Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Weird file found on c: drive

Started by logadoodle , Feb 14 2011 10:47 PM

  • Please log in to reply

#1
logadoodle
Posted 14 February 2011 - 10:47 PM

logadoodle

    New Member

  • Member
  • Pip
  • 9 posts
I have recently been getting messages that my c: drive was getting full (my computer's 8 years old, I know, a dinosaur!) so I've been going through some of my files. I found a file folder with this as it's title/name:

33e1ef18b3accac9c6268a15

What is that? There's a file on there named:

filterpipelineprintproc.dll

Any idea what this is? The computer - particularly this file - won't let me delete it.

TIA!

OTL:
OTL logfile created on: 2/15/2011 6:41:49 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 148.00 Mb Available Physical Memory | 29.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 40.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.84 Gb Total Space | 4.77 Gb Free Space | 8.55% Space Free | Partition Type: NTFS

Computer Name: RAJZMAN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/15 18:41:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2011/01/05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011/01/04 16:51:20 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe
PRC - [2011/01/04 16:51:14 | 004,318,520 | ---- | M] (Rogers) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe
PRC - [2011/01/04 16:51:14 | 000,488,760 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe
PRC - [2010/11/19 13:38:08 | 000,193,880 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2010/11/19 13:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2010/08/03 23:26:33 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/06/07 15:10:06 | 000,378,088 | ---- | M] (Rogers) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\RPS.exe
PRC - [2010/06/07 15:10:06 | 000,166,944 | ---- | M] (Rogers) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe
PRC - [2010/06/07 15:09:06 | 000,382,208 | ---- | M] (Rogers) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe
PRC - [2010/06/07 12:46:12 | 000,120,048 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe
PRC - [2010/06/07 12:46:08 | 001,053,936 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe
PRC - [2010/05/14 10:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/02 16:26:48 | 005,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe
PRC - [2009/11/02 16:26:48 | 000,592,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSMonitor.exe
PRC - [2009/01/20 14:48:06 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/06/29 01:09:28 | 000,032,768 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2003/06/02 13:50:58 | 000,053,248 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
PRC - [2003/06/02 13:25:24 | 000,270,336 | ---- | M] (Dell Computer Corporation) -- C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
PRC - [2002/04/10 16:44:04 | 000,679,936 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe


========== Modules (SafeList) ==========

MOD - [2011/02/15 18:41:11 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/01/04 16:51:20 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe -- (ServicepointService)
SRV - [2010/11/23 20:47:51 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\scan.dll -- (scan)
SRV - [2010/11/19 13:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2010/09/01 14:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2010/06/07 15:10:06 | 000,166,944 | ---- | M] (Rogers) [Auto | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe -- (Radialpoint Security Services)
SRV - [2010/06/07 15:09:06 | 000,382,208 | ---- | M] (Rogers) [Auto | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe -- (RP_FWS)
SRV - [2010/06/07 12:46:12 | 000,120,048 | ---- | M] (Radialpoint SafeCare Inc.) [Auto | Running] -- C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe -- (VaultClientUpgrade)
SRV - [2010/06/07 12:46:08 | 001,053,936 | ---- | M] (Radialpoint SafeCare Inc.) [Auto | Running] -- C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe -- (VaultClientSRV)
SRV - [2010/03/29 07:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/02 16:26:48 | 005,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe -- (RadialpointIDSAgent)
SRV - [2009/06/08 12:07:50 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009/06/08 12:07:48 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2007/05/16 12:48:56 | 000,228,208 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)


