I have Eset nod 32 and it always comes up with this trojan. No idea how to get rid of it:
05/24/2009 7:11:59 PM Startup scanner operating memory Operating memory Win32/Rootkit.Agent.ODG trojan unable to clean
My system is probably heavily infected with other things as well. Any help would be greatly appreciated!
Here is my OTListIt2 Log:
OTListIt logfile created on: 05/24/2009 11:58:36 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Program Files\Opera\profile\cache4\temporary_download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy
1023.48 Mb Total Physical Memory | 472.75 Mb Available Physical Memory | 46.19% Memory free
2.40 Gb Paging File | 1.76 Gb Available in Paging File | 73.19% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 18.49 Gb Free Space | 7.94% Space Free | Partition Type: NTFS
Drive D: | 585.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MOLINKEL18
Current User Name: Robo
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\lxctcoms.exe ( )
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - c:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)
PRC - C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe ()
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Lexmark 5400 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\InetCntrl\InetCntrl.exe (Bsafe Online, Inc.)
PRC - C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
PRC - C:\program files\steam\steam.exe (Valve Corporation)
PRC - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
PRC - C:\Program Files\Belkin\F5D9050\Belkinwcui.exe (Belkin)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE (Logitech Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - c:\program Files\ThunMail\testabd.exe ()
PRC - C:\Program Files\Winamp\winamp.exe (Nullsoft)
PRC - C:\Program Files\Opera\Opera.exe (Opera Software)
PRC - C:\Program Files\Opera\profile\cache4\temporary_download\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (Adobe LM Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (ccEvtMgr [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (CLCapSvc [Auto | Running]) -- C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLCapSvc.exe ()
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLSched [Auto | Running]) -- C:\Program Files\ATI\Catalyst Media Center\Kernel\TV\CLSched.exe ()
SRV - (CyberLink Media Library Service [Auto | Running]) -- C:\Program Files\ATI\Catalyst Media Center\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (DefWatch [Auto | Running]) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)
SRV - (EhttpSrv [On_Demand | Stopped]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn [Auto | Running]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Stopped]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (lxct_device [Auto | Running]) -- C:\WINDOWS\system32\lxctcoms.exe ( )
SRV - (MSSQL$SONY_MEDIAMGR [On_Demand | Stopped]) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SavRoam [On_Demand | Stopped]) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)
SRV - (SNDSrvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (SPBBCSvc [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR [On_Demand | Stopped]) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (StyleXPService [Auto | Running]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
SRV - (Symantec AntiVirus [On_Demand | Stopped]) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ZuneBusEnum [Auto | Running]) -- c:\WINDOWS\system32\ZuneBusEnum.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc [On_Demand | Stopped]) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc [On_Demand | Stopped]) -- c:\WINDOWS\system32\ZuneWlanCfgSvc.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (61883 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\61883.sys (Microsoft Corporation)
DRV - (ACCSKMD [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\accskmd.sys (Canon Inc)
DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (AmdK8 [System | Running]) -- C:\WINDOWS\system32\DRIVERS\AmdK8.sys (Advanced Micro Devices)
DRV - (ATI Remote Wonder II [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ATIRWVD.SYS (Jungo)
DRV - (ATICXCAP [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aticxcap.sys (ATI Technologies, Inc.)
DRV - (ATICXTUN [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aticxtun.sys (ATI Technologies, Inc.)
DRV - (ATICXXBR [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aticxxbr.sys (ATI Technologies, Inc.)
DRV - (Avc [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\avc.sys (Microsoft Corporation)
DRV - (bsofrwl [System | Running]) -- C:\WINDOWS\System32\drivers\bsofrwl.sys (NT Kernel Resources)
DRV - (d347bus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (d347prt [Boot | Running]) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (dtscsi [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\dtscsi.sys (DT Soft Ltd.)
DRV - (eamon [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\eamon.sys (ESET)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (ehdrv [System | Running]) -- C:\WINDOWS\system32\DRIVERS\ehdrv.sys (ESET)
DRV - (epfwtdir [System | Running]) -- C:\WINDOWS\system32\DRIVERS\epfwtdir.sys (ESET)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (imagedrv [Boot | Running]) -- C:\WINDOWS\System32\Drivers\imagedrv.sys (Ahead Software AG)
DRV - (imagesrv [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys (Ahead Software AG)
DRV - (L8042Kbd [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys (Logitech, Inc.)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (LHidKe [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LHidKE.Sys (Logitech, Inc.)
