C:\WINDOWS\system32\SearchFilterHost.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\ALLUSE~1\Documents\My Games\[PC Game] Zuma deluxe FULL Game + Crack (GREAT solitaire game).zip
C:\DOCUME~1\ALLUSE~1\Documents\My Games\[PC Game] Zuma deluxe FULL Game + Crack (GREAT solitaire game)\Readme 1st.txt
C:\DOCUME~1\ALLUSE~1\Documents\My Games\[PC Game] Zuma deluxe FULL Game + Crack (GREAT solitaire game)\Zuma Deluxe Setup.exe
C:\DOCUME~1\ALLUSE~1\Documents\My Games\[PC Game] Zuma deluxe FULL Game + Crack (GREAT solitaire game)\Zuma Deluxe! v1.0 (crack).exe


1 - "C:\Rooter$\Rooter_1.txt" - Mon 05/11/2009|13:40
2 - "C:\Rooter$\Rooter_2.txt" - Sun 05/17/2009|21:24

----------------------\\ Scan completed at 21:24

Edited by sloppypa, 17 May 2009 - 07:38 PM.