========== Driver Services (SafeList) ==========

DRV - [2010/11/23 20:28:58 | 000,053,192 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - [2010/09/14 13:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010/09/14 13:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010/09/14 13:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010/09/14 13:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010/09/14 13:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2010/06/09 18:09:08 | 000,018,560 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2009/11/26 10:50:32 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\trufos.sys -- (Trufos)
DRV - [2009/11/26 10:50:32 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\profos.sys -- (Profos)
DRV - [2009/11/02 16:27:02 | 000,122,376 | ---- | M] (AVG Technologies ) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys -- (RadialpointIDSDriver)
DRV - [2009/11/02 16:27:02 | 000,030,216 | ---- | M] (AVG Technologies ) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys -- (RadialpointIDSFilter)
DRV - [2009/11/02 16:27:02 | 000,025,736 | ---- | M] (AVG Technologies ) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys -- (RadialpointIDSShim)
DRV - [2009/11/02 16:27:02 | 000,025,608 | ---- | M] (AVG Technologies ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (RadialpointIDSEH)
DRV - [2009/10/23 14:25:54 | 000,285,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2009/06/08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009/02/26 19:17:16 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/02/26 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2006/10/04 21:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005/06/28 22:01:56 | 001,241,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002/09/19 07:44:02 | 000,041,728 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/04/10 17:01:12 | 000,024,554 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/04/10 17:01:00 | 000,029,638 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2002/04/10 17:00:44 | 000,117,898 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2002/04/10 16:48:04 | 000,236,032 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2002/04/10 16:45:16 | 000,206,336 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 12:11:30 | 000,096,640 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT1320680
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://express.rogers.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.14
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.no_proxies_on: "localho,t,127.0.0.1,*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/25 22:56:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/25 22:56:33 | 000,000,000 | ---D | M]

[2009/03/07 12:14:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/02/14 19:55:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m94jhyxh.default\extensions
[2010/08/03 23:27:49 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m94jhyxh.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2009/11/01 08:24:43 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m94jhyxh.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/05/31 12:56:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m94jhyxh.default\extensions\{f92a9fe4-2850-4198-b9d5-279880e49b16}
[2011/02/14 19:55:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/15 11:43:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/22 19:57:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/01/22 15:48:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/08/20 02:10:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009/02/28 11:58:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [Dell AIO Printer A920] C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe (Dell Computer Corporation)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [RogersServicepointAgent.exe] C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: shockwave.com ([www] https in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1206914762710 (WUWebControl Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1207568556765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} http://www.shockwave...tg.1.0.0.33.cab (CPlayFirstddfotgControl Object)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} http://www.shockwave...outLauncher.cab (SproutLauncherCtrl Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/30 16:37:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/14 20:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\PCStitch 5
[2011/02/14 20:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\PCStitch 5
[2011/02/14 20:41:51 | 000,108,544 | ---- | C] (M&R Technologies, Inc.) -- C:\WINDOWS\System32\PCS5.dll
[2011/02/14 20:41:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\PCStitch 5
[2011/02/14 19:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Rogers Servicepoint Agent
[2011/02/06 12:08:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Ethan
[2011/02/06 11:20:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\iTunes
[2011/02/06 11:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/02/06 11:08:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/01/25 23:12:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/01/25 23:12:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/01/25 23:00:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/01/25 22:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\QuickTime
[2011/01/25 22:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/15 06:52:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/15 06:52:37 | 000,204,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/14 20:53:40 | 000,001,665 | ---- | M] () -- C:\WINDOWS\Pcs5.ini
[2011/02/14 20:52:10 | 000,000,076 | ---- | M] () -- C:\WINDOWS\PCS5.lic
[2011/02/14 20:42:14 | 000,000,042 | ---- | M] () -- C:\WINDOWS\PCSPATS.DAT
[2011/02/10 03:08:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/09 23:23:18 | 000,181,248 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/06 11:20:41 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk
[2011/02/04 09:10:13 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/29 22:38:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/25 22:02:04 | 000,039,160 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/14 20:51:53 | 000,001,665 | ---- | C] () -- C:\WINDOWS\Pcs5.ini
[2011/02/14 20:44:28 | 000,000,076 | ---- | C] () -- C:\WINDOWS\PCS5.lic
[2011/02/14 20:42:14 | 000,000,042 | ---- | C] () -- C:\WINDOWS\PCSPATS.DAT
[2011/02/14 20:41:58 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2011/02/14 20:41:57 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2011/02/06 11:20:41 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk
[2009/10/21 14:20:08 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen_x86.sys
[2009/02/26 20:49:49 | 000,763,316 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\LuUninstall.LiveUpdate
[2009/02/24 20:53:10 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2008/04/08 15:48:19 | 000,000,041 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2008/04/01 13:51:14 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2008/03/31 13:46:51 | 000,181,248 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/30 18:57:24 | 000,000,342 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2008/03/30 18:57:04 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2008/03/30 18:56:46 | 000,000,255 | ---- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/03/30 16:58:16 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\shpshftr.dll
[2008/03/30 16:57:51 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\igfxdgps.dll
[2008/03/30 16:57:51 | 000,009,785 | ---- | C] () -- C:\WINDOWS\System32\drivers\a312.sys
[2008/03/30 16:54:28 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/03/29 13:47:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== LOP Check ==========

