Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4052
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702
8/8/2010 10:05:17 PM
mbam-log-2010-08-08 (22-05-17).txt
Scan type: Quick scan
Objects scanned: 126723
Time elapsed: 11 minute(s), 36 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\system32 (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Carl Conner\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4052
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702
8/10/2010 11:47:06 PM
mbam-log-2010-08-10 (23-47-06).txt
Scan type: Quick scan
Objects scanned: 126709
Time elapsed: 11 minute(s), 37 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Carl Conner\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4052
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702
8/11/2010 10:28:40 PM
mbam-log-2010-08-11 (22-28-40).txt
Scan type: Quick scan
Objects scanned: 125050
Time elapsed: 10 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Carl Conner\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-11 23:00:08
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Administrator\Local Settings\Temp\pxtdqpod.sys
---- Devices - GMER 1.0.15 ----
Device \Driver\Cdrom \Device\CdRom0 82A601B8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 82A5F0F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 82A5F0F8
Device \Driver\atapi \Device\Ide\IdePort0 82A5F0F8
Device \Driver\atapi \Device\Ide\IdePort1 82A5F0F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f 82A5F0F8
Device \Driver\Cdrom \Device\CdRom1 82A601B8
Device \Driver\Cdrom \Device\CdRom2 82A601B8
Device \Driver\axwhisky \Device\Scsi\axwhisky1 82A494A0
Device \Driver\axwhisky \Device\Scsi\axwhisky1Port2Path0Target0Lun0 82A494A0
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 8/11/2010 11:19:53 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = I:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.00 Mb Total Physical Memory | 331.00 Mb Available Physical Memory | 65.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.49 Gb Total Space | 57.33 Gb Free Space | 76.96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3.74 Gb Total Space | 2.42 Gb Free Space | 64.83% Space Free | Partition Type: FAT32
Computer Name: CARL
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/08/11 23:09:22 | 000,574,976 | ---- | M] (OldTimer Tools) -- I:\OTL.exe
PRC - [2009/03/10 22:18:14 | 000,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/11/27 08:10:00 | 000,106,560 | ---- | M] (WinZip Computing, Inc.) -- C:\Program Files\WinZip\WZQKPICK.EXE
========== Modules (SafeList) ==========
MOD - [2010/08/11 23:09:22 | 000,574,976 | ---- | M] (OldTimer Tools) -- I:\OTL.exe
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/04/20 15:20:25 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2010/03/29 08:51:54 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/04/14 01:12:36 | 000,033,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/14 01:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2003/07/06 12:03:48 | 000,181,312 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2003/06/10 00:02:12 | 000,894,024 | ---- | M] (Zone Labs Inc.) [Auto | Stopped] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2002/07/22 13:50:38 | 000,253,952 | ---- | M] (Executive Software International, Inc.) [Auto | Stopped] -- C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe -- (Diskeeper)
SRV - [2001/12/21 20:36:18 | 000,106,496 | ---- | M] (Ontrack Data International) [On_Demand | Stopped] -- C:\Program Files\Ontrack\Fix-It\mxtask.exe -- (Fix-It Task Manager)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\ElbyVCD.sys -- (ElbyVCD)
DRV - [2010/04/17 17:59:39 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/04/17 17:59:37 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/04/17 17:59:36 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/11/17 14:01:18 | 000,010,240 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\mdvrmng.sys -- (mdvrmng)
DRV - [2009/09/10 13:55:52 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/24 17:33:24 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/05/01 00:03:30 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/05/01 00:03:08 | 006,754,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC)
DRV - [2009/05/01 00:01:36 | 000,265,496 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/05/01 00:00:00 | 000,114,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/04/30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2007/12/11 23:34:52 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/12/11 23:34:50 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/02/22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007/02/22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007/02/22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007/02/22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2003/07/21 14:41:22 | 000,006,912 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2003/07/02 17:41:42 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\axwhisky.sys -- (axwhisky)
DRV - [2003/07/02 16:49:52 | 000,124,160 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\axwskbus.sys -- (axwskbus)
DRV - [2003/06/16 16:00:44 | 000,035,340 | ---- | M] (Network Associates, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\Network Associates\ThreatScan Agent for ePO\driver\ntbpf.sys -- (ntbpf)
DRV - [2003/06/10 00:02:00 | 000,188,240 | ---- | M] (Zone Labs Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2003/04/16 14:21:30 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2003/03/31 14:29:00 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/01/13 10:19:26 | 000,249,344 | ---- | M] (Roxio) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/01/13 10:19:26 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/01/13 10:19:26 | 000,118,422 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/01/13 10:19:26 | 000,022,758 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/01/13 10:19:26 | 000,021,654 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/06/12 13:44:42 | 000,013,300 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2002/06/08 16:07:30 | 000,004,480 | ---- | M] (Elaborate Bytes) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2002/02/19 17:19:00 | 000,877,517 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001/12/21 19:37:46 | 000,057,092 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Ontrack\Fix-It\mxDisk.sys -- (mxDisk)
DRV - [2001/12/16 02:27:34 | 000,536,768 | ---- | M] (Voyetra Turtle Beach) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbcwdm.sys -- (tbcwdm)
DRV - [2001/12/15 21:42:38 | 000,144,512 | ---- | M] (Voyetra Turtle Beach) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbcspud.sys -- (tbcspud)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 14:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/06/29 21:16:00 | 000,155,216 | ---- | M] (TrendMicro) [Kernel | Auto | Stopped] -- C:\Program Files\Ontrack\Fix-It\Tmfilter.sys -- (Tmfilter)
DRV - [2001/06/29 18:21:24 | 000,567,232 | ---- | M] (Trend Micro Incorporated.) [Kernel | Auto | Stopped] -- C:\Program Files\Ontrack\Fix-It\Vsapint.sys -- (Vsapint)
DRV - [2001/06/20 17:32:54 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [1995/07/10 02:30:00 | 000,014,592 | ---- | M] (Adaptec) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2001/08/18 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (WsftpBrowserHelper Class) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar_en_2.0.95-big.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar_en_2.0.95-big.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O4 - HKLM..\Run: [Ad-watch] C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe (Lavasoft Sweden)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CopernicPerUserTaskMgr] C:\WINDOWS\System32\CopernicPerUserTaskMgr.exe (Copernic.com)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [LTWinModem1] C:\WINDOWS\System32\ltmsg.exe (LUCENT TECHNOLOGIES)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\RunOnce: [CopernicPerUserTaskMgr] C:\WINDOWS\System32\CopernicPerUserTaskMgr.exe (Copernic.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DriveSelect.lnk = C:\Program Files\321Studios\Xpress\DriveSelect.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe (Headlight Software, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quick View Plus.lnk = C:\Program Files\Quick View Plus\Program\qvp32.exe (Stellent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe (Zone Labs Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms &[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O9 - Extra 'Tools' menuitem : RF Toolbar &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...7824.0836689815 (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-its51 {F6F1E82D-DE4D-11D2-875C-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\itss51.dll (Microsoft Corporation)
O18 - Protocol\Handler\msref {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Program Files\Common Files\Microsoft Shared\Reference Titles\msref.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {0cab0400-7395-11d0-a5e5-0020afe2fdd9} - C:\WINDOWS\qvphook.dll (Stellent, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/23 20:48:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.
========== Files/Folders - Created Within 90 Days ==========
[2010/08/11 22:17:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/11 22:17:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/11 22:05:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/11 22:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/08 21:50:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/08/08 21:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/08 21:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/08 21:48:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010/06/24 23:37:49 | 000,000,000 | ---D | C] -- C:\ae263b486d99e48e0dca13628b0f5c
[2010/05/31 17:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/05/31 17:22:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/05/25 23:29:52 | 000,000,000 | ---D | C] -- C:\otNetFX
[2010/05/21 13:55:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/05/14 00:05:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2003/07/02 17:41:42 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\axwhisky.sys
[2003/07/02 16:49:52 | 000,124,160 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\axwskbus.sys
========== Files - Modified Within 90 Days ==========
[2010/08/11 23:20:16 | 001,048,576 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/08/11 22:45:35 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2010/08/11 22:45:35 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2010/08/11 22:42:59 | 000,001,132 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/11 22:39:29 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/11 22:38:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/11 22:37:52 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/08/11 22:36:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/11 22:31:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/11 22:31:51 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/08/11 22:30:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010/08/11 22:29:36 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/08/11 22:29:34 | 006,352,744 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/08/11 22:17:31 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/11 22:04:35 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2010/08/11 22:04:35 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/08/11 21:10:09 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/07 17:04:12 | 063,040,759 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/07 16:49:25 | 000,000,334 | -H-- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/07/30 17:12:56 | 000,001,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/07/15 17:14:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/07/01 23:17:25 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/06/25 12:24:19 | 000,558,578 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/25 12:24:19 | 000,482,746 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/25 12:24:19 | 000,085,158 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/21 16:29:27 | 000,378,448 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/31 17:28:17 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/05/31 17:28:17 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/05/31 17:24:36 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/05/31 17:22:09 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/05/22 19:31:53 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/05/22 18:38:48 | 000,002,516 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/05/14 00:05:12 | 000,077,352 | ---- | M] () -- C:\WINDOWS\hpqins05.dat
========== Files Created - No Company Name ==========
[2010/08/11 22:45:35 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2010/08/11 22:45:35 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2010/08/11 22:17:31 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/11 22:04:35 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2010/08/11 22:04:35 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/05/31 17:22:09 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/05/13 23:57:02 | 000,077,352 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2010/04/18 19:33:58 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/04/17 14:43:09 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdvrmng.sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/08 10:13:04 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/04/30 16:00:12 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/01/02 18:59:53 | 000,002,696 | ---- | C] () -- C:\WINDOWS\System32\systl32(4).dll
[2005/12/07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2003/10/30 13:50:17 | 000,001,801 | ---- | C] () -- C:\WINDOWS\System32\systl32(3).dll
[2003/09/30 19:51:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2003/09/14 20:45:41 | 000,000,087 | ---- | C] () -- C:\WINDOWS\msintl.dll
[2003/09/14 20:33:03 | 000,000,054 | ---- | C] () -- C:\WINDOWS\mstapi32.dll
[2003/08/28 19:37:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/08/21 21:30:30 | 000,000,026 | ---- | C] () -- C:\WINDOWS\DfrgUIEx.INI
[2003/08/15 10:39:41 | 000,012,374 | ---- | C] () -- C:\WINDOWS\System32\systl32(2).dll
[2003/08/05 14:19:22 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\ntiembed.dll
[2003/08/05 13:19:19 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nero.INI
[2003/08/01 21:33:20 | 000,000,925 | ---- | C] () -- C:\WINDOWS\spamweed.ini
[2003/07/25 20:03:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2003/07/25 20:02:34 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2003/07/25 20:02:33 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2003/07/25 20:02:18 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2003/07/25 20:02:18 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2003/07/25 20:02:13 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2003/07/21 15:13:02 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2003/07/21 14:56:10 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIDBD32.dll
[2003/07/21 14:41:24 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2003/07/19 15:05:49 | 000,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Ripper.INI
[2003/07/16 21:01:56 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\909C3B469C.sys
[2003/07/09 22:24:34 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2003/07/01 11:16:52 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2003/06/28 16:52:06 | 000,000,641 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2003/06/27 10:27:46 | 000,000,024 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2003/06/15 13:52:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ScanSCSI.INI
[2003/06/14 22:13:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CDCOPY32.INI
[2003/06/14 22:13:03 | 000,000,047 | ---- | C] () -- C:\WINDOWS\Cdmkr32.ini
[2003/06/09 23:46:20 | 000,000,185 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2003/06/09 23:05:14 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll
[2003/06/09 22:06:35 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2003/06/09 22:06:35 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\dc240u.sys
[2003/06/09 22:06:35 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2003/06/09 22:06:31 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2003/05/19 10:36:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hnks.ini
[2003/03/03 18:50:15 | 000,000,011 | ---- | C] () -- C:\WINDOWS\bhtsrc32.dll
[2003/02/08 21:05:34 | 000,000,057 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/13 14:21:58 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2002/12/30 20:13:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\PANIC32.dll
[2002/12/30 20:13:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\PANICNT.dll
[2002/12/23 20:49:19 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2002/11/04 20:41:43 | 000,000,044 | ---- | C] () -- C:\WINDOWS\CTText.ini
[2002/11/02 18:44:44 | 000,000,053 | ---- | C] () -- C:\WINDOWS\Crazy.ini
[2002/11/02 17:31:03 | 000,000,223 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI
[2002/11/02 14:50:16 | 000,000,042 | ---- | C] () -- C:\WINDOWS\CT2.ini
[2002/11/02 13:24:04 | 000,000,052 | ---- | C] () -- C:\WINDOWS\CTComm2.ini
[2002/11/02 13:24:04 | 000,000,049 | ---- | C] () -- C:\WINDOWS\TPTest.ini
[2002/11/02 13:24:04 | 000,000,042 | ---- | C] () -- C:\WINDOWS\CT.ini
[2002/11/02 13:21:36 | 000,000,138 | ---- | C] () -- C:\WINDOWS\Crazytalk.ini
[2002/11/02 13:21:35 | 000,000,110 | ---- | C] () -- C:\WINDOWS\CTBugs.ini
[2002/11/02 08:20:56 | 000,001,052 | ---- | C] () -- C:\WINDOWS\TPBugs.ini
[2002/11/02 08:20:56 | 000,000,544 | ---- | C] () -- C:\WINDOWS\CTComm.ini
[2002/11/02 08:20:56 | 000,000,045 | ---- | C] () -- C:\WINDOWS\CrazyTalkBugs.ini
[2002/11/02 08:20:54 | 000,000,195 | ---- | C] () -- C:\WINDOWS\TPBugs2.ini
[2002/11/02 08:20:54 | 000,000,049 | ---- | C] () -- C:\WINDOWS\CTReg.ini
[2002/10/04 14:26:58 | 000,000,097 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2002/09/29 21:04:24 | 000,000,020 | ---- | C] () -- C:\WINDOWS\InfModM.ini
[2002/09/29 21:03:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wgedit.ini
[2002/09/29 21:03:49 | 000,057,344 | ---- | C] () -- C:\WINDOWS\uninstBVRP.dll
[2002/09/28 22:58:05 | 000,000,459 | ---- | C] () -- C:\WINDOWS\ORS.INI
[2002/09/28 22:18:56 | 000,000,601 | ---- | C] () -- C:\WINDOWS\Oxford.ini
[2002/09/28 22:18:55 | 000,211,285 | ---- | C] () -- C:\WINDOWS\XWI321.DLL
[2002/09/28 22:18:55 | 000,058,759 | ---- | C] () -- C:\WINDOWS\XWI321TE.DLL
[2002/09/28 22:13:51 | 000,000,265 | ---- | C] () -- C:\WINDOWS\harraps.ini
[2002/09/28 22:04:01 | 000,000,333 | ---- | C] () -- C:\WINDOWS\ORIENT.INI
[2002/09/24 20:10:21 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2002/09/24 20:07:35 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\sh33w32.dll
[2002/09/24 19:22:35 | 000,000,068 | ---- | C] () -- C:\WINDOWS\WinInit.INI
[2002/09/23 21:25:12 | 000,000,484 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/03/26 21:18:27 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/03/21 14:39:02 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2002/03/21 13:51:52 | 000,503,808 | R--- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002/03/21 13:51:52 | 000,163,840 | R--- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002/03/21 13:51:52 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002/03/21 13:51:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002/03/21 13:51:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002/03/21 13:51:52 | 000,020,480 | R--- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002/03/21 12:51:52 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002/03/20 22:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002/03/20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002/03/20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002/03/20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002/03/20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/08/07 18:59:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HPNVRRes.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2000/04/14 17:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1999/03/23 14:46:24 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL
[1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2003/09/14 10:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ontrack
[2003/07/13 16:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2010/05/13 21:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/04/17 14:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Birdstep Technology
[2010/05/22 19:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2010/04/22 19:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/04/22 19:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2003/06/08 09:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\shockwave.com
[2003/09/27 20:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/08/11 22:31:51 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2003/07/09 22:01:50 | 000,320,152 | ---- | M] () -- C:\ASPI.LOG
[2002/09/23 20:48:32 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/04/17 16:49:29 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2003/07/24 16:28:25 | 000,007,693 | R--- | M] () -- C:\CLDMA.LOG
[2002/09/23 20:48:32 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2002/09/23 20:48:32 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/08/21 11:53:11 | 000,000,000 | ---- | M] () -- C:\Log.txt
[2002/09/23 20:48:32 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/17 16:34:12 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/04/28 23:20:04 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/11 22:37:52 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2010/08/08 15:00:03 | 000,000,411 | ---- | M] () -- C:\rkill.log
[2002/11/03 20:25:58 | 000,000,044 | ---- | M] () -- C:\Sampled Audio.wav
[2005/09/29 22:40:44 | 000,002,886 | ---- | M] () -- C:\xPos.txt
< %systemroot%\Fonts\*.com >
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2003/07/21 12:48:19 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/10/20 18:21:50 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll
[2008/07/06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2000/03/21 11:29:42 | 000,016,840 | ---- | M] (BVRP Software) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\wfxprint2000.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[1999/11/05 14:58:52 | 000,072,704 | ---- | M] () -- C:\WINDOWS\PhotoDeluxe.scr
[2002/11/15 15:36:28 | 000,364,544 | ---- | M] (Simple Star, Inc.) -- C:\WINDOWS\PhotoShow.scr
[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2003/06/09 18:05:55 | 000,000,560 | ---- | M] () -- C:\Program Files\Global.sw
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2003/07/21 13:38:39 | 000,524,288 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003/07/21 12:33:12 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2003/07/21 13:38:39 | 016,777,216 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003/07/21 13:38:41 | 004,718,592 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%|bak;true;false;false /fp >
< %systemroot%\system32|bak;true;false;false /fp >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/04/28 23:37:03 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ >
"PingID" = 11 3D FF 4B E1 21 00 49 AE E1 C0 EE FF 83 21 32 [binary data]
"SusClientId" = 6809dce8-01ad-4f57-8a4d-e4220fd9a9d7
"SusClientIdValidation" = 06 02 28 00 00 0E 33 00 48 00 56 00 31 00 4E 00 34 00 54 00 51 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 35 00 51 00 56 00 39 00 47 00 30 00 4A 00 [binary data]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\IUControl]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OemInfo]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Setup]
< Update\Results\Install|Last SuccessTime /rs >
< End of report >
OTL Extras logfile created on: 8/11/2010 11:19:53 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = I:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.00 Mb Total Physical Memory | 331.00 Mb Available Physical Memory | 65.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.49 Gb Total Space | 57.33 Gb Free Space | 76.96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3.74 Gb Total Space | 2.42 Gb Free Space | 64.83% Space Free | Partition Type: FAT32
Computer Name: CARL
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Real\RealOne Player\realplay.exe" = C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player -- (RealNetworks, Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\HomeMeeting\JoinNet\joinnetu.exe" = C:\Program Files\HomeMeeting\JoinNet\joinnetu.exe:*:Enabled:Meeting Room -- (HomeMeeting)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- File not found
"C:\Program Files\Logitech\Logitech Vid\Vid.exe" = C:\Program Files\Logitech\Logitech Vid\Vid.exe:*:Enabled:Logitech Vid -- (Logitech Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00219391-BE7F-4D72-907D-232863D1120B}" = DiskeeperWorkstation
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{0B4686AE-A1A7-4477-B8EA-65033218474E}" = CNET Download Manager
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1A6405BA-5BE3-4249-8EEB-AD2EA1E39FF3}" = Windows Application Compatibility Toolkit 2.5
"{1DF03ECE-6AF4-414E-B118-C316F151A9A2}" = Corel WordPerfect Office - iFilter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2673A1E0-687D-11D4-AC17-0050FC01328A}" = CrazyTalk
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3A1421C0-5610-46D4-8283-82F3CA755FDB}" = Roxio PhotoSuite 5
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{459E93B6-150E-45d5-8D4B-45C66FC035FE}" = getPlus® Download Manager for Corel
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{644F9DBE-CEDB-45AF-ACB8-E26692B74F62}" = Easy CD & DVD Creator 6
"{67C5EC16-0DC1-4045-A7FF-D7D0FFA4B54D}" = Microsoft .NET Framework 2.0 Language Pack - CHT
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}" = HP Precisionscan Pro 3.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D58580-EA01-11D3-9318-008048B86EFE}" = Santa Cruz
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect
"{A9212616-FCA2-4173-BD99-5C741EB3A068}" = Ulead DVD PictureShow 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}" = Microsoft Plus! Digital Media Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D666E437-158C-43D0-AC69-F67F6C5EC2B8}" = Trellix Web Express Site Building
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DF792899-325E-4243-BAB3-C5B44B696E1F}" = Ontrack® Fix-It Utilities 4.0
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3436EE2-D5CB-4249-840B-3A0140CC34C1}" = PhoneTools
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" = Alcohol 120%
"{EC1F2687-6922-43E9-A6A5-73D750A8C8CE}" = MediaFACE II
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"ABC Photo Album Software" = ABC Photo Album Software
"Ace Translator" = Ace Translator
"Ad-aware 6 Professional" = Ad-aware 6 Professional
"Add/Remove Plus! 2001" = Add/Remove Plus! 2001
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 5.5" = Adobe Photoshop 5.5
"Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0
"Advanced DVD Ripper_is1" = Advanced DVD Ripper 5.0
"AVG8Uninstall" = AVG Free 8.5
"Bash_HTML_Editor" = Bash HTML Editor 3.6.5
"Bookshelf 99Z" = Bookshelf 99 ENG
"CatchUp V1.3" = CatchUp V1.3
"CD Wave_is1" = CD Wave Editor version 1.9
"CloneCD" = CloneCD
"Copernic Agent Personal" = Copernic Agent Personal
"Corel Applications" = Corel Applications
"DVDXCopyXpress" = DVDXCopy Xpress 2.0.1
"Easy CD-DA Extractor 5.1" = Easy CD-DA Extractor 5.1
"ERUNT_is1" = ERUNT 1.1j
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"FinalRecovery_is1" = version 1.21
"GetRight" = GetRight
"Google Chrome" = Google Chrome
"HomeMeeting JoinNet 4.4.0" = HomeMeeting JoinNet 4.4.0
"hp deskjet 990c series" = hp deskjet 990c series (Remove only)
"HP Photo Printing Software" = HP Photo Printing Software
"HP Smart Web Printing" = HP Smart Web Printing
"Huawei Modems" = Huawei modem
"ie8" = Windows Internet Explorer 8
"InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{8FDD2A92-9F75-4706-B8C2-08499A9863E6}" = NTI DriveBackup! 3
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD-Maker 6 Platinum
"Kyodai Mahjongg 18.75 (Full package)_is1" = Kyodai
"LTWinModem" = Lucent Win Modem
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0 Language Pack - CHT" = Microsoft .NET Framework 2.0 語言套件 - 繁體中文
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"Paint Shop Pro 6" = Paint Shop Pro 6.01 ESD
"PhotoShow 2" = PhotoShow 2
"ProShow Gold" = ProShow Gold
"QVP" = Quick View Plus
"RealPlayer 6.0" = RealOne Player
"Refupdate 2.0" = Refupdate 2.0
"san_pro_2002" = SiSoftware Sandra 2002 Professional
"Shockwave" = Shockwave
"Shop for HP Supplies" = Shop for HP Supplies
"SiteLoad_is1" = Trellian SiteLoad v2.0
"SmoothShow 2.0 for Windows" = SmoothShow 2.0 for Windows
"TClockEx_is1" = TClockEx
"ThreatScan 2.5 ePO Add-on" = ThreatScan 2.5 ePO Add-on
"ThreatScan Agent for ePO" = ThreatScan Agent for ePO
"Trellian LiveUpgrade_is1" = Trellian LiveUpgrade v2.0
"Umbro Pro Football" = Umbro Pro Football
"VLC media player" = VideoLAN VLC media player 0.8.1
"Wave Corrector_is1" = Wave Corrector version 2.5
"WIC" = Windows Imaging Component
"Winamp" = Winamp (Remove Only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WS_FTP Pro" = Ipswitch WS_FTP Pro
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"ZoneAlarm Pro" = ZoneAlarm Pro
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/7/2010 7:02:24 PM | Computer Name = CARL | Source = TrueVector Service | ID = 5007
Description = TrueVector engine: File "C:\WINDOWS\Internet Logs\IAMDB.RDB" was corrupt,
restoring from backup "C:\WINDOWS\Internet Logs\BACKUP.RDB".
Error - 8/7/2010 7:02:59 PM | Computer Name = CARL | Source = TrueVector Service | ID = 5007
Description = TrueVector engine: File "C:\WINDOWS\Internet Logs\CARL.ldb" was corrupt
and has been copied to "C:\WINDOWS\Internet Logs\xDB20.tmp". File "C:\WINDOWS\Internet
Logs\CARL.ldb" was corrupt and has been deleted.
Error - 8/7/2010 7:09:08 PM | Computer Name = CARL | Source = Ci | ID = 4124
Description = Content index on c:\system volume information\catalog.wci is corrupt.
Please shutdown and restart the Indexing Service (cisvc).
Error - 8/7/2010 7:09:08 PM | Computer Name = CARL | Source = Ci | ID = 4126
Description = Cleaning up corrupt content index metadata on c:\system volume information\catalog.wci.
Index will be automatically restored by refiltering all documents.
Error - 8/8/2010 10:10:07 AM | Computer Name = CARL | Source = Google Update | ID = 20
Description =
Error - 8/10/2010 5:58:17 PM | Computer Name = CARL | Source = TrueVector Service | ID = 5007
Description = TrueVector engine: File "C:\WINDOWS\Internet Logs\IAMDB.RDB" was corrupt
and has been copied to "C:\WINDOWS\Internet Logs\xDB21.tmp". File "C:\WINDOWS\Internet
Logs\IAMDB.RDB" was corrupt and has been deleted.
Error - 8/10/2010 5:58:18 PM | Computer Name = CARL | Source = TrueVector Service | ID = 5007
Description = TrueVector engine: File "C:\WINDOWS\Internet Logs\IAMDB.RDB" was corrupt,
restoring from backup "C:\WINDOWS\Internet Logs\BACKUP.RDB".
Error - 8/10/2010 5:58:20 PM | Computer Name = CARL | Source = TrueVector Service | ID = 5007
Description = TrueVector engine: File "C:\WINDOWS\Internet Logs\CARL.ldb" was corrupt
and has been copied to "C:\WINDOWS\Internet Logs\xDB22.tmp". File "C:\WINDOWS\Internet
Logs\CARL.ldb" was corrupt and has been deleted.
Error - 8/11/2010 3:10:05 PM | Computer Name = CARL | Source = Google Update | ID = 20
Description =
Error - 8/11/2010 4:10:08 PM | Computer Name = CARL | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 8/11/2010 6:22:58 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/11/2010 6:23:02 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/11/2010 6:23:05 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/11/2010 6:23:09 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/11/2010 6:24:05 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/11/2010 6:24:08 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/11/2010 6:24:12 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/11/2010 6:24:16 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/11/2010 6:24:19 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/11/2010 6:24:23 PM | Computer Name = CARL | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
< End of report >
Checking file system on I:
The type of the file system is FAT32.
One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.
Volume Serial Number is 2831-467D
Convert lost chains to files (Y/N)? Yes
65536 bytes in 1 recovered files.
Windows has made corrections to the file system.
4012900352 bytes total disk space.
1048576 bytes in 32 hidden files.
3244032 bytes in 99 folders.
1405812736 bytes in 1395 files.
2602762240 bytes available on disk.
32768 bytes in each allocation unit.
122464 total allocation units on disk.
79430 allocation units available on disk.