Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet explorer / virus

Started by Denny4 , Feb 28 2011 02:42 PM

  • Please log in to reply

#1
Denny4
Posted 28 February 2011 - 02:42 PM

Denny4

    New Member

  • Member
  • Pip
  • 1 posts
Last week my IE8 pop ups surveys and then a virus warning. I ceased the program through task manager and ran a virus check with super antivirus spyware and deleted what came up. The virus progran requested a reboot which after that I couldn't boot into windows and had to do a XP repair install. I also ran virus checks in safe mode with Enod. Now that I am back on, I had to reinstall IE8. When I get to the home page the screen is off colors with black heading and video is poor. I have it set as a blank homepage. I was able to type a link in and the page came up with a survey question again as before. I am feeling that I still have something on here tied in with IE. Note: I am writing this through AOL and so far can browse with no problems. I have SP3 XP home. OTL log below. Thanks for reviewing and your time on this post!

OTL logfile created on: 2/28/2011 2:53:58 PM - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\Dennis\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

991.00 Mb Total Physical Memory | 124.00 Mb Available Physical Memory | 13.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): c:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 27.87 Gb Free Space | 24.94% Space Free | Partition Type: NTFS
Drive D: | 0.39 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 6.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 7.47 Gb Total Space | 5.59 Gb Free Space | 74.78% Space Free | Partition Type: FAT32

Computer Name: DENNIS-3836B9B6 | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/28 14:53:31 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dennis\desktop\OTL.exe
PRC - [2010/11/30 14:24:12 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6c\waol.exe
PRC - [2010/11/30 14:24:11 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6c\shellmon.exe
PRC - [2010/11/30 10:47:29 | 002,201,936 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6c\AOLBrowser\aolbrowser.exe
PRC - [2010/10/18 14:08:40 | 000,039,240 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
PRC - [2010/09/30 10:12:34 | 001,051,968 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1241117001\ee\aolsoftware.exe
PRC - [2009/12/13 15:24:09 | 004,066,816 | ---- | M] (Tropic Designs) -- C:\Documents and Settings\All Users\Application Data\Weather Pulse 2.2.4.4\weatherpulse.exe
PRC - [2009/10/14 13:31:02 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009/03/19 10:44:50 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/03/19 10:44:28 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/01/30 11:11:20 | 000,086,016 | ---- | M] (Second Nature Software, Inc.) -- C:\Program Files\Second Nature\Snsicon.exe
PRC - [2005/10/03 12:44:22 | 000,344,064 | ---- | M] (Grand Bytes Software) -- C:\Program Files\Process Patrol 2\ProcessPatrol.exe


========== Modules (SafeList) ==========

MOD - [2011/02/28 14:53:31 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dennis\desktop\OTL.exe
MOD - [2010/11/30 14:24:05 | 000,007,168 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6c\idleproc.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/11 23:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (Apple Mobile Device)
SRV - [2010/11/24 19:21:23 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/09/30 10:12:34 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/09/30 10:09:20 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/10/14 13:31:02 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/03/19 10:48:08 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/03/19 10:44:50 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/02/07 23:40:51 | 000,658,432 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/03/19 10:45:38 | 000,093,848 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009/03/19 10:44:34 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/03/19 10:41:38 | 000,113,960 | ---- | M] (ESET) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/01/30 16:52:16 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/01/30 16:52:12 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/01/11 12:34:49 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/12/26 22:28:14 | 000,095,592 | ---- | M] (Rocket Division Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV - [2008/11/04 10:37:28 | 000,043,552 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2008/04/14 07:00:00 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/06/27 14:42:00 | 000,207,488 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2007/02/15 19:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004/03/08 11:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\{1F4239A8-A089-4B51-879B-87EEB71E9FFD}: C:\Documents and Settings\Dennis\Local Settings\Application Data\{1F4239A8-A089-4B51-879B-87EEB71E9FFD} [2011/02/21 22:17:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/07/23 23:23:08 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {52A9AD99-CC4B-44B2-8493-3D0CA9040134} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1241117001\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [rfagent] File not found
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL Desktop 9.6c\AOL.EXE (AOL Inc.)
O4 - HKCU..\Run: [Pando] C:\Program Files\Pando Networks\Pando\Pando.exe (Pando Networks)
O4 - HKCU..\Run: [ProcessPatrol] C:\Program Files\Process Patrol 2\ProcessPatrol.exe (Grand Bytes Software)
O4 - HKCU..\Run: [WeatherPulse] C:\Documents and Settings\All Users\Application Data\Weather Pulse 2.2.4.4\weatherpulse.exe (Tropic Designs)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Snsicon.lnk = C:\Program Files\Second Nature\Snsicon.exe (Second Nature Software, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: New Application = C:\Program Files\Java\jre6\bin\java.exe (Sun Microsystems, Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.winkflash...geUploader5.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: vzTCPConfig http://www2.verizon....vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.237.161.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\Antiwpa: DllName - Reg Error: Key error. - Reg Error: Key error. File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - Reg Error: Key error. File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - Reg Error: Key error. File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - Reg Error: Key error. File not found
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - Reg Error: Key error. File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - Reg Error: Key error. File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - Reg Error: Key error. File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - Reg Error: Key error. File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - Reg Error: Key error. File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - Reg Error: Key error. File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - Reg Error: Key error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Dennis\My Documents\My Pictures\Second Nature.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dennis\My Documents\My Pictures\Second Nature.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/17 09:37:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 16:12:18 | 000,000,088 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007/10/23 02:22:58 | 000,000,283 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/10/05 15:39:48 | 000,000,090 | ---- | M] () - H:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{218633e5-da81-11dd-a12c-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{218633e5-da81-11dd-a12c-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{218633e5-da81-11dd-a12c-00038a000015}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2007/10/23 02:45:39 | 001,336,632 | R--- | M] ()
O33 - MountPoints2\{683045f2-a6f7-11df-bb37-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{683045f2-a6f7-11df-bb37-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{683045f2-a6f7-11df-bb37-00038a000015}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- [2009/10/14 16:28:45 | 003,271,968 | R--- | M] (Western Digital)
O33 - MountPoints2\{c2baf846-40e0-11e0-9d58-806d6172696f}\Shell\AutoRun\command - "" = H:\setupSNK.exe -- [2008/01/20 22:33:00 | 000,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- [2009/10/14 16:28:45 | 003,271,968 | R--- | M] (Western Digital)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2007/10/23 02:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (prestrt) - File not found
O34 - HKLM BootExecute: (BootExecute settings...) - File not found
O34 - HKLM BootExecute: (on) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/28 14:53:30 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dennis\Desktop\OTL.exe
[2011/02/28 14:37:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Dennis\Desktop\HijackThis.exe
[2011/02/28 13:11:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\My Documents\Downloads
[2011/02/28 13:11:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2011/02/28 12:30:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/02/27 13:57:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/02/27 13:49:11 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/02/27 13:49:11 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/02/27 13:49:10 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/02/27 13:47:29 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/02/25 13:38:12 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/02/25 13:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/02/25 13:36:01 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/02/23 12:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\Local Settings\Application Data\{DD4E68DA-DBCD-4C1F-B85E-FF8A7BEBE383}
[2011/02/23 12:00:15 | 006,233,888 | ---- | C] (ddxSoftware Inc. ) -- C:\Documents and Settings\Dennis\Desktop\xprepairpro4.exe
[2011/02/23 11:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\Start Menu\Programs\Free Window Registry Repair
[2011/02/23 11:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2011/02/22 13:15:46 | 000,000,000 | ---D | C] -- C:\I386
[2011/02/22 01:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Registry First Aid
[2011/02/22 01:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Registry First Aid
[2011/02/21 22:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\Local Settings\Application Data\{1F4239A8-A089-4B51-879B-87EEB71E9FFD}
[2011/02/21 22:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\Application Data\OfferBox
[2011/02/21 22:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\OfferBox
[2011/02/21 22:16:36 | 000,000,000 | ---D | C] -- C:\Program Files\IEToolbar
[2011/02/20 20:53:37 | 000,000,000 | ---D | C] -- C:\WUAGENT
[2011/02/18 20:08:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\My Documents\MAGIX downloads
[2011/02/18 20:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\Application Data\MAGIX
[2011/02/18 20:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\My Documents\MAGIX_Screenshare
[2011/02/18 20:06:07 | 000,917,504 | ---- | C] (MAGIX AG) -- C:\WINDOWS\System32\MXRestore.exe
[2011/02/18 20:06:07 | 000,724,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLAV32.dll
[2011/02/18 20:06:07 | 000,278,528 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRES32.dll
[2011/02/18 20:06:07 | 000,221,184 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDRV32.dll
[2011/02/18 20:06:07 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDEV32.dll
[2011/02/18 20:06:07 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCPY32.dll
[2011/02/18 20:06:07 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDA32.dll
[2011/02/18 20:06:07 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIO32.dll
[2011/02/18 20:06:07 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRF32.dll
[2011/02/18 20:06:07 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPNT32.dll
[2011/02/18 20:06:07 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\STRING32.dll
[2011/02/18 20:06:07 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPTL32.dll
[2011/02/18 20:06:07 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDF32.dll
[2011/02/18 20:06:07 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLTPO32.dll
[2011/02/18 20:06:07 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRJ32.dll
[2011/02/18 20:06:07 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIMG32.dll
[2011/02/18 20:06:07 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRD32.dll
[2011/02/18 20:06:07 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLMSC32.dll
[2011/02/18 20:06:07 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLISO32.dll
[2011/02/18 20:06:07 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDIR32.dll
[2011/02/18 20:06:07 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTIC32.dll
[2011/02/18 20:06:07 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTI32.dll
[2011/02/18 20:06:07 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIX.dll
[2011/02/18 20:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\My Documents\MAGIX_Speed2_burnR_mxcdr
[2011/02/18 20:05:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MAGIX
[2011/02/18 20:04:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dennis\My Documents\MAGIX_MusicMaker16Premium_Download_Version
[2011/02/18 20:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/02/18 20:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2011/02/18 20:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2011/02/11 12:31:14 | 012,845,056 | ---- | C] (easy-hideip.com) -- C:\Documents and Settings\Dennis\Desktop\Hide IP Easy.exe
[2009/02/16 00:33:39 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Dennis\Application Data\pcouffin.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/28 14:53:31 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dennis\Desktop\OTL.exe
[2011/02/28 14:37:01 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Dennis\Desktop\HijackThis.exe
[2011/02/28 14:24:25 | 000,002,220 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/28 11:57:24 | 000,461,992 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/28 11:57:24 | 000,079,180 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/28 11:52:54 | 000,000,306 | -HS- | M] () -- C:\WINDOWS\tasks\payxli.job
[2011/02/28 11:52:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/28 11:52:45 | 000,289,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/28 11:35:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/28 01:06:04 | 000,000,233 | -HS- | M] () -- C:\boot.ini
[2011/02/28 00:22:47 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Dennis\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/27 23:33:08 | 000,001,924 | ---- | M] () -- C:\Documents and Settings\Dennis\Desktop\Full Speed.lnk
[2011/02/27 13:51:57 | 000,000,581 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/02/27 13:46:37 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/02/27 13:46:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/02/27 13:46:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/02/27 13:46:21 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/27 13:44:05 | 000,022,748 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/25 13:34:22 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2011/02/24 21:29:40 | 000,101,376 | ---- | M] () -- C:\Documents and Settings\Dennis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/24 13:17:20 | 000,001,041 | ---- | M] () -- C:\Documents and Settings\Dennis\Application Data\vso_ts_preview.xml
[2011/02/23 18:25:48 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/23 14:50:24 | 012,582,912 | ---- | M] () -- C:\Documents and Settings\Dennis\ntuser.rbt
[2011/02/23 14:50:18 | 000,012,990 | ---- | M] () -- C:\WINDOWS\System32\cleartmp.cmd
[2011/02/23 14:47:02 | 006,233,888 | ---- | M] (ddxSoftware Inc. ) -- C:\Documents and Settings\Dennis\Desktop\xprepairpro4.exe
[2011/02/23 11:49:42 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Dennis\Desktop\Free Window Registry Repair.lnk
[2011/02/23 11:48:41 | 001,371,136 | ---- | M] () -- C:\Documents and Settings\Dennis\Local Settings\Application Data\XP Repair Pro 4.0.msi
[2011/02/22 12:55:13 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Dennis\Desktop\Microsoft Office Word 2003.lnk
[2011/02/22 01:17:15 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Registry First Aid.lnk
[2011/02/21 22:17:23 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Nsaxeyuvasaxoga.dat
[2011/02/21 22:17:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Xrutocukexugu.bin
[2011/02/19 09:05:51 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Dennis\Desktop\Microsoft Office Publisher 2003.lnk
[2011/02/18 20:05:20 | 000,000,972 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MAGIX Music Maker 16 Premium Download Version.lnk
[2011/02/10 17:59:07 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/27 16:55:30 | 000,005,376 | R--- | C] () -- C:\WINDOWS\System32\antiwpa.dll
[2011/02/27 13:48:26 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/02/27 13:48:16 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/02/27 13:48:14 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/02/27 13:47:57 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/02/27 13:47:51 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/02/27 13:47:32 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/02/27 13:30:24 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2011/02/27 13:30:24 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/02/27 13:30:24 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/02/27 13:30:24 | 000,171,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2011/02/27 13:30:24 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/02/27 13:30:24 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/02/27 13:30:24 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/02/27 13:30:24 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/02/27 13:30:24 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/02/27 13:30:24 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/02/27 13:30:24 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/02/27 13:30:24 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/02/27 13:30:24 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/02/27 13:30:24 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/02/27 13:30:23 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/02/27 13:30:23 | 000,402,264 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/02/27 13:16:20 | 000,002,220 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/25 13:36:06 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/02/25 13:36:01 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/02/25 13:34:22 | 000,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2011/02/23 11:49:42 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Dennis\Desktop\Free Window Registry Repair.lnk
[2011/02/23 11:48:41 | 001,371,136 | ---- | C] () -- C:\Documents and Settings\Dennis\Local Settings\Application Data\XP Repair Pro 4.0.msi
[2011/02/22 12:42:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/22 00:23:19 | 000,012,990 | ---- | C] () -- C:\WINDOWS\System32\cleartmp.cmd
[2011/02/21 22:17:28 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\OfferBox Browser.lnk
[2011/02/21 22:15:55 | 000,000,306 | -HS- | C] () -- C:\WINDOWS\tasks\payxli.job
[2011/02/18 20:06:07 | 000,038,492 | ---- | C] () -- C:\WINDOWS\System32\DLLAV32.lib
[2011/02/18 20:05:20 | 000,000,972 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MAGIX Music Maker 16 Premium Download Version.lnk
[2011/02/18 20:03:19 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011/01/21 12:33:36 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/01/08 09:47:49 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Nsaxeyuvasaxoga.dat
[2011/01/08 09:47:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Xrutocukexugu.bin
[2010/12/03 16:18:02 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/10/22 14:31:14 | 000,000,221 | ---- | C] () -- C:\Documents and Settings\Dennis\Application Data\43646.bat
[2010/07/10 12:29:51 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/03/23 21:29:39 | 000,000,073 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2010/03/06 00:01:22 | 000,000,111 | ---- | C] () -- C:\WINDOWS\Rocket.ini
[2010/03/05 23:50:08 | 000,000,149 | ---- | C] () -- C:\WINDOWS\Cops.ini
[2010/03/05 23:30:12 | 000,000,149 | ---- | C] () -- C:\WINDOWS\Volcano.ini
[2010/03/05 22:39:10 | 000,000,102 | ---- | C] () -- C:\WINDOWS\Piggybak.ini
[2010/03/05 22:38:57 | 000,000,082 | ---- | C] () -- C:\WINDOWS\PBUpdate.ini
[2010/01/27 12:11:19 | 000,000,049 | ---- | C] () -- C:\WINDOWS\user.ini
[2009/12/26 09:52:36 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2009/12/26 09:52:35 | 000,550,912 | ---- | C] () -- C:\WINDOWS\mHotkey.exe
[2009/12/26 09:52:35 | 000,011,776 | ---- | C] () -- C:\WINDOWS\HIDMNT.dll
[2009/11/29 18:32:36 | 000,002,135 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUInstall.LiveUpdate
[2009/11/23 17:29:02 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009/07/16 23:22:51 | 000,000,126 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009/07/13 21:37:03 | 000,000,080 | ---- | C] () -- C:\WINDOWS\xptools.ini
[2009/07/13 21:11:55 | 000,000,120 | ---- | C] () -- C:\WINDOWS\System32\bn.dll
[2009/07/13 21:11:54 | 000,000,510 | ---- | C] () -- C:\WINDOWS\System32\xtupdate.dat
[2009/06/26 22:33:53 | 000,000,022 | ---- | C] () -- C:\WINDOWS\RsConfig.ini
[2009/06/10 22:13:41 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2009/06/09 13:00:37 | 000,081,984 | ---- | C] () -- C:\WINDOWS\System32\bdod.bin
[2009/06/03 14:47:45 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/06/03 14:47:45 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009/06/03 14:47:45 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/06/03 14:47:45 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009/04/17 22:58:51 | 000,000,028 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/04/16 11:31:11 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2009/04/13 06:18:58 | 065,816,617 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Disk1.cab
[2009/03/19 22:31:43 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009/03/17 19:31:02 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009/03/09 22:04:04 | 000,000,077 | ---- | C] () -- C:\WINDOWS\ZC DVD Creator Platinum.INI
[2009/03/02 21:48:08 | 008,673,792 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2009/02/16 00:35:39 | 000,001,041 | ---- | C] () -- C:\Documents and Settings\Dennis\Application Data\vso_ts_preview.xml
[2009/02/16 00:33:40 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Dennis\Application Data\inst.exe
[2009/02/16 00:33:39 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Dennis\Application Data\pcouffin.cat
[2009/02/16 00:33:39 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Dennis\Application Data\pcouffin.inf
[2009/02/04 16:38:00 | 000,000,034 | -H-- | C] () -- C:\WINDOWS\System32\VideoConverter_sysquict.dat
[2009/01/29 00:18:55 | 000,004,921 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\nmpmeswb.lkq
[2009/01/27 23:21:06 | 000,000,188 | ---- | C] () -- C:\Documents and Settings\Dennis\Application Data\default.rss
[2009/01/27 19:04:41 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/08/12 18:34:55 | 000,060,334 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/07/20 17:22:42 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2008/07/20 17:22:18 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008/07/20 16:22:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/07/17 23:04:09 | 000,001,388 | ---- | C] () -- C:\WINDOWS\Slideshw.ini
[2008/07/17 22:46:18 | 000,101,376 | ---- | C] () -- C:\Documents and Settings\Dennis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/17 18:37:29 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/07/17 09:39:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/07/17 09:34:24 | 000,022,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/07/16 14:07:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/07/16 14:06:13 | 000,289,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/06/18 14:59:56 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/04/14 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/03/24 09:47:02 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Dennis\Application Data\userdic.tlx
[2006/11/25 18:33:16 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\YULS.DLL
[2004/09/17 16:37:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2001/08/23 07:00:00 | 000,461,992 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 07:00:00 | 000,079,180 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/12 16:14:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\shelexec.exe