[2008/03/30 18:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\BVRP Software
[2009/02/26 20:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CA-SupportBridge
[2008/06/26 15:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Farm Frenzy
[2008/07/23 11:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Fitn17
[2010/05/31 12:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Free Ride Games
[2008/06/26 06:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GameHouse
[2010/07/23 08:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Leapfrog
[2009/07/19 07:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MumboJumbo
[2008/09/23 20:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MythPeople
[2009/07/19 20:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PlayFirst
[2010/11/22 20:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Radialpoint
[2010/08/17 19:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Radium Technologies
[2010/11/22 20:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Rogers Online Protection
[2009/02/28 12:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sandlot Games
[2010/05/25 18:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2008/08/17 00:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WindowsLiveInstaller
[2010/10/14 06:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\xml_param
[2011/01/25 23:15:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/27 10:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/08/03 23:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GARMIN
[2008/04/27 14:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Jane s Hotel
[2009/01/26 22:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2008/05/16 07:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\My Games
[2009/07/19 20:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PlayFirst
[2010/11/22 20:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Rogers Online Protection
[2008/04/30 20:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Total Eclipse
[2010/08/09 07:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:435657D8
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:EDDEC855
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:FFB3DBB6
@Alternate Data Stream - 283 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D8237BF1
@Alternate Data Stream - 239 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:38AC530A
@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DE0CA00B
@Alternate Data Stream - 174 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:E04181D9
@Alternate Data Stream - 166 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D37AE80B
@Alternate Data Stream - 161 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:CA4300C6
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:6B520784
@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:82ED8454
@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:82591FF7
@Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:00E4A1FE
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:80EFC1E5
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D762B9DF
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:9E1C306C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:25EFDD27
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:182D85B1
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:0D74540D
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:6F118BF0
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:F59BA980
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:73828A71
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:96FAC731
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:AA9B4A9E
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:A98B12D4
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:AC4C6FB4
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:78CC8F21
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:0AA21473
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:3BB21850

< End of report >


EXTRAS:
OTL Extras logfile created on: 2/15/2011 6:41:49 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 148.00 Mb Available Physical Memory | 29.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 40.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.84 Gb Total Space | 4.77 Gb Free Space | 8.55% Space Free | Partition Type: NTFS