DRV - (LHidUsbK [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\LHidUsbK.Sys (Logitech, Inc.)
DRV - (LMouKE [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\LMouKE.Sys (Logitech, Inc.)
DRV - (MSDV [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\msdv.sys (Microsoft Corporation)
DRV - (NAVENG [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070506.018\naveng.sys (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070506.018\navex15.sys (Symantec Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (nvata [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (nvatabus [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (nvcchflt [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\nvcchflt.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (rt2500usb [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\rt2500usb.sys (Ralink Technology Inc.)
DRV - (RT73 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\rt73.sys (Ralink Technology, Corp.)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SAVRT [System | Running]) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)
DRV - (SAVRTPEL [System | Running]) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SPBBCDrv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (StyleXPHelper [System | Running]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe (Windows ® 2000 DDK provider)
DRV - (SymEvent [On_Demand | Running]) -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (WinDriver6 [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\windrvr6.sys (Jungo)
DRV - (zumbus [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\zumbus.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://restech.baylor.edu
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Update_Check_Page = http://www.microsoft...mp;Ar=ie5update
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: {8B034454-2EB3-4652-8F7C-2BA54516F6E7}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6
FF - HKLM\software\mozilla\Firefox\extensions\\{8B034454-2EB3-4652-8F7C-2BA54516F6E7}: C:\DOCUMENTS AND SETTINGS\ROBO\LOCAL SETTINGS\APPLICATION DATA\{8B034454-2EB3-4652-8F7C-2BA54516F6E7} [2009/01/24 20:28:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/20 00:05:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/05/09 23:52:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/17 16:06:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/17 16:06:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2009/03/04 17:56:06 | 00,000,000 | ---D | M]
[2009/03/30 15:21:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robo\Application Data\mozilla\Extensions
[2009/02/14 13:29:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robo\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/30 15:21:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robo\Application Data\mozilla\Extensions\[email protected]
[2009/05/06 21:47:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robo\Application Data\mozilla\Firefox\Profiles\cprstxae.default\extensions
[2006/09/20 16:41:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robo\Application Data\mozilla\Firefox\Profiles\cprstxae.default\extensions\{d5ea4520-61a1-11da-8cd6-0800200c9a66}(2)
[2006/10/16 19:13:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robo\Application Data\mozilla\Firefox\Profiles\cprstxae.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/02/07 06:06:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Robo\Application Data\mozilla\Firefox\Profiles\cprstxae.default\extensions\[email protected]
[2009/05/06 21:47:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/15 16:03:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/04/22 21:31:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/07/19 08:30:10 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/19 00:13:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/18 23:27:10 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008/07/19 12:27:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/20 00:05:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/05/03 03:23:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/15 16:03:09 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/15 16:03:09 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/15 16:03:26 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/15 16:03:26 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/15 16:03:26 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/15 16:03:26 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/15 16:03:26 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/15 16:03:26 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/15 16:03:26 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (783 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll ()
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bsecure Popup Blocker) - {E0019445-4C1F-414D-A70E-AD80F231C584} - C:\WINDOWS\system32\InetCntrl\PopupKil\BsafeBHO.dll (Bsecure Technologies, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Bsecure Popup Blocker) - {E0019445-4C1F-414D-A70E-AD80F231C584} - C:\WINDOWS\system32\InetCntrl\PopupKil\BsafeBHO.dll (Bsecure Technologies, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice (ESET)
O4 - HKLM..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe" (Lexmark International Inc.)
O4 - HKLM..\Run: [InetCntrl] C:\WINDOWS\system32\InetCntrl\InetCntrl.exe (Bsafe Online, Inc.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 (Lexmark International Inc.)
O4 - HKLM..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe" ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" (Nero AG)
O4 - HKCU..\Run: [Steam] "c:\program files\steam\steam.exe" -silent (Valve Corporation)
O4 - HKCU..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide ()
O4 - HKCU..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Belkin Wireless Client Utility.lnk = C:\Program Files\Belkin\F5D9050\Belkinwcui.exe (Belkin)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Back = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Forward = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Stop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Refresh = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Search = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_History = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Favorites = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Media = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Folders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_MailNews = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Size = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Discussions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_PrintPreview = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnforceShellExtensionSecurity = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetConnectDisconnect = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinterTabs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll (Picasa, Inc.)
