As requested in the original thread I am posting the contents of OTL.txt and Extras.txt. I have run RootRepeal.exe but since the log file is not requested in the original thread I am not posting it here.
OTL logfile created on: 24/11/2009 11:47:47 AM - Run 1
OTL by OldTimer - Version 3.1.8.0 Folder = F:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
1.93 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 59.89% Memory free
3.78 Gb Paging File | 3.10 Gb Available in Paging File | 82.11% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.17 Gb Total Space | 109.30 Gb Free Space | 75.82% Space Free | Partition Type: NTFS
Drive D: | 144.15 Gb Total Space | 144.06 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.94 Gb Total Space | 0.37 Gb Free Space | 19.01% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACR5730-04
Current User Name: snaith
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/11/24 11:43:06 | 00,529,920 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2009/06/02 10:56:00 | 24,264,488 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/06/02 10:56:00 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/02/06 05:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/02/06 05:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/02/06 05:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/02/06 05:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/02/04 09:44:02 | 00,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\snaith\Local Settings\Temp\RtkBtMnt.exe
PRC - [2009/02/03 11:39:21 | 00,024,064 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/02/03 11:39:21 | 00,024,064 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2008/10/16 19:12:28 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008/08/07 15:29:58 | 00,045,056 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
PRC - [2008/07/08 18:18:40 | 00,466,944 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008/06/17 12:34:14 | 00,150,040 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2008/06/17 12:34:08 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2008/06/17 12:34:02 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2008/06/17 12:33:58 | 00,174,616 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2008/06/17 12:33:48 | 00,170,520 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2008/06/09 17:36:14 | 00,870,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/05/20 04:00:00 | 00,757,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2008/05/16 17:12:44 | 00,102,400 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
PRC - [2008/05/16 17:12:08 | 00,430,080 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
PRC - [2008/05/16 16:39:00 | 16,862,720 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2008/05/07 19:41:14 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 19:41:12 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/14 07:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008/04/13 23:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 23:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2008/04/07 00:42:36 | 00,034,040 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
PRC - [2008/04/07 00:42:24 | 00,050,424 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/04 05:03:14 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008/03/25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008/03/25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2008/03/03 15:11:14 | 00,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008/02/22 13:12:24 | 01,032,192 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007/12/18 21:08:08 | 02,189,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2007/12/18 19:03:10 | 01,643,904 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2007/12/18 19:03:08 | 02,569,600 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2007/11/09 15:15:34 | 00,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2007/11/09 15:15:18 | 00,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/07/24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/03/11 21:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/02/20 20:18:32 | 00,366,400 | ---- | M] (Google Inc.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe
PRC - [2007/02/12 18:43:44 | 00,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2007/01/17 13:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/01/04 19:48:50 | 00,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
PRC - [2006/03/30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
========== Modules (SafeList) ==========
MOD - [2009/11/24 11:43:06 | 00,529,920 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
MOD - [2008/04/13 23:00:00 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/13 23:00:00 | 01,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2008/04/13 23:00:00 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2007/12/18 19:04:08 | 00,329,088 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\sysfer.dll
MOD - [2005/10/11 13:18:54 | 00,028,672 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\ePower\SysHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/07/22 07:03:46 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/06/08 19:49:44 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9e89c2fa41256) Google Update Service (gupdate1c9e89c2fa41256)
SRV - [2009/04/25 05:31:56 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/02/03 11:39:21 | 00,024,064 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-080708-050100)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/16 19:12:28 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008/07/18 12:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/07/18 12:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/05/20 04:00:00 | 00,757,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2008/05/20 04:00:00 | 00,249,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CCM\TSManager.exe -- (smstsmgr)
SRV - [2008/05/16 17:12:44 | 00,102,400 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe)
SRV - [2008/05/07 19:41:14 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/04/14 05:41:56 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\irmon.dll -- (Irmon)
SRV - [2008/04/13 23:00:00 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/07 00:42:24 | 00,050,424 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/04 05:03:14 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/03 15:11:14 | 00,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2007/12/18 21:08:08 | 02,189,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2007/12/18 19:04:36 | 00,234,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2007/12/18 19:03:08 | 02,569,600 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2007/11/09 15:15:18 | 00,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/11/09 15:15:18 | 00,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/11 20:05:27 | 03,093,872 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2007/07/24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/02/12 18:43:44 | 00,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007/01/17 13:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007/01/04 19:48:50 | 00,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/03/30 09:15:44 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...travelmate_5730
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...travelmate_5730
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.m...en-US:official"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/01 02:00:30 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 1.5\Extensions\\Components: C:\Program Files\Mozilla Firefox\Components [2009/11/23 10:48:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 1.5\Extensions\\Plugins: C:\Program Files\Mozilla Firefox\Plugins [2009/07/22 07:25:06 | 00,000,000 | ---D | M]
[2009/02/16 00:21:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Mozilla\Extensions
[2009/02/16 00:21:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/12 23:50:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Mozilla\Firefox\Profiles\g5ypv3w3.default\extensions
[2009/11/12 23:49:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Mozilla\Firefox\Profiles\g5ypv3w3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/02/08 12:32:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/02/16 00:21:03 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/20 00:08:56 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/01/20 00:08:57 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/02/06 11:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2009/01/20 00:08:58 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/02/20 15:04:02 | 02,463,976 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
[2009/01/19 18:28:04 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/01/19 18:28:04 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/01/19 18:28:04 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/01/19 18:28:04 | 00,002,343 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/01/19 18:28:04 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/01/19 18:28:04 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/01/19 18:28:04 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: (151 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.226 winguard2009.microsoft.com
O1 - Hosts: 91.212.127.226 winguard-2009.com
O1 - Hosts: 91.212.127.226 www.winguard-2009.com
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [Boot] C:\Program Files\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [calc] C:\WINDOWS\System32\calc.DLL File not found
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Synchronization Manager] C:\WINDOWS\System32\mobsync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UniPrint] C:\Program Files\UniPrint\Client\SetDfltSettings.exe (INGENICA UK Ltd.)
O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - HKCU..\Run: [askyamgb] C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe File not found
O4 - HKCU..\Run: [calc] C:\DOCUME~1\snaith\ntuser.DLL File not found
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk = C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.1.76 172.16.1.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = csao
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\intu-qt2008 {05E53CE9-66C8-4a9e-A99F-FDB7A8E7B596} - C:\Program Files\QuickTax 2008\ic2008pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\spba: DllName - C:\Program Files\Common Files\SPBA\homefus2.dll - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/03 05:05:32 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{550b0158-48ab-11dd-8386-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{550b0158-48ab-11dd-8386-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{550b0158-48ab-11dd-8386-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{790be641-2fbb-11de-98ac-00215d431a12}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\{fe220574-f72a-11dd-989b-00215d431a12}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/02/03 14:20:11 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2009/11/21 17:23:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs
[2009/02/03 14:22:51 | 00,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[2009/02/03 11:35:37 | 00,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/02/03 11:35:37 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 14 Days ==========
[2009/11/24 11:33:09 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{BB5EA149-293E-490D-8452-F5F2659DBF3B}.job
[2009/11/24 11:17:44 | 00,009,341 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2009/11/24 11:17:43 | 00,000,522 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2009/11/24 11:16:20 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/24 11:16:05 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/24 11:13:49 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/24 11:13:39 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/24 11:13:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/24 11:13:17 | 20,728,87296 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/23 12:35:07 | 04,456,448 | -H-- | M] () -- C:\Documents and Settings\snaith\NTUSER.DAT
[2009/11/23 12:34:43 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\snaith\ntuser.ini
[2009/11/22 00:33:01 | 00,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2009/11/21 18:00:00 | 00,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/11/13 11:17:30 | 00,001,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2009/11/11 23:11:03 | 01,651,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/23 10:12:27 | 20,728,87296 | -HS- | C] () -- C:\hiberfil.sys
[2009/11/02 10:05:46 | 00,004,764 | ---- | C] () -- C:\WINDOWS\System32\CcmFramework.ini
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/22 07:25:06 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/02/08 15:18:09 | 00,001,657 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/02/08 11:17:28 | 00,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll
[2009/02/08 11:17:20 | 00,000,149 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2009/02/07 19:45:06 | 00,011,776 | ---- | C] () -- C:\Documents and Settings\snaith\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/04 09:43:57 | 00,000,129 | ---- | C] () -- C:\Documents and Settings\snaith\Local Settings\Application Data\fusioncache.dat
[2009/02/04 09:43:22 | 05,335,152 | -H-- | C] () -- C:\Documents and Settings\snaith\Local Settings\Application Data\IconCache.db
[2009/02/04 09:43:22 | 00,090,352 | ---- | C] () -- C:\Documents and Settings\snaith\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/02/04 09:43:22 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\snaith\Application Data\desktop.ini
[2009/02/03 14:21:24 | 00,000,046 | ---- | C] () -- C:\WINDOWS\PreLaunch.ini
[2009/02/03 11:35:52 | 00,626,688 | ---- | C] () -- C:\WINDOWS\Image.dll
[2009/02/03 11:35:52 | 00,025,602 | ---- | C] () -- C:\WINDOWS\System32\unbdp32.dll
[2009/02/03 11:35:38 | 01,769,984 | ---- | C] () -- C:\WINDOWS\System32\snp2uvc.sys
[2009/02/03 11:35:38 | 01,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/02/03 11:35:38 | 00,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2009/02/03 11:35:37 | 00,028,160 | ---- | C] () -- C:\WINDOWS\System32\sncduvc.sys
[2009/02/03 11:35:37 | 00,000,169 | ---- | C] () -- C:\WINDOWS\System32\PidList.ini
[2009/02/03 11:35:37 | 00,000,169 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2009/02/03 10:20:48 | 00,000,036 | ---- | C] () -- C:\WINDOWS\Webica.ini
[2009/02/03 10:00:42 | 00,000,952 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/09/02 03:42:20 | 00,530,556 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/09/02 03:35:36 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2008/08/19 02:36:44 | 00,000,522 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/08/19 01:32:46 | 00,000,617 | ---- | C] () -- C:\WINDOWS\win.ini
[2008/08/19 01:30:50 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIOFM4.dll
[2008/08/19 01:30:50 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN5.dll
[2008/08/19 01:30:08 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2008/08/19 01:30:08 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2008/07/03 05:05:32 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini
[2008/07/03 05:05:20 | 00,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/07/03 05:03:36 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini
[2008/07/03 05:03:36 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini
[2008/07/02 21:59:02 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2008/06/11 13:29:02 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4957.dll
[2008/05/07 00:12:40 | 01,291,264 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll
[2008/04/13 23:00:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini
[2008/04/13 23:00:00 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll
[2008/04/13 23:00:00 | 00,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll
[2008/04/13 23:00:00 | 00,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll
[2008/04/13 23:00:00 | 00,386,048 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll
[2008/04/13 23:00:00 | 00,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll
[2008/04/13 23:00:00 | 00,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll
[2008/04/13 23:00:00 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll
[2008/04/13 23:00:00 | 00,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll
[2008/04/13 23:00:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll
[2008/04/13 23:00:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll
[2008/04/13 23:00:00 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll
[2008/04/13 23:00:00 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll
[2008/04/13 23:00:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll
[2008/04/13 23:00:00 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll
[2008/04/13 23:00:00 | 00,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll
[2008/04/13 23:00:00 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini
[2008/04/13 23:00:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys
[2008/04/13 23:00:00 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys
[2008/04/13 23:00:00 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys
[2008/04/13 23:00:00 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys
[2008/04/13 23:00:00 | 00,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll
[2008/04/13 23:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys
[2008/04/13 23:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys
[2008/04/13 23:00:00 | 00,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys
[2008/04/13 23:00:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys
[2008/04/13 23:00:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys
[2008/04/13 23:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys
[2008/04/13 23:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys
[2008/04/13 23:00:00 | 00,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys
[2008/04/13 23:00:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys
[2008/04/13 23:00:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll
[2008/04/13 23:00:00 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll
[2008/04/13 23:00:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll
[2008/04/13 23:00:00 | 00,013,223 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini
[2008/04/13 23:00:00 | 00,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini
[2008/04/13 23:00:00 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll
[2008/04/13 23:00:00 | 00,010,110 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini
[2008/04/13 23:00:00 | 00,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys
[2008/04/13 23:00:00 | 00,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini
[2008/04/13 23:00:00 | 00,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys
[2008/04/13 23:00:00 | 00,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll
[2008/04/13 23:00:00 | 00,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini
[2008/04/13 23:00:00 | 00,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini
[2008/04/13 23:00:00 | 00,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini
[2008/04/13 23:00:00 | 00,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv
[2008/04/13 23:00:00 | 00,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini
[2008/04/13 23:00:00 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/04/13 23:00:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini
[2008/04/13 23:00:00 | 00,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini
[2008/04/13 23:00:00 | 00,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini
[2007/01/26 01:32:18 | 00,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/03/10 16:18:16 | 00,006,782 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/11/24 17:55:48 | 00,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll
[2003/11/24 17:55:32 | 00,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll
[2001/12/26 18:12:30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/04 01:46:38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 18:33:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/24 00:04:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2009/07/22 07:23:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/02/03 10:00:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2008/07/02 21:59:02 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2009/11/02 12:59:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/02/03 11:41:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2009/07/22 08:21:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/02/08 15:18:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2009/04/10 07:16:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2009/02/08 15:23:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2009/02/08 15:24:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
[2009/06/01 19:48:15 | 00,001,657 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/02/13 23:53:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2009/02/22 15:05:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit Canada
[2009/02/03 10:00:42 | 00,000,952 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/10/30 11:38:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/02/03 13:06:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/11/02 13:02:39 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Memeo
[2009/04/22 18:20:20 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/11/11 03:06:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/02/08 11:17:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive
[2009/10/10 10:56:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2009/02/10 20:36:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/02/03 11:51:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2009/06/08 19:49:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/02/04 09:14:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/02/03 11:35:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2009/02/08 15:26:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2009/02/23 20:04:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/11/15 12:57:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
[2009/02/03 14:11:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2009/03/31 21:37:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Acer
[2009/08/30 07:59:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Adobe
[2008/07/02 21:59:02 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\snaith\Application Data\desktop.ini
[2009/02/10 20:36:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\DriverCure
[2009/02/08 11:56:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Google
[2009/04/10 07:16:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\HP
[2009/03/01 19:44:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\HPAppData
[2009/09/05 07:15:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\ICAClient
[2009/02/03 14:10:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Identities
[2009/08/30 10:35:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Image Zone Express
[2009/02/03 14:10:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\InstallShield
[2009/02/22 15:06:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Intuit Canada
[2009/02/03 10:18:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Macromedia
[2009/10/30 14:47:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Malwarebytes
[2009/08/30 11:59:39 | 00,000,000 | --SD | M] -- C:\Documents and Settings\snaith\Application Data\Microsoft
[2009/02/16 00:21:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Mozilla
[2009/02/03 14:10:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\SiteAdvisor
[2009/11/24 11:15:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\Skype
[2009/11/24 11:14:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\skypePM
[2009/05/20 12:53:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\U3
[2009/11/15 12:59:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\snaith\Application Data\ZoomBrowser EX
[2008/04/13 23:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/11/24 11:13:49 | 00,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009/11/24 11:16:05 | 00,000,886 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2009/11/21 18:00:00 | 00,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2009/11/22 00:33:01 | 00,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job
[2009/11/24 11:13:39 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/11/24 11:33:09 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{BB5EA149-293E-490D-8452-F5F2659DBF3B}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32\eventlog.dll >
[2008/04/13 23:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\scecli.dll >
[2008/04/13 23:00:00 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\snaith\Desktop\install_flash_player.exe:SummaryInformation
< End of report >
OTL Extras logfile created on: 24/11/2009 11:47:47 AM - Run 1
OTL by OldTimer - Version 3.1.8.0 Folder = F:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
1.93 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 59.89% Memory free
3.78 Gb Paging File | 3.10 Gb Available in Paging File | 82.11% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.17 Gb Total Space | 109.30 Gb Free Space | 75.82% Space Free | Partition Type: NTFS
Drive D: | 144.15 Gb Total Space | 144.06 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1.94 Gb Total Space | 0.37 Gb Free Space | 19.01% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACR5730-04
Current User Name: snaith
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1" (Mozilla Corporation)
https [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe" = C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:*:Enabled:BackupSvc.exe -- (NewTech InfoSystems, Inc.)
"C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe" = C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:*:Enabled:SchedulerSvc.exe -- ()
"C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe" = C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:*:Enabled:AgentSvc.exe -- (NewTech Infosystems, Inc.)
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1BDC1AB0-2677-4593-8F94-329F7CA8F670}" = Adobe Creative Suite 3 Design Premium
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{61B9BC1E-F0E6-4A4F-98CB-A0D2EB2D7731}" = O2Micro Flash Memory Card Reader Driver (x86)
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{721ABC3B-5F12-4332-9C0C-C11424EF666C}" = WIMGAPI
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{8A367C28-423C-48E2-8C76-EBA1171F932A}" = Adobe Photoshop Album 2.0
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8.4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA0D2D5F-612B-45D3-8759-DA87206E5CC9}" = QuickTax 2008
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B7FB6B99-C93C-4818-825B-37EF4B64C80C}" = PS_AIO_02_Software
"{B8BF5CD8-B02D-48f9-96A9-7183F868D6EE}" = C6200_Help
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C14266F9-1464-4285-9094-043633EFC3B0}" = C6200
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C8BA6802-38DA-43F9-8ACB-73161C277C9A}" = Adobe Setup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE6A85D8-D6B9-479A-9FE9-A06E56881E61}" = Configuration Manager Client
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D25BDCF5-19F6-4d9e-B9C9-273FE81446C4}" = PS_AIO_02_ProductContext
"{D41EB7A7-1AAA-4282-AD6A-1FAC72BE55C5}" = C6200_doccd
"{D64BC2CF-0F12-47d7-B412-B4F3FD684253}" = HP Photosmart All-In-One Software 9.0
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E934E2A2-BE3B-4C1A-A3D9-753FFB2B38B4}" = WD Drive Manager (x86)
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF0D2E55-6FE2-4e35-BE22-A742E85D84E3}" = PS_AIO_02_Software_min
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FB8A4E30-9915-4814-ADF9-42E00D9FDC3D}" = Symantec Endpoint Protection
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_498b43b77cac072081a5692bfc52804" = Add or Remove Adobe Creative Suite 3 Design Premium
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"CSCLIB" = Canon Camera Support Core Library
"EOS Utility" = Canon Utilities EOS Utility
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (1.5)" = Mozilla Firefox (1.5)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa2" = Picasa 2
"PROPLUS" = Microsoft Office Professional Plus 2007
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RDC" = RDC
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UniPrint Client 3.6.0" = UniPrint Client 3.6.0
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22/11/2009 1:02:44 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:44 AM
Error - 22/11/2009 1:02:45 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:45 AM
Error - 22/11/2009 1:02:47 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:47 AM
Error - 22/11/2009 1:02:48 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:48 AM
Error - 22/11/2009 1:02:49 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:49 AM
Error - 22/11/2009 1:02:51 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:51 AM
Error - 22/11/2009 1:02:52 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:52 AM
Error - 22/11/2009 1:02:53 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:53 AM
Error - 22/11/2009 1:02:54 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:54 AM
Error - 22/11/2009 1:02:55 AM | Computer Name = ACR5730-04 | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Event Info: Terminate Process Action Taken: Logged
Actor
Process: C:\Documents and Settings\snaith\Local Settings\Application Data\oawahs\dgatsysguard.exe
(PID 1284) Time: November 22, 2009 12:02:55 AM
[ System Events ]
Error - 23/11/2009 8:21:58 PM | Computer Name = ACR5730-04 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 23/11/2009 8:23:26 PM | Computer Name = ACR5730-04 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 23/11/2009 8:25:41 PM | Computer Name = ACR5730-04 | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Launch
permission for the COM Server application with CLSID {24FF4FDC-1D9F-4195-8C79-0DA39248FF48}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be
modified using the Component Services administrative tool.
Error - 23/11/2009 8:37:02 PM | Computer Name = ACR5730-04 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.
Error - 23/11/2009 8:52:32 PM | Computer Name = ACR5730-04 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 23/11/2009 8:52:32 PM | Computer Name = ACR5730-04 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 23/11/2009 8:52:32 PM | Computer Name = ACR5730-04 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 23/11/2009 8:52:52 PM | Computer Name = ACR5730-04 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 24/11/2009 12:16:15 PM | Computer Name = ACR5730-04 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.
Error - 24/11/2009 12:17:52 PM | Computer Name = ACR5730-04 | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Launch
permission for the COM Server application with CLSID {24FF4FDC-1D9F-4195-8C79-0DA39248FF48}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be
modified using the Component Services administrative tool.
< End of report >