Computer Name: RAJZMAN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Documents and Settings\Owner\Desktop\utorrent.exe" = C:\Documents and Settings\Owner\Desktop\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe" = C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe:*:Enabled:Servicepoint Service -- (Radialpoint Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 22
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{316CDA1E-4760-4772-94B0-0FFC56D85700}" = RPS CRT
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{33A783E8-DC11-427F-A56C-8ED43EEC0695}" = RPS CRT
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35AE9CC9-10A3-4A24-87DF-A6A99BDC1969}" = Rogers Online Protection
"{369B36BE-3D64-4641-9AEA-808D436FE132}" = Microsoft Picture It! Photo 7.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{548B7B4A-B4F6-4074-A2D2-40154DC906B5}" = RPS PerfectDiskStub
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{621AF8B2-75D2-4074-BA44-79178A617255}" = Windows Live installer
"{6539AC4E-1146-479C-9774-A8949B1ECEF3}" = ATI Catalyst Control Center
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779C01A3-8466-499D-88FC-EB820EB3AC51}" = RPS RpsCore
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B738CD9-D107-48C7-8E65-2E6639A39C8D}" = PerfectDisk 10 Professional
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7EE9DE0D-9228-4C33-B80E-FDD1773600DF}" = Microsoft Works Suite Add-in for Microsoft Word
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver Software
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6359569-E03E-4CDC-98E8-CDD080C6EEB5}" = LeapFrog Connect
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D61524CF-93FE-4193-91AD-C6E21FEEAA5A}" = Logitech Harmony Remote Software 7
"{D64DCF1C-7A95-49A4-BAFA-C42B5CF6B8B6}" = Works Suite OS Pack
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{E51FFEFB-68E2-4516-B293-35DC83B9767E}" = LeapFrog Tag Plugin
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell AIO Printer A920" = Dell AIO Printer A920
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PCStitch 5" = PCStitch 5
"RadialpointClientGateway_is1" = Rogers Servicepoint Agent 3.7.44
"Rogers Yahoo! Applications" = Rogers Yahoo! Applications
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"UPCShell" = LeapFrog Connect
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2003Setup" = Microsoft Works 2003 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/16/2009 7:39:05 PM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/22/2009 11:38:25 AM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3439, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 7/22/2009 11:38:31 AM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1001
Description = Fault bucket 1304656578.

Error - 8/1/2009 1:15:40 PM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3474, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/1/2009 1:15:43 PM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3474, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/20/2009 8:15:22 PM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1002
Description = Hanging application dlbkaiox.exe, version 1.0.7.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/29/2009 7:44:49 PM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1002
Description = Hanging application QuickTimePlayer.exe, version 7.62.14.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/2/2009 8:02:07 PM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3576, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/2/2009 8:02:11 PM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3576, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/2/2009 8:02:13 PM | Computer Name = RAJZMAN | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3576, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 2/10/2011 8:23:36 PM | Computer Name = RAJZMAN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
StarOpen

Error - 2/14/2011 8:34:03 PM | Computer Name = RAJZMAN | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.108 on
the Network Card with network address 000874C21F75.

Error - 2/14/2011 8:37:57 PM | Computer Name = RAJZMAN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
StarOpen

Error - 2/14/2011 8:41:38 PM | Computer Name = RAJZMAN | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the WMI Performance Adapter
service to connect.

Error - 2/14/2011 8:41:38 PM | Computer Name = RAJZMAN | Source = Service Control Manager | ID = 7000
Description = The WMI Performance Adapter service failed to start due to the following
error: %%1053

Error - 2/14/2011 8:54:03 PM | Computer Name = RAJZMAN | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the ServicepointService service
to connect.

Error - 2/14/2011 8:54:04 PM | Computer Name = RAJZMAN | Source = Service Control Manager | ID = 7000
Description = The ServicepointService service failed to start due to the following
error: %%1053

Error - 2/14/2011 9:53:57 PM | Computer Name = RAJZMAN | Source = Print | ID = 6161
Description = The document PCStitch owned by Owner failed to print on printer Dell
AIO Printer A920. Data type: LEMF. Size of the spool file in bytes: 157822. Number
of bytes printed: 157822. Total number of pages in the document: 1. Number of pages
printed: 0. Client machine: \\RAJZMAN. Win32 error code returned by the print processor:
1307 (0x51b).

Error - 2/15/2011 7:54:07 AM | Computer Name = RAJZMAN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
StarOpen

Error - 2/15/2011 7:56:02 AM | Computer Name = RAJZMAN | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the WZCSVC service.


< End of report >


Connie

Edited by logadoodle, 15 February 2011 - 06:33 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP