Malwarebytes' Anti-Malware 1.42
Database version: 3426
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12/25/2009 5:47:44 AM
mbam-log-2009-12-25 (05-47-44).txt
Scan type: Quick Scan
Objects scanned: 140764
Time elapsed: 36 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-25 20:25:34
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uwtdqpow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\savonaccesscontrol.sys (SAV On-access and HIPS for Windows XP (x86)/Sophos Plc) ZwCreateKey [0xB58D5FA0]
SSDT \SystemRoot\system32\DRIVERS\savonaccesscontrol.sys (SAV On-access and HIPS for Windows XP (x86)/Sophos Plc) ZwDeleteKey [0xB58D60F6]
SSDT \SystemRoot\system32\DRIVERS\savonaccesscontrol.sys (SAV On-access and HIPS for Windows XP (x86)/Sophos Plc) ZwSetValueKey [0xB58D615C]
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs savonaccessfilter.sys (SAV On-access and HIPS for Windows XP (x86)/Sophos Plc)
Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Roxio)
Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Roxio)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 12/25/2009 10:03:04 PM - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Administrator\Desktop\12-25-VirusScan
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 79.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 124.52 Gb Free Space | 53.47% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 232.88 Gb Total Space | 114.55 Gb Free Space | 49.19% Space Free | Partition Type: NTFS
Computer Name: KDPTOP
Current User Name: kdp
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/12/25 22:00:06 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\12-25-VirusScan\OTL.exe
PRC - [2009/12/08 14:25:28 | 00,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/11/14 09:52:42 | 00,160,592 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2009/10/31 14:35:39 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/10/28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/05 04:22:15 | 00,080,936 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
PRC - [2009/09/22 11:09:02 | 00,156,672 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Replay Media Catcher\FLVSrvc.exe
PRC - [2009/09/09 13:19:44 | 00,052,736 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2009/08/05 13:47:20 | 01,602,048 | ---- | M] (Copernic Inc.) -- C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe
PRC - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/06/11 00:38:15 | 00,172,032 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
PRC - [2009/06/11 00:37:04 | 00,245,760 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\AutoUpdate\ALMon.exe
PRC - [2009/05/02 18:30:52 | 00,561,592 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/03/09 18:59:32 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/01/30 07:45:00 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/12/04 12:00:26 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/12/04 12:00:20 | 00,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/11/11 16:35:22 | 00,020,840 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
PRC - [2008/11/11 16:35:20 | 00,808,296 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
PRC - [2008/09/25 11:25:14 | 00,237,657 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\DellXPM09B_6087v035\WDM\stacsv.exe
PRC - [2008/09/15 01:57:04 | 00,262,360 | ---- | M] (Data Perceptions / PowerProgrammer) -- C:\WINDOWS\system32\WebUpdateSvc4.exe
PRC - [2008/08/21 10:30:50 | 01,862,712 | ---- | M] (WiQuest Communications, Inc.) -- C:\Program Files\Dell\Dell WUSB\WQ_Tray2.exe
PRC - [2008/08/21 05:04:27 | 00,098,304 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
PRC - [2008/07/10 19:42:14 | 00,819,200 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/07/10 19:32:38 | 00,352,256 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2008/07/10 19:30:46 | 01,351,680 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2008/07/10 19:23:22 | 00,901,120 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008/07/10 19:13:50 | 01,191,936 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2008/07/10 19:12:40 | 00,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/05/02 02:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 02:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/30 15:26:22 | 00,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/04/14 04:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 04:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2008/04/09 19:23:22 | 00,909,208 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2008/04/09 19:11:24 | 02,595,792 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008/03/21 19:32:04 | 00,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/01/04 08:46:48 | 00,107,832 | ---- | M] () -- C:\Program Files\BounceBack Professional\BBLauncher.exe
PRC - [2008/01/04 08:46:10 | 00,036,864 | ---- | M] (CMS Products™, Inc.) -- C:\Program Files\BounceBack Professional\BBWatcherService.exe
PRC - [2007/10/25 16:23:36 | 00,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2006/09/08 14:10:22 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2006/02/09 22:22:52 | 00,401,408 | ---- | M] (ergonis software) -- C:\Program Files\ergonis\PopChar\PopChar.exe
PRC - [2004/04/13 17:03:10 | 00,299,008 | ---- | M] (Palm, Inc.) -- C:\Program Files\palmOne\HOTSYNC.EXE
========== Modules (SafeList) ==========
MOD - [2009/12/25 22:00:06 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\12-25-VirusScan\OTL.exe
MOD - [2009/12/25 21:20:28 | 00,012,800 | ---- | M] (Applian Technologies, Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
MOD - [2009/11/21 07:51:04 | 00,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\aclayers.dll
MOD - [2009/08/14 01:23:52 | 00,195,072 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll
MOD - [2009/07/12 01:12:06 | 00,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2008/05/02 02:42:50 | 00,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008/04/14 04:00:00 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/12/14 11:03:18 | 00,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/12/08 14:25:28 | 00,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/10/05 04:22:15 | 00,080,936 | ---- | M] (Sophos Plc) [Unknown | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService)
SRV - [2009/09/09 13:19:44 | 00,052,736 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2009/07/18 10:34:32 | 00,091,392 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/06/11 00:38:15 | 00,172,032 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service)
SRV - [2009/05/05 10:19:14 | 00,451,904 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2009/05/02 18:30:52 | 00,561,592 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/03/21 01:08:43 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/09 18:59:32 | 00,133,104 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9a12c42d8c90a) Google Update Service (gupdate1c9a12c42d8c90a)
SRV - [2009/01/30 07:45:00 | 00,168,004 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/12/08 05:40:00 | 00,128,280 | ---- | M] (EMC Corporation) [Disabled | Stopped] -- C:\Program Files\Retrospect\Retrospect 7.6\rthlpsvc.exe -- (Retrospect Helper)
SRV - [2008/12/08 05:40:00 | 00,115,992 | ---- | M] (EMC Corporation) [Disabled | Stopped] -- C:\Program Files\Retrospect\Retrospect 7.6\retrorun.exe -- (RetroLauncher)
SRV - [2008/12/04 12:00:26 | 00,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/11/11 16:35:22 | 00,020,840 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2008/11/11 16:35:20 | 00,808,296 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2008/10/10 04:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/09/25 11:25:14 | 00,237,657 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\DellXPM09B_6087v035\WDM\stacsv.exe -- (STacSV)
SRV - [2008/09/15 01:57:04 | 00,262,360 | ---- | M] (Data Perceptions / PowerProgrammer) [Auto | Running] -- C:\WINDOWS\system32\WebUpdateSvc4.exe -- (WebUpdate4)
SRV - [2008/08/21 05:04:27 | 00,098,304 | ---- | M] (Sophos Plc) [Unknown | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService)
SRV - [2008/08/15 08:51:34 | 00,342,624 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2008/07/10 19:42:14 | 00,819,200 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/07/10 19:32:38 | 00,352,256 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2008/07/10 19:23:22 | 00,901,120 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008/07/10 19:12:40 | 00,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/05/02 02:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/04/09 20:42:00 | 00,492,896 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2008/01/04 08:46:10 | 00,036,864 | ---- | M] (CMS Products™, Inc.) [Auto | Running] -- C:\Program Files\BounceBack Professional\BBWatcherService.exe -- (BBWatcherService)
SRV - [2007/11/06 12:22:26 | 00,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/07/11 09:33:28 | 00,069,632 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007/06/13 14:15:40 | 00,483,328 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2006/11/08 15:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2006/11/08 15:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/01/31 09:45:20 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ucsc.edu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.ucsc.edu/"
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2009/12/20 11:39:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2009/01/11 21:06:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2009/11/19 09:47:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/19 09:29:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/19 09:29:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/11/08 15:05:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/11/08 15:06:16 | 00,000,000 | ---D | M]
[2009/01/11 20:09:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2009/12/20 21:02:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cmkq0jzl.default\extensions
[2009/01/11 20:09:57 | 00,000,000 | ---D | M] (Forecastbar Enhanced) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cmkq0jzl.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
[2009/12/20 11:06:26 | 00,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cmkq0jzl.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/11/02 09:13:12 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cmkq0jzl.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/11/23 20:55:25 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cmkq0jzl.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/12/12 23:23:01 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cmkq0jzl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/01/16 02:01:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cmkq0jzl.default\extensions\Access Privileges Test
[2009/12/07 08:49:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cmkq0jzl.default\extensions\[email protected]
[2009/05/08 14:29:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\cmkq0jzl.default\extensions\[email protected]
[2009/01/11 20:09:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\enud7k8n.default\extensions
[2008/11/20 13:48:41 | 00,005,523 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\enud7k8n.default\searchplugins\Copernic.xml
[2009/12/20 21:02:37 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/01/16 02:02:20 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\Access Privileges Test
O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Copernic Desktop Search - Home Toolbar) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - C:\Program Files\Copernic Desktop Search - Home\Toolbar\ToolbarContainer101000313.dll (Copernic Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Desktop Search - Home Toolbar) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - C:\Program Files\Copernic Desktop Search - Home\Toolbar\ToolbarContainer101000313.dll (Copernic Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe File not found
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [Copernic Desktop Search - Home] C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe (Copernic Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\BounceBack Launcher.lnk = C:\Program Files\BounceBack Professional\BBStartup.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE (Palm, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PopChar.lnk = C:\Program Files\ergonis\PopChar\PopChar.exe (ergonis software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless USB Manager.lnk = C:\Program Files\Dell\Dell WUSB\WQ_Tray2.exe (WiQuest Communications, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BackupNoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: chase.com ([chaseonline] https in Trusted sites)
O15 - HKCU\..Trusted Domains: chase.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: dellactivations.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: sonic.com ([updateservice] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 3 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1223593480016 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1223593538188 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll) - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
O20 - AppInit_DLLs: (C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~3.DLL) - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/09 14:13:45 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/09/25 14:19:18 | 00,000,031 | ---- | M] () - C:\autorun.txt -- [ NTFS ]
O32 - AutoRun File - [2008/10/09 14:13:45 | 00,000,000 | ---- | M] () - J:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{72111b3b-1c93-11de-b261-00216a0149e8}\Shell\AutoRun\command - "" = 8.bat
O33 - MountPoints2\{72111b3b-1c93-11de-b261-00216a0149e8}\Shell\explore\Command - "" = 8.bat
O33 - MountPoints2\{72111b3b-1c93-11de-b261-00216a0149e8}\Shell\open\Command - "" = 8.bat
O33 - MountPoints2\{b72e7329-284c-11de-b26a-00216a0149e8}\Shell - "" = AutoRun
O33 - MountPoints2\{b72e7329-284c-11de-b26a-00216a0149e8}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b72e7329-284c-11de-b26a-00216a0149e8}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009/01/11 21:19:16 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54328119363895296)
========== Files/Folders - Created Within 14 Days ==========
[2009/12/25 06:02:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/25 05:59:56 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/25 05:48:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\12-25-VirusScan
[2009/12/24 16:04:16 | 00,000,000 | ---D | C] -- C:\Program Files\InterActual
[2009/12/24 15:18:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\iPodTouch
[2009/12/21 20:12:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\CarlasComputerVirus
[2009/12/20 22:08:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Nathan
[2009/12/14 14:52:15 | 00,000,000 | ---D | C] -- C:\Program Files\VPL
[2009/12/14 14:52:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\Video Padlock
[2009/12/14 11:05:08 | 00,000,000 | ---D | C] -- C:\SmartSound Software
[2009/12/14 11:04:07 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/05/21 14:26:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2009/05/21 14:26:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2009/01/11 20:53:44 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/01/11 20:53:44 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/01/11 20:53:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2009/01/11 20:53:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/01/11 20:53:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/01/11 20:53:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/01/11 20:53:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Acronis
[2008/10/09 16:32:06 | 00,454,656 | ---- | C] (Simon Tatham) -- C:\Program Files\putty.exe
========== Files - Modified Within 14 Days ==========
[2009/12/25 21:40:15 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/12/25 21:23:44 | 00,528,020 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/25 21:23:44 | 00,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/25 21:23:44 | 00,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/25 21:20:32 | 00,211,929 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009/12/25 21:20:32 | 00,211,929 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/12/25 21:20:17 | 00,195,312 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/12/25 21:20:00 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/25 21:19:37 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/12/25 21:17:05 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/12/25 21:17:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/25 21:16:33 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/25 06:05:53 | 00,000,157 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\cntp.ini
[2009/12/25 05:59:56 | 00,000,613 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/12/25 05:59:56 | 00,000,594 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/12/24 21:59:08 | 08,388,608 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2009/12/24 16:09:53 | 00,000,781 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InterActual Player.lnk
[2009/12/24 16:09:08 | 00,000,000 | ---- | M] () -- C:\WINDOWS\iPlayer.INI
[2009/12/22 16:37:19 | 05,984,256 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\filesync.metadata
[2009/12/22 12:42:05 | 00,001,917 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/12/20 03:00:00 | 00,000,590 | ---- | M] () -- C:\WINDOWS\tasks\New scan.job
[2009/12/18 10:45:56 | 02,648,024 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2009/12/16 20:25:02 | 00,347,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/16 20:15:22 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/12/16 20:10:57 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2009/12/14 15:44:33 | 00,078,484 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/12/14 15:29:16 | 00,096,216 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2009/12/14 14:50:43 | 00,001,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Applian Director.lnk
[2009/12/14 14:46:20 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Schedule8.dat
[2009/12/14 14:44:38 | 00,156,672 | ---- | M] (Radioactive) -- C:\WINDOWS\System32\rmc_fixasf.exe
[2009/12/14 14:44:35 | 00,237,568 | ---- | M] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/12/14 11:43:10 | 00,000,632 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\moviemk.exe.lnk
[2009/12/14 11:03:03 | 00,001,904 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Premiere Elements 8.0.lnk
========== Files Created - No Company Name ==========
[2009/12/25 05:59:56 | 00,000,613 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2009/12/25 05:59:56 | 00,000,594 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2009/12/24 16:09:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/12/24 16:04:22 | 00,000,781 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InterActual Player.lnk
[2009/12/22 12:42:05 | 00,001,917 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2009/12/14 14:52:39 | 00,000,530 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\VideoPadlockLog.log
[2009/12/14 14:46:20 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Schedule8.dat
[2009/12/14 11:43:10 | 00,000,632 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\moviemk.exe.lnk
[2009/12/14 11:03:03 | 00,001,904 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Premiere Elements 8.0.lnk
[2009/12/08 12:31:07 | 00,004,432 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Comma Separated Values (Windows).NOT
[2009/12/08 12:29:05 | 00,008,326 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Comma Separated Values (Windows).JNL
[2009/12/07 20:25:02 | 00,000,905 | ---- | C] () -- C:\WINDOWS\MD_MicroDiffs.INI
[2009/12/07 20:25:02 | 00,000,905 | ---- | C] () -- C:\WINDOWS\MD_MacroDiffs.INI
[2009/12/07 20:25:02 | 00,000,817 | ---- | C] () -- C:\WINDOWS\CFX.INI
[2009/12/07 19:13:40 | 00,000,103 | ---- | C] () -- C:\WINDOWS\SW_Win2000X9.DLL
[2009/12/07 19:08:24 | 00,000,024 | ---- | C] () -- C:\WINDOWS\System32\XLSCX.INI
[2009/12/07 19:08:24 | 00,000,024 | ---- | C] () -- C:\WINDOWS\System32\WordCX.INI
[2009/12/07 19:08:23 | 00,000,051 | ---- | C] () -- C:\WINDOWS\SW_Win2000X16.DLL
[2009/12/07 19:08:17 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2009/12/07 19:08:16 | 00,225,280 | ---- | C] () -- C:\WINDOWS\System32\DrakeCom.dll
[2009/12/07 19:08:16 | 00,221,184 | ---- | C] () -- C:\WINDOWS\System32\SII_PDF.dll
[2009/12/07 19:08:16 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2009/12/06 15:24:41 | 00,016,092 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ReplayConverterLog.log
[2009/12/06 14:09:24 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/11/30 09:46:18 | 00,003,021 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\cntp.nws
[2009/11/28 11:06:43 | 00,038,502 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Comma Separated Values (Windows).ADR
[2009/11/18 12:49:52 | 00,013,033 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Comma Separated Values (Windows).CAL
[2009/11/17 08:35:36 | 00,045,299 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\ReplayMusicLog.log
[2009/09/09 13:19:44 | 00,201,216 | ---- | C] () -- C:\WINDOWS\CDAC14BA.DLL
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/06/11 13:08:01 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2009/04/14 15:33:44 | 00,000,048 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2009/04/14 15:33:41 | 00,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2009/03/28 11:28:19 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/03/28 11:28:19 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/03/05 16:47:18 | 00,011,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\CdaC15BA.SYS
[2008/12/24 17:20:08 | 00,188,600 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2008/12/23 13:59:34 | 00,279,888 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2008/12/23 13:51:36 | 00,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2008/12/10 22:33:49 | 06,562,196 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\BounceBack.log
[2008/12/08 10:02:06 | 00,002,634 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2008/11/29 19:42:35 | 00,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2008/11/25 12:15:12 | 00,000,143 | ---- | C] () -- C:\WINDOWS\KGOleSrv.INI
[2008/11/24 16:19:40 | 05,984,256 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\filesync.metadata
[2008/11/24 16:19:40 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/24 16:14:14 | 00,000,157 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\cntp.ini
[2008/11/20 14:24:51 | 00,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/11/20 14:08:44 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2008/11/20 14:08:44 | 00,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/11/20 14:06:39 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/11/20 13:53:59 | 00,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2008/11/20 13:45:56 | 00,000,483 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/11/20 13:38:19 | 00,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008/10/14 15:53:51 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/10/09 16:30:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\tsetup.INI
[2008/10/09 14:10:16 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/08/15 08:46:30 | 02,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/04/14 04:00:00 | 00,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2008/04/14 04:00:00 | 00,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2008/04/14 04:00:00 | 00,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2008/04/14 04:00:00 | 00,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2008/04/14 04:00:00 | 00,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2008/02/18 22:33:34 | 00,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2007/11/06 12:19:28 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2007/09/19 19:05:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/09/19 19:05:00 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/09/19 19:05:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/09/19 19:05:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/06/30 12:58:44 | 00,176,128 | R--- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 12:58:44 | 00,126,976 | R--- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2005/02/17 12:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 12:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/20 18:51:34 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll
[2002/04/01 18:45:50 | 00,047,616 | ---- | C] () -- C:\WINDOWS\System32\ODBCMON.DLL
[2001/11/14 13:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1998/10/22 23:00:00 | 00,057,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\drvlw.sys
[1998/10/22 23:00:00 | 00,038,400 | ---- | C] () -- C:\WINDOWS\System32\ftpnls32.dll
[1998/10/22 23:00:00 | 00,033,280 | ---- | C] () -- C:\WINDOWS\System32\upgdrvlw.dll
[1998/10/21 23:00:00 | 00,027,136 | ---- | C] () -- C:\WINDOWS\System32\upgftps.dll
[1998/10/21 23:00:00 | 00,027,136 | ---- | C] () -- C:\WINDOWS\System32\upgftpap.dll
[1996/04/03 11:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2009/01/11 20:09:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon
[2009/01/11 20:09:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/03/02 10:06:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Copernic
[2009/01/11 20:09:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Design Science
[2009/01/11 20:09:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Free Download Manager
[2009/12/24 12:18:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GoodSync
[2009/01/11 20:09:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mathsoft
[2009/01/11 20:09:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mp3tag
[2009/01/11 20:09:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\NewSoft
[2009/12/01 18:23:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\NoteTab Pro
[2009/01/11 20:09:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Oracle
[2009/04/14 15:33:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\pdf995
[2009/11/30 09:36:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Publish or Perish
[2009/01/11 20:10:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2009/11/14 16:27:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SSH
[2009/01/11 20:10:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SystemRequirementsLab
[2009/08/27 14:02:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TeamViewer
[2009/01/11 20:10:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Thunderbird
[2009/02/17 02:10:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ulead Systems
[2009/01/11 20:10:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\VCOM
[2009/12/06 15:22:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\YouSendIt
[2009/04/08 12:47:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2009/01/11 20:52:43 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/05/31 13:06:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2009/01/11 20:52:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Linksys
[2009/06/24 09:01:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Novatel Wireless
[2009/04/14 15:33:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2009/05/16 10:59:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2009/01/11 20:53:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2009/01/11 20:53:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/01/11 20:53:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2009/01/11 20:53:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2009/10/21 13:02:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2009/01/11 20:53:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2009/01/11 20:53:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2009/11/08 15:08:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/11 10:25:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/02 13:25:03 | 00,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\Acronis True Image Home test.job
[2009/05/03 22:30:54 | 00,000,314 | ---- | M] () -- C:\WINDOWS\Tasks\Acronis True Image Home.job
[2009/05/13 14:24:50 | 00,000,248 | ---- | M] () -- C:\WINDOWS\Tasks\Calculator.job
[2009/05/02 15:23:09 | 00,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Chronograph Lite 3.job
[2009/12/20 03:00:00 | 00,000,590 | ---- | M] () -- C:\WINDOWS\Tasks\New scan.job
[2009/04/28 20:42:41 | 00,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\Retrospect 7.job
[2009/04/28 20:46:33 | 00,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\SyncToyCmd.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008/04/13 23:06:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 23:06:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
< MD5 for: ATAPI.SYS >
[2008/04/13 23:10:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 23:10:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 04:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 04:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: IASTOR.SYS >
[2007/07/12 13:35:02 | 00,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\hdd\iastor\iastor.sys
[2008/06/15 06:11:58 | 00,318,488 | ---- | M] (Intel Corporation) MD5=692830B048AACD7E0D6EDEDF098ACC01 -- C:\Dell\Drivers\R190228\IaStor.sys
[2008/06/15 05:11:58 | 00,318,488 | ---- | M] (Intel Corporation) MD5=692830B048AACD7E0D6EDEDF098ACC01 -- C:\WINDOWS\Drivers\HDD\IASTOR.SYS
[2009/02/11 16:11:50 | 00,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Dell\Drivers\R213316\IaStor.sys
[2009/02/11 16:11:50 | 00,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\system32\DRVSTORE\iaStor_26261AF18B34E3C330200EE1918BC78F557D43BC\iaStor.sys
[2009/02/11 16:11:50 | 00,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\WINDOWS\system32\ReinstallBackups\0033\DriverFiles\iaStor.sys
[2008/12/04 11:48:52 | 00,407,064 | ---- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008/12/04 11:34:52 | 00,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Dell\Drivers\R207268\IaStor.sys
[2008/12/04 11:34:52 | 00,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008/12/04 11:34:52 | 00,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\WINDOWS\system32\drivers\iaStor.sys
[2008/12/04 11:34:52 | 00,328,728 | ---- | M] (Intel Corporation) MD5=BAABB0301949774A66B955C65319635A -- C:\WINDOWS\system32\DRVSTORE\iaStor_878275815B862E4ECAC1A723DF0037229EA86A26\iaStor.sys
< MD5 for: NETLOGON.DLL >
[2008/04/14 04:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 04:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >
[2006/10/18 13:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\Drivers\HDD\NVATA.SYS
[2006/10/18 14:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\hdd\nvraid\nvata.sys
< MD5 for: NVATABUS.SYS >
[2006/10/18 12:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\Drivers\HDD\NVATABUS.SYS
[2006/10/18 13:31:38 | 00,105,472 | ---- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\hdd\nvraid\NvAtaBus.sys
< MD5 for: SCECLI.DLL >
[2008/04/14 04:00:00 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 04:00:00 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s >
< End of report >
OTL Extras logfile created on: 12/25/2009 10:03:04 PM - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Administrator\Desktop\12-25-VirusScan
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 79.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 124.52 Gb Free Space | 53.47% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 232.88 Gb Total Space | 114.55 Gb Free Space | 49.19% Space Free | Partition Type: NTFS
Computer Name: KDPTOP
Current User Name: kdp
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe" = C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe:*:Enabled:Dreamweaver 8 -- (Macromedia, Inc.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Mathematica\7.0\Mathematica.exe" = C:\Program Files\Mathematica\7.0\Mathematica.exe:*:Enabled:Wolfram Mathematica 7 -- (Wolfram Research, Inc.)
"C:\Program Files\Mathematica\7.0\MathKernel.exe" = C:\Program Files\Mathematica\7.0\MathKernel.exe:*:Enabled:Wolfram Mathematica 7 Kernel -- (Wolfram Research, Inc.)
"C:\Program Files\Mathematica\7.0\math.exe" = C:\Program Files\Mathematica\7.0\math.exe:*:Enabled:math.exe -- (Wolfram Research, Inc.)
"C:\Program Files\MathType\MathType.exe" = C:\Program Files\MathType\MathType.exe:*:Enabled:MathType -- (Design Science, Inc.)
"C:\Documents and Settings\Administrator\temp\TeamViewer\Version4\TeamViewer.exe" = C:\Documents and Settings\Administrator\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"D:\content\SearchSvr_Windows.exe" = D:\content\SearchSvr_Windows.exe:*:Enabled:SearchSvr_Windows -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\SplashData\SplashShopper for iPhone\SplashShopper Desktop.exe" = C:\Program Files\SplashData\SplashShopper for iPhone\SplashShopper Desktop.exe:*:Enabled:SplashShopper Desktop -- ()
"C:\Program Files\SplashData\SplashID for iPhone\SplashID Desktop.exe" = C:\Program Files\SplashData\SplashID for iPhone\SplashID Desktop.exe:*:Enabled:SplashID Desktop -- (SplashData, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{034759DA-E21A-4795-BFB3-C66D17FAD183}" = Sophos Anti-Virus
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830
"{0D2E80C8-0875-43EB-9623-47118E2DFBCA}" = Quicken 2007
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{1193600A-134F-40F9-9F71-FEF54C93C629}" = YouSendIt Express
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 17
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3F2F0832-621B-11D3-8F18-004033A05B8E}" = Canvas 7
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4DA016C7-9AC2-4BA7-AD31-3EBA29BC21B1}" = Oracle Calendar
"{4EBDDD97-BC33-4F4C-8DF3-4FA4D83DF84E}" = Retrospect 7.6
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{57DC8980-73DA-481E-AFD4-5E2D44B7F1AD}" = StuffIt Expander 2009
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver Ver.3.53.02
"{5B30AA25-BF39-4BE4-8FEE-51938BAB214D}" = TurboTax 2008 wcaiper
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}" = Acronis True Image Home
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682ABE6A-2CCE-4C6C-AA82-0FE5AB8033F3}" = Sunny Design
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}" = SSH Secure Shell
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{78183C31-521C-438E-98C3-B646B0037A7F}" = Mathcad 12
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{86B5E5AF-3D50-4979-9C81-687C1B3C586D}" = Dell WUSB
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{88F92798-59AB-474F-B40D-1EC5F782F7EE}" = Ulead VideoStudio 9.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{913B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Project Professional 2002
"{985556E5-353F-4AA9-9E75-29AB8A5E4E14}" = Harzing's Publish or Perish 2.7.3499
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBBC53C-AD7B-44ED-91A7-7568B51182F8}" = SplashID
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED53CDF-1046-4C6B-B5E2-C195125ECDA0}" = Intel® PROSet/Wireless WiFi Software
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{AFDFC350-C142-4790-BE12-8357AECD028F}" = SyncToy 2.0 (x86)
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B20179BA-2872-432F-8D88-B8F44AED359B}" = Broadcom USH Host Components
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}" = Citrix Presentation Server Client
"{B37C842A-B624-46B8-A727-654E72F1C91A}" = Calculator Powertoy for Windows XP
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{BC2FE771-EDBE-3087-A676-2B6C45A2BF7E}" = Google Gears
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DDF9EE-C67F-368B-EB42-ECB44FD7556D}" = Adobe Photoshop.com Inspiration Browser
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{DCB63CEC-C6A3-4963-A5D0-6C03EE0CC08F}" = CardScan 6.0.4
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E89D78B8-28F7-412F-8B26-C684739CBBDC}" = Palm Desktop
"{EF775EA3-7AA1-49F5-A900-DCDA50610E03}" = Dell Mobile Broadband Card Utility
"{F0681859-D086-4384-B204-386FA7D80A5B}" = SplashShopper
"{F1223D5A-C34D-46DB-8E3A-4E051A0EC824}" = FlipShare
"{F1608947-B8A4-4D65-A7B8-8B1D669C0E2C}" = SnagIt 7
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FB068BA4-C6EA-4D47-A491-C40E23E77F89}" = Motorola Driver Installation 3.9.0
"{FB9607C0-17B8-42B8-BB99-A1C9F7038363}" = Wolfram Notebook Indexer 2.0
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
"Adobe Acrobat 8 Professional" = Adobe Acrobat 8.1.5 Professional
"Adobe Acrobat 8 Professional_815" = Adobe Acrobat 8.1.5 - CPSID_49013
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator 9.0" = Adobe Illustrator 9.0
"Adobe Photoshop 7.0.1" = Adobe Photoshop 7.0.1
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer
"AI RoboForm" = AI RoboForm (All Users)
"AltoMP3 Gold" = AltoMP3 Gold 5.10
"Applian Director1.1" = Applian Director
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"Belarc Advisor" = Belarc Advisor 7.2
"Canon MP830 User Registration" = Canon MP830 User Registration
"CCleaner" = CCleaner (remove only)
"CdaC13Ba" = SafeCast Shared Components
"Chapura PocketCopy Uninstall_is1" = Chapura PocketCopy 2.1.3
"Chronograph Lite_is1" = Chronograph Lite 3.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CopernicDesktopSearch2" = Copernic Desktop Search - Home
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309)
"Diff Doc_is1" = Diff Doc
"Doc Scrubber_is1" = Doc Scrubber v1.1
"DSMT5" = MathType 5
"ergonis PopChar_is1" = PopChar 2.1
"ERUNT_is1" = ERUNT 1.1j
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FLVPlayer" = FLV Player 1.3.3
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GraphCalc v4.0 Alpha_is1" = GraphCalc v4.0 Alpha
"Graphing Calculator" = Graphing Calculator
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.0
"hp officejet g series 1228759324" = hp officejet g series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1193600A-134F-40F9-9F71-FEF54C93C629}" = YouSendIt Express
"InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InterActual Player" = InterActual Player
"IrfanView" = IrfanView (remove only)
"KaleidaGraph 3.5" = KaleidaGraph 3.5
"KaleidaGraph 3.6" = KaleidaGraph 3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"MP Navigator 2.2" = Canon MP Navigator 2.2
"Mp3tag" = Mp3tag v2.44
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"M-WIN-L 7.0.1 1213965_is1" = Wolfram Mathematica 7 (M-WIN-L 7.0.1 1213965)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NoteTab Pro 6_is1" = NoteTab Pro 6 (Remove only)
"NoteTab Pro_is1" = NoteTab Pro (Remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"ONA-210" = OnNet Host Suite 5.0
"Pdf995" = Pdf995
"Phaser 3.0-20070414" = Phaser
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"Picasa 3" = Picasa 3
"PremElem80" = Adobe Premiere Elements 8.0
"ProInst" = Intel PROSet Wireless
"PROSet" = Intel® Network Connections Drivers
"Replay Converter 3" = Replay Converter 3
"Replay Media Catcher 3.11" = Replay Media Catcher
"Replay Music3.90" = Replay Music
"Replay Music3.93" = Replay Music
"Replay Video Capture4.1" = Replay Video Capture
"Replay_AV_807" = Replay AV 8
"Replay_Media_Splitter_1.2" = Replay Media Splitter 1.7.911
"Software Update Wizard (Redistributable)" = Software Update Wizard (Redistributable) 4.5
"SpeedFan" = SpeedFan (remove only)
"SplashID iPhone Desktop" = SplashID iPhone Desktop 5.1
"SplashShopper iPhone Desktop" = SplashShopper iPhone Desktop 3.0.2
"ST6UNST #1" = Machinehead PowerCalc (32 bit)
"SystemRequirementsLab" = System Requirements Lab
"TreeSize Personal_is1" = TreeSize Personal 4.1
"TurboTax 2008" = TurboTax 2008
"Video Padlock1.12" = Video Padlock
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinPcapInst" = WinPcap 4.0.2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Ycopy_is1" = Ycopy 1.0d
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{95632566-071E-4A02-92C1-4BD907065736}" = BounceBack Professional
"f031ef6ac137efc5" = Dell Driver Download Manager
"GoToMeeting" = GoToMeeting/GoToWebinar 3.0.0.198
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/25/2009 6:40:09 PM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
Error - 12/25/2009 7:40:11 PM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
Error - 12/25/2009 8:40:27 PM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
Error - 12/25/2009 9:40:06 PM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
Error - 12/25/2009 10:40:05 PM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
Error - 12/25/2009 11:40:06 PM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
Error - 12/26/2009 12:40:07 AM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
Error - 12/26/2009 1:17:13 AM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
Error - 12/26/2009 1:22:31 AM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
Error - 12/26/2009 1:40:05 AM | Computer Name = KDPTOP | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 12/25/2009 6:49:28 PM | Computer Name = KDPTOP | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.
Error - 12/25/2009 7:43:48 PM | Computer Name = KDPTOP | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.
Error - 12/25/2009 8:24:39 PM | Computer Name = KDPTOP | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.
Error - 12/26/2009 1:16:56 AM | Computer Name = KDPTOP | Source = Disk | ID = 262159
Description = The device, , is not ready for access yet.
Error - 12/26/2009 1:16:56 AM | Computer Name = KDPTOP | Source = Disk | ID = 262159
Description = The device, , is not ready for access yet.
Error - 12/26/2009 1:16:56 AM | Computer Name = KDPTOP | Source = Disk | ID = 262159
Description = The device, , is not ready for access yet.
Error - 12/26/2009 1:19:53 AM | Computer Name = KDPTOP | Source = Service Control Manager | ID = 7000
Description = The rimmptsk service failed to start due to the following error: %%2
Error - 12/26/2009 1:20:31 AM | Computer Name = KDPTOP | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.
Error - 12/26/2009 1:20:32 AM | Computer Name = KDPTOP | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.
Error - 12/26/2009 1:20:32 AM | Computer Name = KDPTOP | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.
< End of report >