O9 - Extra 'Tools' menuitem : Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll (Picasa, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - File not found
O15 - HKLM\..Trusted Domains: baylor.edu ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: baylor.edu ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([bearspace] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([bearweb] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([bigdog] http in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([bigdog] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([burs4] http in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([burs4] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([business] * in Local intranet)
O15 - HKLM\..Trusted Domains: baylor.edu ([casey] * in Local intranet)
O15 - HKLM\..Trusted Domains: baylor.edu ([fs-exchange] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([iheat] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([its01] http in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([its01] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([mail] http in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([my] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([pay] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([psoftwt] http in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([psoftwt] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([raymond] http in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([raymond] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([restech] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([rmsweb] http in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([rmsweb] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([webcenter] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([www] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([www1] https in Trusted sites)
O15 - HKLM\..Trusted Domains: baylor.edu ([www3] https in Trusted sites)
O15 - HKLM\..Trusted Domains: blank ([]about in Local intranet)
O15 - HKLM\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKLM\..Trusted Domains: microsoft.com ([v4.windowsupdate] http in Trusted sites)
O15 - HKLM\..Trusted Domains: microsoft.com ([v5.windowsupdate] http in Trusted sites)
O15 - HKLM\..Trusted Domains: microsoft.com ([v6.windowsupdate] http in Trusted sites)
O15 - HKLM\..Trusted Domains: yahoo.com ([launch] http in Trusted sites)
O15 - HKLM\..Trusted Domains: yahoo.com ([music] http in Trusted sites)
O15 - HKLM\..Trusted Domains: 26 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: baylor.edu ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: baylor.edu ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([bearspace] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([bearweb] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([bigdog] http in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([bigdog] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([burs4] http in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([burs4] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([business] * in Local intranet)
O15 - HKCU\..Trusted Domains: baylor.edu ([casey] * in Local intranet)
O15 - HKCU\..Trusted Domains: baylor.edu ([fs-exchange] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([iheat] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([its01] http in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([its01] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([mail] http in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([my] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([pay] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([psoftwt] http in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([psoftwt] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([raymond] http in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([raymond] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([restech] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([rmsweb] http in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([rmsweb] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([webcenter] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([www1] https in Trusted sites)
O15 - HKCU\..Trusted Domains: baylor.edu ([www3] https in Trusted sites)
O15 - HKCU\..Trusted Domains: blank ([]about in Local intranet)
O15 - HKCU\..Trusted Domains: microsoft.com ([go] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([v4.windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([v5.windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([v6.windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([WindowsUpdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([launch] http in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([music] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {594ECDD4-A991-4208-A7B7-00DDAD9BE328} http://media.labs.li.../Photosynth.cab (Photosynth Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1241926261265 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1206835957593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{8276024B-E17F-4D1C-9F09-5C8CFD318966}\\NameServer = 24.93.41.125,24.93.41.126
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (gjfvyr.dll) - File not found
O20 - AppInit_DLLs: (gybxad.dll) - File not found
O20 - AppInit_DLLs: (zhbmxx.dll) - File not found
O20 - AppInit_DLLs: (zshdzg.dll) - File not found
O20 - AppInit_DLLs: (iqurey.dll) - File not found
O20 - AppInit_DLLs: (hnzpdi.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~1\ThunMail\testabd.dll) - c:\Program Files\ThunMail\testabd.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Program) - File not found
O20 - HKLM Winlogon: UIHost - (Files\TGTSoft\StyleXP\Logon\CurrentLogon.EXE) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\byXRJYsS) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/08 03:21:34 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/08/23 09:00:00 | 00,000,110 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{034c5178-f691-11da-9875-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{034c5178-f691-11da-9875-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{034c5178-f691-11da-9875-806d6172696f}\Shell\AutoRun\command - "" = D:\autorun.exe -- File not found
O33 - MountPoints2\{71fafb48-f73f-11da-873f-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{71fafb48-f73f-11da-873f-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{71fafb48-f73f-11da-873f-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe -- [2004/08/03 19:56:48 | 01,314,816 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/11 05:10:25 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\hekiwuke
[2009/05/24 19:36:03 | 00,000,136 | ---- | C] () -- C:\WINDOWS\System32\vp_setup.exe.bat
[2009/05/24 19:36:02 | 00,000,000 | RHSD | C] -- C:\Program Files\ThunMail
[2009/05/24 19:36:01 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\vp_setup.exe
[2009/05/24 19:20:56 | 00,000,055 | ---- | C] () -- C:\WINDOWS\System32\ahtn.htm
[2009/05/24 19:20:52 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\loader49.exe
[2009/05/24 19:05:36 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\service-466.exe
[2009/05/18 21:09:06 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\lmn_setup.exe
[2009/05/18 09:11:49 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\glsetup.exe
[2009/05/17 10:23:19 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\ak1.exe
[2009/05/14 08:44:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2009/05/14 08:43:21 | 07,314,944 | ---- | C] (Babylon) -- C:\WINDOWS\System32\8241_2.exe
[2009/05/10 22:40:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Robo\Application Data\Windows Search
[2009/05/10 18:02:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2009/05/10 18:02:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Robo\Application Data\Windows Desktop Search
[2009/05/10 18:02:19 | 00,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/05/10 18:02:04 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/05/10 18:01:21 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2009/05/10 18:01:21 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2009/05/10 18:01:21 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2009/05/10 00:21:17 | 00,201,050 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2009/05/10 00:18:40 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/05/09 23:58:07 | 00,000,256 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/05/09 23:58:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2009/05/09 23:50:40 | 00,000,000 | ---D | C] -- C:\43d3ee19edbf7af216cdb580
[2009/05/09 23:50:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/05/09 23:27:14 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/05/09 23:26:22 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/05/09 23:26:12 | 01,106,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/05/09 23:26:08 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/05/09 23:26:04 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/05/09 23:25:50 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/05/09 23:25:24 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/05/09 23:25:20 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/05/09 23:01:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/05/09 23:01:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/05/09 23:01:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/05/09 23:01:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/05/09 22:58:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009/05/09 22:54:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009/05/09 22:48:19 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/05/09 22:48:04 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/05/09 22:46:52 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/05/09 22:35:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/05/09 22:32:45 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/05/06 21:48:03 | 00,184,320 | ---- | C] (Bsafe Online, Inc.) -- C:\WINDOWS\System32\InetCntrl0013.dll
[2009/05/06 21:48:02 | 00,029,024 | ---- | C] (NT Kernel Resources) -- C:\WINDOWS\System32\drivers\bsofrwl.sys
[2009/05/06 21:48:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\InetCntrl
[2009/05/06 21:43:46 | 02,352,424 | ---- | C] () -- C:\Documents and Settings\Robo\Desktop\Bsecure.exe
[2009/04/25 16:28:50 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2009/03/26 00:14:44 | 00,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/03/18 14:52:19 | 00,000,526 | ---- | C] () -- C:\WINDOWS\alelepixox.dll
[2009/03/18 11:38:19 | 00,000,526 | ---- | C] () -- C:\WINDOWS\ewovubeqo.dll
[2009/03/18 10:46:12 | 00,000,526 | ---- | C] () -- C:\WINDOWS\eyitewotevigul.dll
[2009/03/18 10:36:19 | 00,000,526 | ---- | C] () -- C:\WINDOWS\ejebenudajug.dll
[2009/03/17 17:10:50 | 01,051,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/03/07 20:54:50 | 00,002,713 | -HS- | C] () -- C:\WINDOWS\System32\senilizo.dll
[2009/02/28 11:32:47 | 00,000,032 | ---- | C] () -- C:\WINDOWS\System32\work.ini
[2009/02/28 11:32:41 | 00,000,228 | ---- | C] () -- C:\WINDOWS\System32\hgset.ini
[2009/02/28 07:32:09 | 00,000,197 | ---- | C] () -- C:\WINDOWS\System32\xcchit32.ini
[2009/02/28 07:31:35 | 00,000,615 | ---- | C] () -- C:\WINDOWS\xccwinsys.ini
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/19 02:20:50 | 00,000,511 | ---- | C] () -- C:\WINDOWS\Fantastic Flame Screensaver.ini
[2007/08/19 14:04:40 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxctvs.dll
[2007/08/19 14:04:37 | 00,331,776 | ---- | C] () -- C:\WINDOWS\System32\lxctcoin.dll
[2007/08/19 14:04:15 | 00,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxctdrs.dll
[2007/08/19 14:04:15 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxctcaps.dll
[2007/08/19 14:04:15 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxctcnv4.dll
[2007/08/19 14:03:32 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lxctpmon.dll
[2007/08/19 14:03:32 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXCTFXPU.DLL
[2007/08/19 13:41:14 | 00,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCTinst.dll
[2007/08/19 13:41:12 | 00,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctinpa.dll
[2007/08/19 13:41:12 | 00,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXCThcp.dll
[2007/08/19 13:41:11 | 00,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctiesc.dll
[2007/08/19 13:41:10 | 01,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctserv.dll
[2007/08/19 13:41:10 | 00,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctusb1.dll
[2007/08/19 13:41:09 | 00,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctpmui.dll
[2007/08/19 13:41:09 | 00,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctlmpm.dll
[2007/08/19 13:41:09 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctprox.dll
[2007/08/19 13:41:09 | 00,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctpplc.dll
[2007/08/19 13:41:07 | 00,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcthbn3.dll
[2007/08/19 13:41:07 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\lxctgrd.dll
[2007/08/19 13:41:05 | 00,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcomm.dll
[2007/08/19 13:41:04 | 00,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxctcomc.dll
[2007/07/31 16:44:22 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/07/31 16:44:22 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/07/26 18:03:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/06/16 01:11:02 | 00,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2007/06/16 01:11:02 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2007/06/07 10:46:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PolarClock v2.ini
[2007/04/22 19:15:29 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/02/21 22:35:10 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/12/09 20:49:20 | 00,237,568 | ---- | C] () -- C:\WINDOWS\glut32.dll
[2006/10/26 20:00:20 | 00,000,092 | ---- | C] () -- C:\WINDOWS\Vstudio.INI
[2006/10/26 19:58:57 | 00,000,026 | ---- | C] () -- C:\WINDOWS\dswplug.ini
[2006/10/26 19:57:16 | 00,001,173 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2006/10/26 19:57:16 | 00,000,040 | ---- | C] () -- C:\WINDOWS\Msdevctl.ini
[2006/10/25 01:05:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/08/28 22:17:35 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/08/24 16:31:42 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/22 22:51:48 | 00,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2006/08/14 15:27:10 | 00,000,022 | ---- | C] () -- C:\WINDOWS\WB.ini
[2006/08/14 15:12:05 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\wbload.dll
[2006/07/26 22:59:35 | 00,643,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006/07/26 22:59:35 | 00,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd7149.sys
[2006/06/18 02:32:38 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/06/18 02:32:38 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/06/18 02:32:38 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/06/18 02:32:38 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/06/18 02:32:38 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/06/18 02:32:38 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/06/18 02:32:32 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2006/06/18 01:58:08 | 00,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2006/06/13 19:41:11 | 00,290,918 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2006/06/11 21:05:45 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/06/08 17:33:37 | 00,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006/02/14 00:05:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/02/14 00:05:00 | 01,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/02/14 00:05:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/02/14 00:05:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/02/14 00:05:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/02/14 00:05:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/02/05 15:46:00 | 00,004,608 | ---- | C] () -- C:\WINDOWS\fgexec.dll
[2004/08/22 17:04:56 | 00,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 09:00:00 | 00,000,679 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 09:00:00 | 00,000,246 | ---- | C] () -- C:\WINDOWS\system.ini
[1998/07/17 00:13:06 | 00,107,008 | ---- | C] () -- C:\WINDOWS\System32\SWBBack.DLL
[1995/10/21 10:37:52 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\INETWH32.DLL
[1995/10/21 10:37:52 | 00,035,328 | ---- | C] () -- C:\WINDOWS\INETWH32.DLL
========== Files - Modified Within 30 Days ==========
[1 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/24 21:21:30 | 00,024,576 | ---- | M] () -- C:\WINDOWS\System32\lmn_setup.exe
[2009/05/24 21:21:28 | 00,028,672 | ---- | M] () -- C:\WINDOWS\System32\service-466.exe
[2009/05/24 19:36:03 | 00,000,136 | ---- | M] () -- C:\WINDOWS\System32\vp_setup.exe.bat
[2009/05/24 19:36:02 | 00,061,440 | ---- | M] () -- C:\WINDOWS\System32\vp_setup.exe
[2009/05/24 19:20:56 | 00,019,968 | ---- | M] () -- C:\WINDOWS\System32\loader49.exe
[2009/05/24 19:20:56 | 00,000,055 | ---- | M] () -- C:\WINDOWS\System32\ahtn.htm
[2009/05/24 19:09:19 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/05/24 19:05:04 | 00,194,517 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/05/24 19:03:53 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/24 19:02:40 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Robo\Local Settings\desktop.ini
[2009/05/24 19:02:03 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/18 09:12:20 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\glsetup.exe
[2009/05/17 12:23:31 | 00,020,480 | ---- | M] () -- C:\WINDOWS\System32\ak1.exe
[2009/05/15 16:16:34 | 00,000,045 | ---- | M] () -- C:\TEST.XML
[2009/05/14 08:44:41 | 07,314,944 | ---- | M] (Babylon) -- C:\WINDOWS\System32\8241_2.exe
[2009/05/10 18:03:48 | 00,000,256 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/05/10 18:02:41 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/05/10 18:02:19 | 00,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2009/05/10 18:02:16 | 00,576,526 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/10 18:02:16 | 00,484,816 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/10 18:02:16 | 00,087,602 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/10 00:01:08 | 00,300,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/09 23:12:30 | 00,096,384 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd7149.sys
[2009/05/09 22:57:19 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/05/06 21:43:56 | 02,352,424 | ---- | M] () -- C:\Documents and Settings\Robo\Desktop\Bsecure.exe
[2009/04/30 13:12:56 | 00,000,511 | ---- | M] () -- C:\WINDOWS\Fantastic Flame Screensaver.ini
< End of report >
Also here is the extras log:
OTListIt Extras logfile created on: 05/24/2009 11:58:36 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Program Files\Opera\profile\cache4\temporary_download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy
1023.48 Mb Total Physical Memory | 472.75 Mb Available Physical Memory | 46.19% Memory free
2.40 Gb Paging File | 1.76 Gb Available in Paging File | 73.19% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 18.49 Gb Free Space | 7.94% Space Free | Partition Type: NTFS
Drive D: | 585.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MOLINKEL18
Current User Name: Robo
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"EnableFirewall" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser (Opera Software)
C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\WINDOWS\system32\lxctcoms.exe:*:Enabled:Lexmark Communications System ( )
C:\Program Files\Steam\Steam.exe:*:Enabled:Steam (Valve Corporation)
C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer (Microsoft Corporation)
C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console (Microsoft Corporation)
C:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Disabled:WinDVD (InterVideo Inc.)
C:\Program Files\Steam\steamapps\robototobor\counter-strike source\hl2.exe:*:Enabled:hl2 ()
C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger (America Online, Inc.)
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)
C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh (iMesh, Inc)
C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek ()
C:\WINDOWS\system32\drivers\svchost.exe:*:Disabled:svchost File not found
C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC (mIRC Co. Ltd.)
C:\WINDOWS\Config\services.exe File not found
C:\Documents and Settings\Robo\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player (Octoshape ApS)
C:\Program Files\TGTSoft\StyleXP\Logon\CurrentLogon.EXE:*:Enabled:CurrentLogon ()
C:\WINDOWS\TEMPchMiB.exe:*:Enabled:Windows Time Synchronization File not found
C:\WINDOWS\TEMPmSrv.exe:*:Enabled:Windows Time Synchronization File not found
C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe ()
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\WINDOWS\system32\InetCntrl\InetCntrl.exe:*:Disabled:Bsecure Internet Protection Services - Application (Bsafe Online, Inc.)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2: Deluxe Edition
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{10C69612-017B-45F5-B986-7D113D5A2EA3}" = MSN Toolbar
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2236B741-6631-49AE-B76E-3E14CA01CC87}" = RemoteCapture Task
"{22AA6B16-C6D2-4378-A700-AB6E48501F0A}" = Futuremark SystemInfo
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}" = MobileMe Control Panel
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Catalyst Media Center
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 13
"{27113CA3-36B8-48AB-A419-79CF1FC0ECED}" = Ulead VideoStudio 5.0 DV
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33CFCF98-F8D6-4549-B469-6F4295676D83}" = Symantec AntiVirus
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{4E772839-504E-4E02-B374-EB042039F26B}" = Hafl Life Collector Edition PC
"{503D6E3E-1A48-44F5-BB7C-EB3B593FAED0}" = Opera 9.27
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{5FCE0BF9-A1AA-4FA3-A28C-F62431CD52C4}" = Sony Vegas 6.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{70B96CD0-FDF2-489E-8FA0-0F92ED599368}" = Opera 9.50
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{775EA80D-E368-4310-97B6-3D47EB9BB3F1}" = Opera 9.52
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8318FEFD-F467-44D6-82B8-129374BFE9B1}" = Opera 9.62
"{85F4CBCB-9BBC-4B50-A7D8-E1106771498D}" = Orca
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8F36E44A-E6E7-41B7-B6F6-4637BF84EFA5}" = ATI Remote Wonder
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90885A82-9673-49EA-AB39-AF776639C67C}" = InterVideo WinDVD 7
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91710409-8000-11D3-8CFE-0150048383C9}" = Microsoft Application Error Reporting
"{92271486-E286-4CF1-AE6D-F889F83CBF84}" = Opera 9.61
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{993A352A-2957-4661-A1EF-2D8F6F3C9234}" = Belkin Wireless G Plus MIMO USB Network Adapter
"{A29EA741-24F7-4C07-9B2C-06CB6491BE4A}" = Camera Window
"{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}" = Opera 9.64
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA2DC6BC-F088-46DD-994B-07F6C5A32EC1}" = Post-it® Digital Notes
"{AB85A4DB-357F-41B5-94A6-C9A4CBBD791B}" = DV Network Software
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}" = Canon PhotoRecord
"{C05E2D43-A05F-4835-A15C-CD0AD1576506}" = PhotoStitch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
"{C589B6DE-F7BF-4E22-8524-53E115EF6AB4}" = Sony Media Manager 2.0
"{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO
"{C93369CB-B4E9-E095-9289-E6B5AE941033}" = Nero 7 Demo
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CDF97135-7FD2-4289-96B8-DD4505267ACD}" = ESET NOD32 Antivirus
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0C04904-ED13-4DB3-ACCA-A41079EBA23C}" = Opera 9.60
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN Card
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FAF0DAD8-1EA7-4FEF-80E5-8D8D6EBD5A23}" = RAW Image Task
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC4F90EC-B1DA-11D9-9D77-000129760D75}" = Catalyst Media Center DVD Authoring Module
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"Ad-Aware" = Ad-Aware
"Ad-Aware SE Professional" = Ad-Aware SE Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM_6" = AIM 6
"Alarm Clock_is1" = Alarm Clock v1.00
"All ATI Software" = ATI - Software Uninstall Utility
"AOL Instant Messenger" = AOL Instant Messenger
"ASIO4ALL" = ASIO4ALL
"Collab" = Collab
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"DirectVobSub" = DirectVobSub (remove only)
"ElectricSheep" = ElectricSheep 2.6.6
"eMule" = eMule
"Exact Audio Copy" = Exact Audio Copy 0.95b3
"Fantastic Flame Screensaver" = Fantastic Flame Screensaver
"ffdshow_is1" = ffdshow [rev 1381] [2007-07-29]
"FL Studio 7" = FL Studio 7
"FLVPlayer" = FLV Player 1.3.3
"getPlus®_ocx" = getPlus®_ocx
"GIF Movie Gear_is1" = GIF Movie Gear 4.1.0
"Hide IP Platinum_is1" = Hide IP Platinum 2.61
"HighGrow Freeware Version 4.20" = HighGrow Freeware Version 4.20
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IL Download Manager" = IL Download Manager
"iMesh" = iMesh
"iMesh MediaBar" = MediaBar 2.0
"InetCntrl" = Bsecure Internet Protection Services 5.3
"InstallShield_{2236B741-6631-49AE-B76E-3E14CA01CC87}" = Canon RemoteCapture Task for ZoomBrowser EX
"InstallShield_{8F36E44A-E6E7-41B7-B6F6-4637BF84EFA5}" = ATI Remote Wonder 3.04
"InstallShield_{993A352A-2957-4661-A1EF-2D8F6F3C9234}" = Belkin Wireless G Plus MIMO USB Network Adapter
"InstallShield_{A29EA741-24F7-4C07-9B2C-06CB6491BE4A}" = Canon Camera Window for ZoomBrowser EX
"InstallShield_{AB85A4DB-357F-41B5-94A6-C9A4CBBD791B}" = DV Network Software
"InstallShield_{C05E2D43-A05F-4835-A15C-CD0AD1576506}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO
"InstallShield_{FAF0DAD8-1EA7-4FEF-80E5-8D8D6EBD5A23}" = Canon RAW Image Task for ZoomBrowser EX
"InterActual Player" = InterActual Player
"Lexmark 5400 Series" = Lexmark 5400 Series
"LimeWire" = LimeWire 5.1.2
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"MySpaceIM" = MySpaceIM
"Nero Burning Rom Screensaver" = Nero Burning Rom Screensaver
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenPandora" = OpenPandora 0.6.8
"PicasaNet" = Hello (remove only)
"Plasma Pong_is1" = Plasma Pong v1.2
"PodPlus_is1" = PodPlus 1.0.5.0
"PolarClock v2_is1" = PolarClock v2
"pzizz" = pzizz
"pzizzEnergizerModule" = pzizz Energizer Module
"pzizzSleepModule" = pzizz Sleep Module
"ResTech_Configuration_Utility_7.21" = Residential Technology Configuration Utility 7.21
"SecondLife" = SecondLife (remove only)
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SopCast" = SopCast 2.0.4
"Soulseek" = SoulSeek Client 156c
"ST6UNST #1" = The Groomer's Write Hand
"Steam" = Steam
"StyleXP" = StyleXP (remove only)
"Unlocker" = Unlocker 1.8.3
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"vis_milk.dllWinamp" = MilkDrop for Winamp 2x (remove only)
"VLC media player" = VideoLAN VLC media player 0.8.6b
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Zune" = Zune
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"uTorrent" = µTorrent
"Words That Follow" = Words That Follow
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 05/10/2009 12:46:29 PM | Computer Name = MOLINKEL18 | Source = Application Error | ID = 1000
Description = Faulting application ZuneBusEnum.exe, version 2.5.447.0, faulting
module unknown, version 0.0.0.0, fault address 0x1001172f.
Error - 05/10/2009 1:04:25 PM | Computer Name = MOLINKEL18 | Source = Application Error | ID = 1000
Description = Faulting application ZuneBusEnum.exe, version 2.5.447.0, faulting
module unknown, version 0.0.0.0, fault address 0x1001172f.
Error - 05/10/2009 6:47:33 PM | Computer Name = MOLINKEL18 | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, faulting module datacache.dll,
version 0.0.0.0, fault address 0x0000b423.
Error - 05/10/2009 6:51:00 PM | Computer Name = MOLINKEL18 | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, faulting module datacache.dll,
version 0.0.0.0, fault address 0x0000b423.
Error - 05/10/2009 6:54:24 PM | Computer Name = MOLINKEL18 | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, faulting module datacache.dll,
version 0.0.0.0, fault address 0x0000b423.
Error - 05/10/2009 7:02:44 PM | Computer Name = MOLINKEL18 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Windows Application,
SystemIndex Catalog
Error - 05/14/2009 12:45:00 AM | Computer Name = MOLINKEL18 | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, faulting module , version
0.0.0.0, fault address 0x00000000.
Error - 05/16/2009 1:20:22 AM | Computer Name = MOLINKEL18 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module ntdll.dll, version 5.1.2600.5512, fault address 0x00025652.
Error - 05/17/2009 1:25:02 AM | Computer Name = MOLINKEL18 | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, faulting module studiorender.dll,
version 0.0.0.0, fault address 0x0003198a.
Error - 05/18/2009 8:19:13 PM | Computer Name = MOLINKEL18 | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, faulting module datacache.dll,
version 0.0.0.0, fault address 0x0000b423.
[ System Events ]
Error - 05/17/2009 10:09:21 PM | Computer Name = MOLINKEL18 | Source = Service Control Manager | ID = 7001
Description = The Apple Mobile Device service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31
Error - 05/17/2009 10:09:21 PM | Computer Name = MOLINKEL18 | Source = Service Control Manager | ID = 7001
Description = The Bonjour Service service depends on the TCP/IP Protocol Driver
service which failed to start because of the following error: %%31
Error - 05/17/2009 10:09:21 PM | Computer Name = MOLINKEL18 | Source = Service Control Manager | ID = 7001
Description = The IPSEC Services service depends on the IPSEC driver service which
failed to start because of the following error: %%31
Error - 05/17/2009 10:09:21 PM | Computer Name = MOLINKEL18 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD AmdK8 bsofrwl eeCtrl ehdrv epfwtdir Fips i8042prt IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss
SASDIFSV
SASKUTIL
SAVRT
SAVRTPEL
StyleXPHelper
SYMTDI
Tcpip
WS2IFSL
Error - 05/17/2009 10:10:08 PM | Computer Name = MOLINKEL18 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 05/17/2009 10:10:17 PM | Computer Name = MOLINKEL18 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 05/17/2009 11:49:53 PM | Computer Name = MOLINKEL18 | Source = Service Control Manager | ID = 7031
Description = The DCOM Server Process Launcher service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Reboot the machine.
Error - 05/18/2009 12:00:49 AM | Computer Name = MOLINKEL18 | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.
Error - 05/19/2009 11:58:41 PM | Computer Name = MOLINKEL18 | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.
Error - 05/24/2009 8:14:00 PM | Computer Name = MOLINKEL18 | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.
< End of report >
Thanks
Sign In
Create Account
