Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google Redirect with logs gore + OTL


  • Please log in to reply

#1
kylejh123

kylejh123

    New Member

  • Member
  • Pip
  • 1 posts
Hi I have a problem with the google redirect please help!!

GooredFix v1.92 by jpshortstuff
Log created at 15:06 on 02/06/2009 running Option #1 (kyle)
Firefox version [Unable to determine]

=====Suspect Goored Entries=====

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\Program Files\Real\RealPlayer\browserrecord"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"[email protected]"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files\McAfee\SiteAdvisor"

OTL logfile created on: 6/2/2009 3:08:05 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Local Settings\Temporary Internet Files\Content.IE5\TCYX6BHO
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 70.57% Memory free
3.33 Gb Paging File | 2.85 Gb Available in Paging File | 85.45% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.47 Gb Total Space | 45.22 Gb Free Space | 60.72% Space Free | Partition Type: NTFS
Drive D: | 306.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PIMPOLOG-B2F539
Current User Name: kyle
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdxserv.exe (Lexmark International, Inc.)
PRC - C:\WINDOWS\system32\lxdxcoms.exe ( )
PRC - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - c:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe ()
PRC - C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe ()
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\NETGEAR\WG111T\wlan111t.exe (NETGEAR)
PRC - C:\Program Files\NETGEAR\WPN111\wpn111.exe (NETGEAR)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\RegCure\RegCure.exe ()
PRC - C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\Quick Search Box\qsb.exe (Google Inc.)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Local Settings\Temporary Internet Files\Content.IE5\TCYX6BHO\OTL[1].exe (OldTimer Tools)
PRC - C:\WINDOWS\system\CmSNXeye.exe ()

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (lxdxCATSCustConnectService [Auto | Running]) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe ()
SRV - (lxdx_device [Auto | Running]) -- C:\WINDOWS\system32\lxdxcoms.exe ( )
SRV - (McAfee SiteAdvisor Service [Auto | Running]) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (mcmscsvc [Auto | Running]) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McNASvc [Auto | Running]) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (McODS [On_Demand | Stopped]) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McProxy [Auto | Running]) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McShield [Unknown | Running]) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon [On_Demand | Running]) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (MpfService [Auto | Running]) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (YahooAUService [Auto | Running]) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (AR5523 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\WG11TND5.sys (NETGEAR, Inc.)
DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (cercsr6 [Boot | Stopped]) -- C:\WINDOWS\System32\drivers\cercsr6.sys (Adaptec, Inc.)
DRV - (cmudau [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\cmudaxu.sys (C-Media Inc)
DRV - (DNINDIS5 [On_Demand | Running]) -- C:\WINDOWS\system32\DNINDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Corporation)
DRV - (MDC8021X [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (mfeavfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfebopk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfehidk [System | Running]) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mferkdk [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (mfesmfk [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (MPFP [System | Running]) -- C:\WINDOWS\System32\Drivers\Mpfp.sys (McAfee, Inc.)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (WPN111 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\WPN111.sys (NETGEAR, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...amp;rlz=1I7ADBF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://espn.go.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2009/05/29 21:12:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/31 23:17:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/05/08 00:22:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/05/26 18:06:58 | 00,000,000 | ---D | M]

[2009/05/26 18:49:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/01/16 18:43:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2008/10/16 00:18:12 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/05/08 00:23:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/05 18:08:04 | 00,049,664 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s ()
O4 - HKLM..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\qsb.exe" /autorun (Google Inc.)
O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe" ()
O4 - HKLM..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe" ()
O4 - HKLM..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide (McAfee, Inc.)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\NETGEAR WG111T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111T\wlan111t.exe (NETGEAR)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\NETGEAR WPN111 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN111\wpn111.exe (NETGEAR)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM (Red Egg Software)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM (Red Egg Software)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM File not found
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM File not found
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (Bodog)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 15:15:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2000/06/01 01:39:56 | 00,000,524 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/02 15:06:47 | 00,000,000 | ---D | M]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2009/05/28 14:14:04 | 00,000,037 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/05/26 21:07:49 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Desktop\HijackThis.lnk
[2009/05/23 12:49:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Lexmark Productivity Studio
[2009/05/20 21:20:35 | 00,000,812 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Paint.NET.lnk
[2009/05/20 21:20:30 | 00,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2009/05/20 21:13:59 | 00,000,759 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Picasa 3.lnk
[2009/05/20 21:13:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IOSUBSYS
[2009/05/18 20:48:05 | 00,000,392 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/05/18 20:47:50 | 00,003,239 | ---- | C] () -- C:\rollback.ini
[2009/05/18 20:33:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2009/05/18 20:33:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ParetoLogic
[2009/05/18 18:39:48 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/18 18:20:49 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/05/18 18:20:49 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/05/18 18:20:49 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/05/18 18:20:49 | 00,117,248 | ---- | C] () -- C:\WINDOWS\vFind.exe
[2009/05/18 18:20:49 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/05/18 18:20:49 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/05/18 18:20:49 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/05/18 18:20:49 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/05/18 18:20:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/05/18 18:20:43 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/05/18 18:20:42 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF1422.exe
[2009/05/18 18:16:38 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/05/18 17:52:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\STOPzilla!
[2009/05/15 22:44:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ThumbnailCache4R
[2009/05/15 18:13:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Desktop\Incomplete
[2009/05/09 17:48:55 | 00,000,671 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\McAfee Security Center.lnk
[2009/05/09 17:48:25 | 00,000,666 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\McAfee EasyNetwork.lnk
[2009/05/08 17:39:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Drivers HeadQuarters
[2009/05/08 00:08:20 | 00,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2009/05/08 00:05:32 | 00,000,850 | ---- | C] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2009/05/08 00:05:32 | 00,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2009/05/07 23:57:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\logs
[2009/05/07 23:57:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
[2009/05/07 23:46:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2009/05/07 21:11:54 | 00,104,613 | ---- | C] () -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Desktop\pic.htm
[2009/05/04 18:05:22 | 00,001,717 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\The Conquerors.lnk
[2009/05/04 17:58:52 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2009/02/21 08:25:20 | 00,691,592 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2009/02/16 20:50:42 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdxvs.dll
[2009/02/16 20:50:40 | 00,360,448 | ---- | C] () -- C:\WINDOWS\System32\lxdxcoin.dll
[2009/02/16 20:49:37 | 00,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdxdrs.dll
[2009/02/16 20:49:37 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdxcaps.dll
[2009/02/16 20:49:36 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdxcnv4.dll
[2009/02/16 20:48:59 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\lxf3oem.dll
[2009/02/16 20:48:59 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMON.DLL
[2009/02/16 20:48:59 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXF3FXPU.DLL
[2009/02/16 20:48:59 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL
[2009/02/16 20:47:45 | 00,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdxrwrd.ini
[2009/02/16 20:47:30 | 00,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDXhcp.dll
[2009/02/16 20:47:30 | 00,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxinpa.dll
[2009/02/16 20:47:30 | 00,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDXinst.dll
[2009/02/16 20:47:30 | 00,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxiesc.dll
[2009/02/16 20:47:29 | 01,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxserv.dll
[2009/02/16 20:47:29 | 00,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxusb1.dll
[2009/02/16 20:47:29 | 00,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxpmui.dll
[2009/02/16 20:47:29 | 00,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxlmpm.dll
[2009/02/16 20:47:29 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxprox.dll
[2009/02/16 20:47:28 | 00,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxhbn3.dll
[2009/02/16 20:47:28 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdxgrd.dll
[2009/02/16 20:47:27 | 00,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomm.dll
[2009/02/16 20:47:26 | 00,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomc.dll
[2009/01/04 22:43:19 | 00,045,056 | R--- | C] () -- C:\WINDOWS\System32\cmdrvrmu.dll
[2009/01/04 22:43:08 | 00,004,899 | R--- | C] () -- C:\WINDOWS\Cmudau.ini
[2009/01/04 22:10:28 | 00,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2009/01/04 22:10:28 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2009/01/04 21:45:49 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll
[2009/01/04 21:45:48 | 00,348,880 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2004/08/04 03:00:00 | 00,000,552 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/04 03:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[1997/06/13 19:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2009/06/30 09:30:14 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A2A0FE13-C3C2-4627-90AB-D0E52C35DAB1}.job
[2009/06/02 14:58:57 | 00,024,985 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/06/02 14:55:34 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/02 14:55:32 | 00,000,436 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/06/02 14:55:29 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/06/02 14:55:26 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Local Settings\desktop.ini
[2009/06/02 14:55:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/02 14:55:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/01 21:29:16 | 00,000,247 | ---- | M] () -- C:\WINDOWS\System\CmcnfgU.ini
[2009/05/31 13:50:10 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk
[2009/05/28 18:54:00 | 00,002,515 | ---- | M] () -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Desktop\Microsoft Office Word 2007.lnk
[2009/05/28 18:49:39 | 00,002,483 | ---- | M] () -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Desktop\Microsoft Office PowerPoint 2007.lnk
[2009/05/28 14:18:55 | 00,000,037 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2009/05/27 21:01:15 | 00,001,664 | ---- | M] () -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Desktop\Sportsbook.com Poker.lnk
[2009/05/26 21:07:49 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Desktop\HijackThis.lnk
[2009/05/26 18:06:52 | 00,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2009/05/26 18:06:52 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2009/05/26 18:06:52 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/05/22 01:13:46 | 00,522,612 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/22 01:13:46 | 00,443,918 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/22 01:13:46 | 00,072,050 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/20 21:20:35 | 00,000,812 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Paint.NET.lnk
[2009/05/20 21:13:59 | 00,000,759 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Picasa 3.lnk
[2009/05/18 20:48:05 | 00,000,392 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/05/18 20:47:50 | 00,003,239 | ---- | M] () -- C:\rollback.ini
[2009/05/18 18:16:35 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF1422.exe
[2009/05/17 21:12:52 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Desktop\Microsoft Office Excel 2007.lnk
[2009/05/14 17:50:08 | 00,117,248 | ---- | M] () -- C:\WINDOWS\vFind.exe
[2009/05/09 17:48:55 | 00,000,671 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\McAfee Security Center.lnk
[2009/05/09 17:48:25 | 00,000,666 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\McAfee EasyNetwork.lnk
[2009/05/08 07:46:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/08 00:08:20 | 00,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
[2009/05/08 00:05:32 | 00,000,850 | ---- | M] () -- C:\WINDOWS\System32\ProductTweaks.xml
[2009/05/08 00:05:32 | 00,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2009/05/07 21:11:55 | 00,104,613 | ---- | M] () -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Desktop\pic.htm
[2009/05/07 00:16:29 | 24,699,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/05/06 07:23:08 | 00,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/04 18:05:22 | 00,001,717 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\The Conquerors.lnk

========== LOP Check ==========

[2009/06/02 14:56:45 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data
[2009/03/21 01:09:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/04/13 15:23:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/03/29 21:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2009/01/05 21:24:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
[2009/01/05 21:25:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
[2009/04/17 19:25:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus
[2009/05/08 00:04:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
[2009/01/04 21:37:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Citrix
[2009/02/16 20:48:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FaxCtr
[2009/01/07 21:59:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
[2009/06/02 14:52:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
[2009/01/12 14:28:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
[2009/01/05 21:29:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2009/05/12 23:20:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
[2009/03/31 23:31:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Office Genuine Advantage
[2009/05/18 23:15:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ParetoLogic
[2009/05/08 17:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Drivers HeadQuarters
[2009/01/12 14:07:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SiteAdvisor
[2009/05/18 17:52:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\STOPzilla!
[2009/05/18 18:01:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2009/05/15 22:44:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ThumbnailCache4R
[2009/01/04 21:52:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
[2009/04/02 17:42:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo!
[2009/05/23 12:49:21 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data
[2009/04/13 15:08:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Adobe
[2009/03/21 01:35:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Apple Computer
[2009/05/24 01:59:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Azureus
[2009/04/13 15:08:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/02/16 22:11:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\FaxCtr
[2009/01/05 14:29:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Google
[2008/11/13 17:42:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Identities
[2009/02/19 20:09:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\ieSpell
[2009/05/23 12:49:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Lexmark Productivity Studio
[2009/01/05 14:28:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Macromedia
[2009/05/28 18:50:25 | 00,000,000 | --SD | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Microsoft
[2009/05/26 18:49:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Mozilla
[2009/03/05 21:11:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\MP3Rocket
[2009/03/28 17:47:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Real
[2009/01/16 18:42:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Sun
[2009/04/04 16:31:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\U3
[2009/03/01 22:20:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\WinRAR
[2009/04/02 17:42:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Application Data\Yahoo!
[2009/05/08 07:46:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 03:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/06/02 14:55:29 | 00,000,868 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009/04/15 01:33:52 | 00,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2009/05/01 01:00:34 | 00,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2009/05/18 20:48:05 | 00,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2009/06/02 14:55:32 | 00,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2009/06/02 14:55:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/06/30 09:30:14 | 00,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{A2A0FE13-C3C2-4627-90AB-D0E52C35DAB1}.job

========== Purity Check ==========


========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:FA5F15C4
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
< End of report >

OTL Extras logfile created on: 6/2/2009 3:08:05 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\kyle.PIMPOLOG-B2F539\Local Settings\Temporary Internet Files\Content.IE5\TCYX6BHO
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 70.57% Memory free
3.33 Gb Paging File | 2.85 Gb Available in Paging File | 85.45% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.47 Gb Total Space | 45.22 Gb Free Space | 60.72% Space Free | Partition Type: NTFS
Drive D: | 306.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PIMPOLOG-B2F539
Current User Name: kyle
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
D:\Autorun.exe:*:Enabled:CD navigator File not found
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\WINDOWS\system32\lxdxcoms.exe:*:Enabled:3600-4600 Series Server ( )
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe:*:Enabled:Printer Device Monitor ()
C:\Documents and Settings\billy.PIMPOLOG-B2F539\Local Settings\Temp\lxdx\wireless\lxdxwpss.exe:*:Enabled: File not found
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe:*:Enabled:Printer Status Window Interface ()
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe:*:Enabled:Lexmark Connect Time Executable (Lexmark International, Inc.)
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe:*:Enabled:Job Status Window Interface ()
C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java™ Platform SE binary (Sun Microsystems, Inc.)
C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxwbgw.exe:*:Enabled:Lexmark Web Gateway ()
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus (Vuze Inc.)
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook (Microsoft Corporation)
C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove (Microsoft Corporation)
C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote (Microsoft Corporation)
C:\Program Files\Lexmark 3600-4600 Series\lxdxlscn.exe:*:Enabled: ()
C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd:*:Enabled:Age of Empires II Expansion (Microsoft Corporation)
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent (McAfee, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{582E9125-32B6-4CBA-AB48-3E33CE3DB389}" = NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7EEC93A-2A61-4B1E-B696-A264680A889D}" = MobileMe Control Panel
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"2Wire SetupWiz" = AT&T Yahoo! High Speed Internet Home Networking Installer
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Bodog Poker_is1" = Bodog Poker Version 2.16.3.49
"C-Media USB Sound" = USB Audio
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Updater" = Google Updater
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ieSpell" = ieSpell
"Lexmark 3600-4600 Series" = Lexmark 3600-4600 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP3 Rocket" = MP3 Rocket
"MSC" = McAfee SecurityCenter
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PeerGuardian_is1" = PeerGuardian 2.0
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"RealPlayer 6.0" = RealPlayer
"RegCure" = RegCure
"Sportsbook Poker" = Sportsbook.com Poker
"Vuze" = Vuze
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/22/2009 2:52:23 PM | Computer Name = PIMPOLOG-B2F539 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x00001e84.

Error - 5/22/2009 3:06:14 PM | Computer Name = PIMPOLOG-B2F539 | Source = Application Error | ID = 1000
Description = Faulting application mcods.exe, version 13.3.127.0, faulting module
mvsscan.dll, version 13.3.130.0, fault address 0x00019fc0.

Error - 5/26/2009 9:39:36 PM | Computer Name = PIMPOLOG-B2F539 | Source = Application Error | ID = 1000
Description = Faulting application mcods.exe, version 13.3.127.0, faulting module
mvsscan.dll, version 13.3.130.0, fault address 0x00019fc0.

Error - 5/26/2009 9:40:00 PM | Computer Name = PIMPOLOG-B2F539 | Source = Application Error | ID = 1001
Description = Fault bucket 1228226507.

Error - 5/26/2009 10:34:06 PM | Computer Name = PIMPOLOG-B2F539 | Source = Application Error | ID = 1000
Description = Faulting application mcods.exe, version 13.3.127.0, faulting module
mvsscan.dll, version 13.3.130.0, fault address 0x00019fc0.

Error - 5/27/2009 12:37:40 AM | Computer Name = PIMPOLOG-B2F539 | Source = Application Error | ID = 1000
Description = Faulting application mcods.exe, version 13.3.127.0, faulting module
mvsscan.dll, version 13.3.130.0, fault address 0x00019fc0.

Error - 5/27/2009 12:37:54 AM | Computer Name = PIMPOLOG-B2F539 | Source = Application Error | ID = 1001
Description = Fault bucket 1228226507.

Error - 5/28/2009 9:52:30 PM | Computer Name = PIMPOLOG-B2F539 | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 clview.exe, P2 12.0.6211.1000, P3
ntdll.dll, P4 5.1.2600.5755, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 5/29/2009 6:02:22 PM | Computer Name = PIMPOLOG-B2F539 | Source = Application Error | ID = 1000
Description = Faulting application mcods.exe, version 13.3.127.0, faulting module
mvsscan.dll, version 13.3.130.0, fault address 0x00019fc0.

Error - 5/29/2009 11:24:45 PM | Computer Name = PIMPOLOG-B2F539 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ntdll.dll, version 5.1.2600.5755, fault address 0x000027f9.

[ System Events ]
Error - 5/29/2009 1:56:36 AM | Computer Name = PIMPOLOG-B2F539 | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%233" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 5/29/2009 6:02:32 PM | Computer Name = PIMPOLOG-B2F539 | Source = Service Control Manager | ID = 7034
Description = The McAfee Scanner service terminated unexpectedly. It has done this
1 time(s).

Error - 5/29/2009 11:53:28 PM | Computer Name = PIMPOLOG-B2F539 | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%233" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 5/31/2009 11:48:08 AM | Computer Name = PIMPOLOG-B2F539 | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%233" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 5/31/2009 4:08:59 PM | Computer Name = PIMPOLOG-B2F539 | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001F33E568D1. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 6/1/2009 1:29:29 AM | Computer Name = PIMPOLOG-B2F539 | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%233" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 6/1/2009 8:33:21 PM | Computer Name = PIMPOLOG-B2F539 | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%233" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 6/2/2009 12:28:44 AM | Computer Name = PIMPOLOG-B2F539 | Source = DCOM | ID = 10001
Description = Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493}
as /. The error: "%233" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe
-Embedding

Error - 6/2/2009 2:39:06 AM | Computer Name = PIMPOLOG-B2F539 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the mcmscsvc service.

Error - 6/2/2009 2:39:30 AM | Computer Name = PIMPOLOG-B2F539 | Source = DCOM | ID = 10010
Description = The server {6A972E27-93E2-4F98-8367-4101B2073814} did not register
with DCOM within the required timeout.


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP