Piano9Playa5,
First I'd like to thank you for your time and attention to my computer issues.
You at GTG offer so much in the way of time and expertise, that I'm left amazed.
I have spent hours preparing this reply for you. When finished I clicked on "Preview Post" and lost the entire thing. So ...... I begin again.
I believe I've included everything.
Let me know if there is anything else you need.
Again, thank you so very much for your time.
Susan
TFC
Successfully run. Re-boot upon completion.
SYSRESTOREPOINT
UNSUCCESSFUL
When I double click the desktop icon I get a brief (1-2 sec.) box that appears
but then disappears. I get no notification of completion.
Using Win XP System Tools I created new restore point.
ERUNT
UNSUCCESSFUL
Begain installing ERUNT, however, GTG instructions stated:
"4.Say No to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later."
There were no options presented. It would have added to start up file.
I chose to exit setup.
MALWAREBYTES
SUCCESSFUL
Malwarebytes' Anti-Malware 1.41
Database version: 2897
Windows 5.1.2600 Service Pack 3
10/8/2009 1:56:00 PM
mbam-log-2009-10-08 (13-55-43).txt
Scan type: Quick Scan
Objects scanned: 189493
Time elapsed: 10 minute(s), 38 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
McAFEE
REPORT:
Potentially unwanted Program
Detection name: Artemis! 1EA64E8A7E0F
Status: Cannot be completely removed
Items:
File Name: C:\System Volume Information\_restore
{D52EB4E4-AB17-4FDB-8F37-EOB1C6D4A84B}
\RP928\A0128150.exe
WINDOWS UPDATE
for the update it says
"The feature you are trying to use is on a CD-ROM or other removeable disk
that is not available.
Insert the Microsoft XP Office Professional with FrontPage' disk and click OK"
I'm guessing this was pre-loaded when I purchased from Dell several years ago.
I have tried ever Application Disk I have and none of them work.
It said
"The following updates were not installed
Office XP Service Pack 3"
REBOOT
Although I seem to be running a little better, certainly not
at full potential.
ROOTREPEAL
UNSUCCESSFUL
Downloaded RootRepeal and tried to run it twice with the same result.
information panel on desktop that said "initalizing, please wait..."
With that still showing, window popped up that said "Linksys bitmap not valid"
This 'not valid' window kept repeating over and over ... all windows staying on
desktop overlaying each other. Eventually, I had to reboot.
Upon shut down and re-boot, I get a Windows XP logo which I've not seen before.
Looks legit but is not the usual logo I see.
OTL
SUCCESSFUL
OTL logfile created on: 10/8/2009 2:39:09 PM - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.00 Mb Total Physical Memory | 117.35 Mb Available Physical Memory | 23.01% Memory free
864.29 Mb Paging File | 460.42 Mb Available in Paging File | 53.27% Paging File free
Paging file location(s): c:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS1 | %ProgramFiles% = C:\Program Files
Drive C: | 70.96 Gb Total Space | 38.95 Gb Free Space | 54.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 239.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SUSANG-HBV7373C
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\Explorer.EXE
PRC - [2008/11/19 10:47:24 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2006/10/23 08:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
PRC - [2009/07/10 00:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/07/08 11:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/08 13:43:40 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/05/13 22:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2005/02/17 12:50:22 | 00,065,536 | ---- | M] () -- C:\WINDOWS1\System32\wltrysvc.exe
PRC - [2005/02/17 12:50:22 | 00,847,983 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS1\System32\bcmwltry.exe
PRC - [2004/02/06 22:56:14 | 00,041,025 | ---- | M] (GEMTEKS) -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
PRC - [2004/05/10 05:35:00 | 05,208,576 | ---- | M] (Linksys) -- C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
PRC - [2002/11/23 02:15:00 | 00,631,362 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\iTouch\iTouch.exe
PRC - [2008/02/07 05:18:10 | 01,052,672 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS1\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
PRC - [2007/03/14 21:01:30 | 00,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2009/02/18 20:56:40 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/07/10 00:26:20 | 00,645,328 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2002/11/21 09:50:00 | 00,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\em_exec.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- c:\program files\internet explorer\iexplore.exe
PRC - [2009/07/08 13:11:52 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- c:\program files\internet explorer\iexplore.exe
PRC - [2009/10/08 14:37:48 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\OTL.exe
========== Win32 Services (SafeList) ========== SRV - [2008/11/19 10:47:24 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon [Auto | Running])
SRV - [2006/10/23 08:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS [Auto | Running])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [Disabled | Stopped])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [Auto | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS1\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/06/26 10:24:08 | 00,031,592 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [On_Demand | Stopped])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - File not found -- -- (KodakCCS [On_Demand | Stopped])
SRV - [2009/07/10 00:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
SRV - [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
SRV - [2009/07/08 15:15:04 | 00,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
SRV - [2009/07/08 11:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
SRV - [2009/07/08 13:43:40 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
SRV - [2009/07/08 13:11:52 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
SRV - [2009/07/10 03:26:42 | 00,894,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService [Disabled | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/06/05 14:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS1\System32\PSIService.exe -- (ProtexisLicensing [Disabled | Stopped])
SRV - [2007/05/13 22:54:36 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2005/02/17 12:50:22 | 00,065,536 | ---- | M] () -- C:\WINDOWS1\System32\wltrysvc.exe -- (wltrysvc [Auto | Running])
SRV - File not found -- -- (WMP54Gv4SVC [Auto | Running])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS1\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS1\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.comIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/02/18 20:57:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/08 14:20:55 | 00,000,000 | ---D | M]
O1 HOSTS File: (734 bytes) - C:\WINDOWS1\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_0.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O2 - BHO: (FlpLauncher Class) - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program Files\E-Book Systems\FlipViewer\fvbho140.dll (E-Book Systems Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS1\System32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - Reg Error: Value error. File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL L.L.C.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS1\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS1\Logi_MwX.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users.WINDOWS1\Application Data\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &eBay Search - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll File not found
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS1\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS1\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS1\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
http://download.mcaf...01/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}
http://cdn.scan.onec...lscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.micros...b?1253491009156 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.micros...b?1238664729335 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389}
http://download.mcaf...,26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Garmin Communicator Plug-In
https://my.garmin.co...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS1\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS1\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/OWNER~1.SUS/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS1\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS1\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS1\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ========== [2009/10/02 23:26:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Malwarebytes
[2009/10/03 16:30:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\SaveOurSpirit
[2009/10/02 22:27:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\SUPERAntiSpyware.com
[2009/10/02 14:15:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\ERS G-Studio
[2009/10/01 00:02:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\FlyWheelGames
[2009/10/06 13:10:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Magic Academy 2
[2009/10/02 23:26:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Malwarebytes
[2009/10/02 22:27:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\SUPERAntiSpyware.com
[2009/09/24 20:31:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\TikisLab
[2009/09/29 15:00:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\VampireSaga
[2009/10/02 22:25:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/10/02 23:26:16 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/02 22:12:08 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows OneCare Live
[2009/10/02 22:27:29 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/10/08 14:37:36 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\OTL.exe
[2009/10/08 13:34:20 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\erunt_setup.exe
[2009/10/08 13:28:02 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\SysRestorePoint.exe
[2009/10/07 08:33:09 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\RootRepeal.exe
[2009/10/03 23:45:05 | 00,271,872 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\TFC.exe
[2009/10/03 07:50:07 | 00,000,000 | ---D | C] -- C:\3d25495d7d7cd598254f57031786
[2009/10/03 07:45:02 | 00,000,000 | ---D | C] -- C:\0e3ad6349792465a969ca12d137a51
[2009/10/02 23:26:19 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbamswissarmy.sys
[2009/10/02 23:26:16 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS1\System32\drivers\mbam.sys
[2009/10/01 08:40:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\My Documents\Legends1
[2008/10/09 12:06:48 | 00,755,670 | ---- | C] (EasyDuplicateFinder.com ) -- C:\Program Files\easy_duplicate_setup.exe
[2007/12/04 10:49:39 | 00,085,584 | ---- | C] (Big Fish Games) -- C:\Program Files\bigfishgames_p7820233_s1_l1.exe
[2007/12/04 10:30:09 | 00,085,584 | ---- | C] (Big Fish Games) -- C:\Program Files\mystery-case-files-madame-fate_s1_l1_gF2213T1L1_d101037542.exe
========== Files - Modified Within 14 Days ========== [2009/10/08 14:37:48 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\OTL.exe
[2009/10/08 14:33:11 | 00,002,206 | ---- | M] () -- C:\WINDOWS1\System32\wpa.dbl
[2009/10/08 14:32:18 | 00,000,051 | ---- | M] () -- C:\WINDOWS1\iTouch.ini
[2009/10/08 14:32:08 | 00,000,438 | ---- | M] () -- C:\WINDOWS1\tasks\RegCure Program Check.job
[2009/10/08 14:32:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS1\tasks\SA.DAT
[2009/10/08 14:32:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS1\bootstat.dat
[2009/10/08 13:34:26 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\erunt_setup.exe
[2009/10/08 13:28:03 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\SysRestorePoint.exe
[2009/10/08 09:43:17 | 00,001,274 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\More Great Games.lnk
[2009/10/08 08:45:34 | 00,007,314 | ---- | M] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\painter me.gif
[2009/10/07 22:40:07 | 00,810,054 | ---- | M] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\never explain.bmp
[2009/10/07 08:33:21 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\RootRepeal.exe
[2009/10/06 20:00:29 | 00,160,216 | ---- | M] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/06 19:52:40 | 00,086,997 | ---- | M] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\watermark.jpg
[2009/10/05 11:43:44 | 00,035,384 | ---- | M] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\wklnhst.dat
[2009/10/05 10:38:26 | 00,001,446 | ---- | M] () -- C:\WINDOWS1\win.ini
[2009/10/05 10:38:26 | 00,000,227 | ---- | M] () -- C:\WINDOWS1\system.ini
[2009/10/05 10:38:26 | 00,000,213 | RHS- | M] () -- C:\boot.ini
[2009/10/03 23:57:51 | 02,108,288 | -H-- | M] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Local Settings\Application Data\IconCache.db
[2009/10/03 23:45:16 | 00,271,872 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\TFC.exe
[2009/10/03 22:47:28 | 00,000,284 | ---- | M] () -- C:\WINDOWS1\tasks\AppleSoftwareUpdate.job
[2009/10/03 19:54:01 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\Artemis Virus Details.doc
[2009/10/03 08:14:10 | 00,001,374 | ---- | M] () -- C:\WINDOWS1\imsins.BAK
[2009/10/03 08:01:28 | 00,617,256 | ---- | M] () -- C:\WINDOWS1\System32\FNTCACHE.DAT
[2009/10/03 07:57:31 | 00,490,930 | ---- | M] () -- C:\WINDOWS1\System32\PerfStringBackup.INI
[2009/10/03 07:57:31 | 00,434,006 | ---- | M] () -- C:\WINDOWS1\System32\perfh009.dat
[2009/10/03 07:57:31 | 00,068,100 | ---- | M] () -- C:\WINDOWS1\System32\perfc009.dat
[2009/10/01 01:00:00 | 00,000,332 | ---- | M] () -- C:\WINDOWS1\tasks\McQcTask.job
========== Files - No Company Name ==========[2009/10/08 14:07:29 | 01,089,593 | ---- | C] () -- C:\WINDOWS1\System32\dllcache\ntprint.cat
[2009/10/08 09:43:17 | 00,001,274 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Desktop\More Great Games.lnk
[2009/10/08 08:46:05 | 00,007,314 | ---- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\painter me.gif
[2009/10/07 22:40:04 | 00,810,054 | ---- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\never explain.bmp
[2009/10/06 19:53:42 | 00,086,997 | ---- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\watermark.jpg
[2009/10/03 19:53:50 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop\Artemis Virus Details.doc
[2009/03/24 17:48:02 | 00,004,880 | ---- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Local Settings\Application Data\slot1.mm1
[2009/03/05 00:15:29 | 02,108,288 | -H-- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Local Settings\Application Data\IconCache.db
[2008/03/21 10:57:17 | 00,000,000 | ---- | C] () -- C:\Program Files\temp01
[2006/08/23 07:48:51 | 00,827,024 | ---- | C] () -- C:\Program Files\PhotoGreetingCards.exe
[2006/07/13 08:11:23 | 00,157,856 | ---- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\GDIPFONTCACHEV1.DAT
[2006/02/07 09:40:48 | 00,015,872 | ---- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/05 14:40:30 | 02,099,080 | ---- | C] () -- C:\Program Files\imginst.exe
[2006/01/18 16:37:29 | 00,035,384 | ---- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\wklnhst.dat
[2006/01/16 16:44:53 | 12,133,878 | ---- | C] () -- C:\Program Files\fax.exe
[2005/11/01 12:57:44 | 00,160,216 | ---- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2005/10/08 16:39:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\desktop.ini
[2005/10/08 12:22:15 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\desktop.ini
[2005/09/22 09:51:41 | 08,840,783 | ---- | C] () -- C:\Program Files\bpspt120.exe
========== LOP Check ========== [2009/10/03 16:30:34 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data
[2008/12/28 09:11:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/12/23 19:11:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\AdventureChronicles1
[2008/12/25 14:26:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Alawar Stargaze
[2008/11/06 18:53:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\ArcSoft
[2008/08/21 15:15:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Astar Games
[2009/09/04 13:49:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\AWEM
[2009/03/27 16:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\blg
[2005/10/08 20:00:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\BVRP Software
[2009/09/04 15:46:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Christmasville
[2008/10/05 16:42:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Corel
[2008/10/03 17:40:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\CyberLink
[2008/02/26 15:39:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Eastman Kodak Company
[2009/06/06 15:17:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\ERS G-Studio
[2008/03/21 11:03:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\EscapeTheMuseum
[2009/03/24 15:22:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Flood Light Games
[2009/03/22 17:15:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\FloodLightGames
[2009/09/04 10:05:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Fugazo
[2008/01/25 12:02:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\FunGames
[2009/08/13 11:33:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Gamers Digital
[2009/06/21 16:14:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\GAMESHASTRA
[2008/04/29 07:57:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Gogii
[2009/06/06 18:02:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Gogii Games
[2009/06/08 08:31:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Gold Casual Games
[2009/03/26 17:52:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\HiddenSecretsNightmare
[2009/08/31 21:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\HideAndSecret3
[2009/03/19 13:55:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\HoverBee Studios
[2009/03/06 14:32:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\IM
[2009/09/15 15:47:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\IncrediMail
[2009/05/30 15:57:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Intenium
[2009/09/29 13:51:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\JollyBear
[2008/03/02 12:22:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\kds_kodak
[2009/09/19 21:22:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Merscom
[2005/10/09 09:39:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\MSN6
[2009/07/26 12:30:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\MumboJumbo
[2009/03/22 09:35:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Mushroom Age
[2009/04/07 06:11:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\MysteryChronicles
[2009/05/31 15:07:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\NeptunesAdve
[2009/05/31 19:35:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Nick Chase A Detective Story
[2009/08/26 08:23:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\PlayFirst
[2008/12/23 22:25:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\PlayPond
[2006/11/24 13:17:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\PlayTime
[2009/08/16 09:36:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\PoBros
[2009/08/22 17:27:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Princess Isabella
[2005/10/08 18:59:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Pure Networks
[2009/04/17 12:45:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\QuickClick
[2009/04/19 15:00:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Redrum
[2009/10/03 16:30:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\SaveOurSpirit
[2009/06/14 16:15:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Slapdash Games
[2009/01/08 12:03:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\SpecialBit
[2009/05/30 21:00:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\SpinTop Games
[2009/08/11 18:42:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\SulusGames
[2009/10/08 10:58:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP
[2009/06/08 17:10:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\TheRace_dev
[2007/02/08 01:01:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\Viewpoint
[2009/06/13 22:30:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS1\Application Data\WildWestQuest2
[2009/10/06 13:10:18 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data
[2009/08/18 14:54:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\3Stars
[2009/03/23 09:59:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Abra Academy2
[2008/05/14 11:20:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\acccore
[2009/07/04 17:43:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Aisle 5 Games, Inc
[2008/11/22 11:49:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Arcsoft
[2009/06/12 13:02:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Artogon
[2009/05/30 11:54:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Azuaz Games
[2009/09/05 11:45:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Big Fish Games
[2009/03/27 16:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\blg
[2008/01/25 15:49:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\BloodTies
[2009/03/06 20:11:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\BrandX Games
[2008/12/28 20:47:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Cat's Eye Games
[2009/05/31 19:08:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\cerasus.media
[2009/10/03 10:28:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Comcast
[2008/10/05 17:13:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Corel
[2008/10/03 17:40:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\CyberLink
[2009/04/18 16:19:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Dragon Altar Games
[2008/10/09 10:55:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\duplicate-file-finder.com
[2008/11/22 14:48:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\EBookSys
[2009/08/06 14:59:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Enlightenus
[2009/10/02 14:15:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\ERS G-Studio
[2009/03/19 13:41:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\FairyTale
[2009/03/24 15:22:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Flood Light Games
[2009/03/22 17:15:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\FloodLightGames
[2009/10/01 00:02:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\FlyWheelGames
[2009/01/10 18:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\ForgottenRiddles
[2009/08/23 13:28:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\ForgottenRiddles2
[2009/04/19 08:36:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Friday's games
[2009/09/22 22:47:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\funkitron
[2009/07/26 20:11:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\GameInvest
[2009/08/13 11:33:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Gamers Digital
[2009/07/26 16:13:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Games
[2009/06/21 16:14:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\GAMESHASTRA
[2009/03/30 11:20:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\GARMIN
[2009/06/06 18:02:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Gogii Games
[2009/06/08 08:31:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Gold Casual Games
[2009/04/19 13:29:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\HiT-MM
[2009/08/31 20:06:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\HSA
[2009/06/06 16:54:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\IOMediaSupport6SZZ001s
[2009/06/05 12:50:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\IronCode
[2009/06/05 14:35:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Island
[2009/03/27 15:14:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Jetsetter
[2009/03/24 10:45:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\JoyBits
[2005/10/11 18:27:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Kaczynski Software
[2005/10/15 14:30:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Leadertech
[2009/03/16 11:09:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Lost in the City
[2009/08/21 15:55:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\MA
[2009/03/27 19:07:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Magic Academy
[2009/10/06 13:10:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Magic Academy 2
[2009/08/27 09:42:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\MBT
[2009/06/08 08:26:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Meridian93
[2009/09/19 21:22:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Merscom
[2009/10/05 16:01:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Move Networks
[2007/12/04 09:51:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\MSN6
[2009/03/20 14:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\MysteryStudio
[2007/09/21 10:40:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Netscape
[2009/06/01 16:07:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Pirateville
[2009/08/26 08:23:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\PlayFirst
[2009/08/16 09:36:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\PoBros
[2008/12/27 17:34:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Pogo Games
[2009/01/31 14:08:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\RobinsonCrusoe
[2009/06/12 11:27:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\SecretIslandEng
[2009/03/06 19:00:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\SerpentOfIsis
[2009/06/01 09:57:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Shape games
[2009/08/05 09:52:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\she_is_a_shadow
[2008/11/06 19:28:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Skinux
[2009/04/16 18:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Skunk Studios
[2009/06/06 16:54:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Spinapse
[2009/06/06 13:35:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\SprillBermudeEng
[2009/08/31 16:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\SprillRichiEng
[2009/06/15 12:37:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Sudden Games
[2009/04/18 17:28:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\SultansLabyrinth
[2009/08/11 18:42:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\SulusGames
[2009/06/06 16:54:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Suspects and Clues Players
[2009/06/06 16:54:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Suspects and Clues Prefs
[2009/06/08 17:34:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\TheScruffs
[2009/09/24 20:31:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\TikisLab
[2009/06/15 13:25:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\TMInc
[2009/06/02 16:40:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Twintale Entertainment
[2009/04/17 14:22:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Ubisoft
[2009/09/29 15:00:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\VampireSaga
[2009/07/11 10:38:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\V-Games
[2007/02/08 01:01:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\Viewpoint
[2009/06/06 13:32:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\ViquaSoft
[2008/06/23 11:16:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\WholeSecurity
[2005/10/08 19:01:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner.SUSANG-HBV7373C\Application Data\You've Got Pictures Screensaver
[2009/10/03 22:47:28 | 00,000,284 | ---- | M] () -- C:\WINDOWS1\Tasks\AppleSoftwareUpdate.job
[2003/07/16 16:36:49 | 00,000,065 | RH-- | M] () -- C:\WINDOWS1\Tasks\desktop.ini
[2009/01/15 02:00:00 | 00,000,342 | ---- | M] () -- C:\WINDOWS1\Tasks\McDefragTask.job
[2009/10/01 01:00:00 | 00,000,332 | ---- | M] () -- C:\WINDOWS1\Tasks\McQcTask.job
[2009/10/08 14:32:08 | 00,000,438 | ---- | M] () -- C:\WINDOWS1\Tasks\RegCure Program Check.job
[2009/05/21 03:00:01 | 00,000,372 | ---- | M] () -- C:\WINDOWS1\Tasks\RegCure.job
[2009/10/08 14:32:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS1\Tasks\SA.DAT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2005/12/05 23:27:53 | 00,010,920 | ---- | M] () -- C:\aolconnfix.exe
< %systemroot%\system32\eventlog.dll >[2008/04/13 20:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\system32\eventlog.dll
< %systemroot%\system32\scecli.dll >[2008/04/13 20:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS1\system32\scecli.dll
< %systemroot%\netlogon.dll > < %systemroot%\system32\cngaudit.dll > < %systemroot%\system32\sceclt.dll > < %systemroot%\ntelogon.dll > < %systemroot%\system32\logevent.dll > ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:F7061E5F
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:1316EAD4
@Alternate Data Stream - 97 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0C5AF2AA
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:ED810E46
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:89E1BAF5
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:ECCE99EF
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:52641FBE
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:2E49D185
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:19F08842
@Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:51E1A4D8
@Alternate Data Stream - 221 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:CB16385F
@Alternate Data Stream - 220 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:C22674B6
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:F2C20CE5
@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D31BE97C
@Alternate Data Stream - 217 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:5EF1AD34
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:870649A4
@Alternate Data Stream - 214 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:70E897B5
@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:5E9B629B
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:3C5ABDC7
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:DFC3B090
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:8401B6D5
@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:2871B698
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7B52659E
@Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:51F17BB8
@Alternate Data Stream - 203 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:A7DA2BCD
@Alternate Data Stream - 202 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E32966C0
@Alternate Data Stream - 201 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:260575F1
@Alternate Data Stream - 200 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:A3B8F70C
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:090FB735
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:9398DBB4
@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:28CDD861
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:78E0DF72
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:5D351BC6
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:B904C348
@Alternate Data Stream - 170 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:1A6AFE3D
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D1361E51
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E7B4296D
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E14FA16F
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:2D0C22DC
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:4EFDF5FB
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7FCB9D0D
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:EF5B3572
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D055FC10
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:B2CD146E
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:90865A6D
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:27D1368B
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:F84B8DB5
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:EC2381A4
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:569CEE83
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:409A775B
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:2BC498A4
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D1D597D0
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0E684AC9
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D2C57161
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:ADE67221
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:55F44B88
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:5025C6E4
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:C928F3BE
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:B2735F9E
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:97C4F81F
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:8999FD56
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:B4980368
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:9B9B0020
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:737160C1
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:225CD7D5
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:F33C37D5
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:69D59C23
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:69AF9D20
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:3FD496E1
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0AC32449
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:FC4EA67C
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:BDCD8531
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:A58B27C9
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:A3251D01
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:943E8182
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:848CC150
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:6E86D926
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:3E06C78F
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:2D1AE3BE
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:22313216
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:072F1F69
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E945C214
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E7B49FBF
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:CEF2A14E
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7CEDF9F3
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:101708D3
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0656FCD2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D48500F8
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7A0FEE87
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:6425A235
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:6352F3F9
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:5C6EBC69
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:3B812EE0
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:FD000392
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7AA6FC81
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:55BB2521
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:523B97A0
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:22786385
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:13AA281B
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E80802C7
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:DE47A3DA
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:CC073296
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:BF2E2F0E
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:96C9689F
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7C412B92
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:60C897F3
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:5D17C178
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:F1DEA771
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:ED2998F5
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:CD9109D4
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:BA05E0C4
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:A56D6987
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:A4F63AED
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:A2865730
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:63CFD724
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:C63E7DE2
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:98DFF516
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:8DF68137
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:8944C195
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:620EC79A
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:1C6CB897
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:EB40BC91
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D46ECFD5
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:9BFB769D
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:90D89144
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:5345C8F6
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:2F6462DF
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:270A3983
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0D278FB5
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:C36B1175
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7FD903D7
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:55E3C0E0
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:4673E9EA
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:275AA066
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:086DE893
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:53DF59D1
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:FC2D0F32
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D507B5A8
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:4DCAC4BC
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:43301D1D
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0DAD93FF
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:EC0A74A1
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E3CEEC4C
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:C0A9D0E7
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:BD9F7E4E
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:AC83EA04
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7CA7BED1
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:3539CD43
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:2E0B7D8A
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:1F67CD26
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:1ECB9265
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0D3CE40A
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:C8E82994
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7881FECE
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:315B4A13
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:24FECE50
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:067F588D
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:F42B5B0E
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:598E0FFA
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0F0A5896
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0ED4AC2F
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:07241935
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:DF0BC727
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D92485C9
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:61AF2B29
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:40D8F125
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:1F4329D4
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:1A5207FA
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:0F38F234
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:918B7566
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:90B52091
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7A0EFE63
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:6710EF08
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:4FE30352
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:4CF76F21
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:00D5EBC2
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:F3EFA8A8
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:EEB25EAE
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7776B809
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:561B1D2B
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:45F3AD49
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:3313A48D
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:FB97DB91
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:EE39C93C
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E717F65C
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:D0668210
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:B845F669
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:95970EA3
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E91ADC66
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:BB71BBA2
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:85C3B823
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:3C282BEA
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:938EC881
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:55E1514E
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:551BED5F
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:3095C3B0
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:11E79CC9
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E5294695
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:7547DA5B
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:4FE42FFC
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:1B927722
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:FDDD8917
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:C07A6A6B
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:9DF07E8F
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:60A4BB64
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:43982D5E
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:3D36932D
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:A296A63F
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:54D5DB8A
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:31106FCB
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:FC8FFA4E
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:E5F85065
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP:CF61CE5A
< End of report >
OTL Extras logfile created on: 10/8/2009 2:39:16 PM - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = C:\Documents and Settings\Owner.SUSANG-HBV7373C\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.00 Mb Total Physical Memory | 117.35 Mb Available Physical Memory | 23.01% Memory free
864.29 Mb Paging File | 460.42 Mb Available in Paging File | 53.27% Paging File free
Paging file location(s): c:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS1 | %ProgramFiles% = C:\Program Files
Drive C: | 70.96 Gb Total Space | 38.95 Gb Free Space | 54.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 239.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SUSANG-HBV7373C
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS1\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS1\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0d\waol.exe" = C:\Program Files\America Online 9.0d\waol.exe:*:Enabled:America Online 9.0d -- File not found
"C:\Program Files\IncrediMail\bin\IMApp.exe" = C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\WINDOWS1\system32\LEXPPS.EXE" = C:\WINDOWS1\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE -- File not found
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Enabled:backWeb-7288971 -- File not found
"C:\WINDOWS1\system32\fxsclnt.exe" = C:\WINDOWS1\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- File not found
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1128812311\EE\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1128812311\EE\aolsoftware.exe:*:Enabled:AOL Shared Components -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\AOL 9.1\waol.exe" = C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"D:\CDS\Nero\Installation\SetupX.exe" = D:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\IncrediMail\bin\ImLc.exe" = C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)
"C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic -- File not found
"C:\Program Files\Magentic\bin\Magentic.exe" = C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic -- File not found
"C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic -- File not found
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software
"{04410044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Encyclopedia Standard 2004
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{218F4044-888B-4D2B-9536-654E412C8F53}" = Design & Print, Business Edition
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{33BEE6F3-9987-4F98-A069-97A64EC8321A}" = Microsoft Works Suite Add-in for Microsoft Word
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C569633-C8DE-46E2-BB8F-F65198681C2F}" = Corel MediaOne
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4DDC3BED-CC68-44AA-B435-D727B620CA5B}" = Linksys Wireless-G PCI Adapter
"{52CB9287-0F7A-43E8-AC64-8D20D2D7B601}" = Windows XP Creativity Fun Packs - Player Visualizations
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{55937F00-A69B-4049-8D3A-1C7729742B6F}" = BUM
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.75
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6DA9102E-199F-43A0-A36B-6EF48081A658}" = MobileMe Control Panel
"{707EB912-C597-49D8-9460-46CC9AB03EBE}" = Corel Painter Photo Essentials 4
"{747A6A10-DA58-48C2-A1F0-C15514419C8A}" = Hallmark Card Studio 2008
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110157578}" = Oberon Games Fix For AOL Security Center
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111715607}" = The Poppit! Show
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113556197}" = Stone of Destiny
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8D03A164-B586-4318-AFE6-870A5E2739C1}" = PHOTORECOVERY LE
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A6B73DD7-D279-49AE-B99A-FA9AF6045734}" = FlipAlbum 5.5 Suite
"{A7FEAFD3-A58A-49FA-9717-5ED86A4A19C7}" = OptiPix Pro
"{AA5D7261-206E-474A-90CC-FC7999F585A0}" = FlipViewer 4.2.1
"{ABE068DF-8DC4-4947-ABFC-DD2B40850225}" = SFR2
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B9966F27-9678-4620-9579-925E3084647E}" = Microsoft Works
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C0031D6A-5160-4816-9B84-A37DE529C4BF}" = IncrediMail
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2FEC453-40B1-414A-86B6-A9744190C2A1}" = KazStamp
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus®
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Photo Premium 9
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F3BF1670-5541-45A2-AFD3-2AA2E9754EEE}" = Microsoft Picture It! Publishing Silver 2001
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"Adobe Type Manager 4.0" = Adobe Type Manager 4.0
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"BFG-Adventure Chronicles - The Search for Lost Treasure" = Adventure Chronicles: The Search for Lost Treasure
"BFG-Agatha Christie - Peril at End House" = Agatha Christie: Peril at End House
"BFG-Arabesque" = Arabesque
"BFG-Azada" = Azada (remove only)
"BFG-Azada - Ancient Magic" = Azada ™: Ancient Magic
"BFGC" = Big Fish Games Client
"BFG-Drawn - The Painted Tower" = Drawn: The Painted Tower ™
"BFG-Enlightenus" = Enlightenus
"BFG-Forgotten Riddles - The Moonlight Sonatas" = Forgotten Riddles: The Moonlight Sonatas
"BFG-G.H.O.S.T Chronicles - Phantom of the Renaissance Faire" = G.H.O.S.T Chronicles: Phantom of the Renaissance Faire
"BFG-Haunted Hotel" = Haunted Hotel
"BFG-Haunted Hotel II - Believe the Lies" = Haunted Hotel II: Believe the Lies
"BFG-Hidden Expedition - Titanic" = Hidden Expedition: Titanic™
"BFG-Margrave Manor 2 - The Lost Ship" = Margrave Manor 2: The Lost Ship
"BFG-Mystery Age - The Imperial Staff" = Mystery Age: The Imperial Staff
"BFG-Mystery Case Files - Madame Fate" = Mystery Case Files: Madame Fate
"BFG-Mystery Case Files - Prime Suspects" = Mystery Case Files: Prime Suspects (remove only)
"BFG-Mystery Case Files - Ravenhearst" = Mystery Case Files: Ravenhearst (remove only)
"BFG-Mystery Case Files - Return to Ravenhearst" = Mystery Case Files: Return to Ravenhearst ™
"BFG-Mystery of Unicorn Castle" = Mystery of Unicorn Castle
"BFG-Mystery P.I. - The Vegas Heist" = Mystery P.I.: The Vegas Heist
"BFG-Nancy Drew Dossier - Lights, Camera Curses" = Nancy Drew Dossier: Lights, Camera, Curses
"BFG-Nancy Drew Dossier - Resorting to Danger" = Nancy Drew Dossier: Resorting to Danger
"BFG-Princess Isabella - A Witch's Curse" = Princess Isabella: A Witch's Curse
"BFG-PuppetShow - Mystery of Joyville" = PuppetShow: Mystery of Joyville ™
"BFG-Save Our Spirit" = Save Our Spirit
"BFG-The Lost Cases of Sherlock Holmes" = The Lost Cases of Sherlock Holmes
"BFG-The Secret of Margrave Manor" = The Secret of Margrave Manor
"BFG-The Sultans Labyrinth" = The Sultan's Labyrinth
"BFG-Treasure Masters" = Treasure Masters
"BFG-Val`Gor - Dark Lord of Magic" = Val`Gor - Dark Lord of Magic
"BFG-Vampire Saga - Pandora's Box" = Vampire Saga: Pandora's Box
"BFG-World Mosaics" = World Mosaics
"BFG-World Mosaics 2" = World Mosaics 2
"Broadcom 802.11 Application" = Broadcom Wireless Utility
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"FlipViewer" = FlipViewer 2.2.5
"Hanes® T-ShirtMaker®" = Hanes® T-ShirtMaker®
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"ImageSkill Background Remover 3" = ImageSkill Background Remover 3
"IncrediMail" = IncrediMail 2.0
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"LiveUpdate" = LiveUpdate 1.90 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Picture It! Express" = Microsoft Picture It! Express 2.0
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PictureIt_v9" = Microsoft Picture It! Photo Premium 9
"RealPlayer 6.0" = RealPlayer
"RegCure" = RegCure 1.5.0.1
"Shockwave" = Shockwave
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ST5UNST #1" = FaxDrive
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2004Setup" = Microsoft Works 2004 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XCalShopDeinstKey" = Calendar Shop
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{9863F141-7A33-4c9a-A5F2-96996461B216}" = KODAK EASYSHARE Gallery Easy Upload, v2.0
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 5/6/2009 9:13:24 AM | Computer Name = SUSANG-HBV7373C | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00006400.
Error - 5/6/2009 9:13:32 AM | Computer Name = SUSANG-HBV7373C | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Error - 5/18/2009 6:53:35 PM | Computer Name = SUSANG-HBV7373C | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 10.0.6612.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/28/2009 4:08:48 PM | Computer Name = SUSANG-HBV7373C | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x03e09790.
Error - 5/28/2009 4:09:02 PM | Computer Name = SUSANG-HBV7373C | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Error - 5/28/2009 4:09:46 PM | Computer Name = SUSANG-HBV7373C | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/28/2009 4:19:09 PM | Computer Name = SUSANG-HBV7373C | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module download.dll, version 1.0.0.29, fault address 0x000197a4.
Error - 5/28/2009 4:19:23 PM | Computer Name = SUSANG-HBV7373C | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/30/2009 10:53:00 AM | Computer Name = SUSANG-HBV7373C | Source = Application Hang | ID = 1002
Description = Hanging application ThreeDays.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 5/30/2009 10:54:18 AM | Computer Name = SUSANG-HBV7373C | Source = Application Hang | ID = 1002
Description = Hanging application ThreeDays.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 10/8/2009 1:18:10 PM | Computer Name = SUSANG-HBV7373C | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 10/8/2009 1:18:10 PM | Computer Name = SUSANG-HBV7373C | Source = Service Control Manager | ID = 7031
Description = The McAfee Services service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 10/8/2009 1:18:10 PM | Computer Name = SUSANG-HBV7373C | Source = Service Control Manager | ID = 7031
Description = The McAfee Network Agent service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 10/8/2009 1:18:10 PM | Computer Name = SUSANG-HBV7373C | Source = Service Control Manager | ID = 7031
Description = The McAfee Real-time Scanner service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.
Error - 10/8/2009 1:18:10 PM | Computer Name = SUSANG-HBV7373C | Source = Service Control Manager | ID = 7031
Description = The McAfee Proxy Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 10/8/2009 1:18:10 PM | Computer Name = SUSANG-HBV7373C | Source = Service Control Manager | ID = 7034
Description = The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly.
It has done this 1 time(s).
Error - 10/8/2009 1:18:10 PM | Computer Name = SUSANG-HBV7373C | Source = Service Control Manager | ID = 7034
Description = The Broadcom Wireless LAN Tray Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 10/8/2009 1:18:11 PM | Computer Name = SUSANG-HBV7373C | Source = Service Control Manager | ID = 7034
Description = The WMP54Gv4SVC service terminated unexpectedly. It has done this
1 time(s).
Error - 10/8/2009 1:18:14 PM | Computer Name = SUSANG-HBV7373C | Source = Service Control Manager | ID = 7031
Description = The McAfee SystemGuards service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 10/8/2009 2:20:38 PM | Computer Name = SUSANG-HBV7373C | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x8024002d: Office XP Service Pack 3.
< End of report >