========== LOP Check ==========

[2010/09/24 06:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Absolutist
[2010/09/08 14:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi
[2009/01/28 19:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2008/07/20 16:45:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/04/01 12:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/02/28 13:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2009/07/23 23:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/12/03 16:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/02/11 16:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2009/01/16 22:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kristanix Games
[2011/02/18 20:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2009/01/29 16:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2011/02/22 01:17:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Registry First Aid
[2011/02/23 14:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RFA_Backups
[2010/01/27 19:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rising
[2009/03/30 16:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2009/06/03 14:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2011/01/09 00:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/18 23:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2009/04/08 11:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/02/16 13:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/05/03 21:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Weather Pulse 2.2.3.0
[2011/02/27 18:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Weather Pulse 2.2.4.4
[2010/08/13 11:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2009/04/08 16:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/01/09 17:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/11/29 11:07:47 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2010/02/08 21:43:35 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/12/15 23:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Acoustica
[2010/09/09 14:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Ambient Design(2)
[2011/01/05 07:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Canon
[2008/07/17 22:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/01/11 15:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\FFSJ
[2009/10/01 13:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\GARMIN
[2009/03/16 21:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\GlarySoft
[2011/02/11 16:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\iolo
[2011/02/18 20:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\MAGIX
[2009/03/29 22:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Marine Aquarium 3
[2009/02/11 23:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\MSNInstaller
[2009/03/30 16:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\NewSoft
[2011/02/21 22:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\OfferBox
[2008/07/28 17:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\OLYMPUS
[2009/02/04 21:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Quicken WillMaker
[2010/11/23 13:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Runscanner.net
[2008/07/17 23:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Second Nature
[2010/06/25 11:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Simply Super Software
[2010/03/15 16:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\SmartDraw
[2010/03/22 22:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Stellarium
[2011/02/11 12:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Thinstall
[2009/11/29 11:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\TuneUp Software
[2009/02/08 23:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Viewpoint
[2010/03/10 21:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\VitySoft
[2011/02/24 12:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Vso
[2011/01/24 12:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\WeatherPulse
[2010/08/13 11:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Western Digital
[2009/11/23 17:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\Wildfire
[2009/04/17 17:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dennis\Application Data\YCanPDF
[2010/12/03 16:31:48 | 000,000,314 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2011/02/28 11:52:54 | 000,000,306 | -HS- | M] () -- C:\WINDOWS\Tasks\payxli.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Dennis\Desktop\xprepairpro4.exe:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Dennis\Desktop\iexplore.exe:SummaryInformation
@Alternate Data Stream - 72 bytes -> C:\WINDOWS:EF9A0151D6562D12
@Alternate Data Stream - 163 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ADF211B1

< End of report >

OTL Extras logfile created on: 2/28/2011 2:53:58 PM - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\Dennis\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

991.00 Mb Total Physical Memory | 124.00 Mb Available Physical Memory | 13.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): c:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 27.87 Gb Free Space | 24.94% Space Free | Partition Type: NTFS
Drive D: | 0.39 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 6.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 7.47 Gb Total Space | 5.59 Gb Free Space | 74.78% Space Free | Partition Type: FAT32

Computer Name: DENNIS-3836B9B6 | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service
"56065:TCP" = 56065:TCP:*:Enabled:Pando P2P TCP Listening Port
"56066:UDP" = 56066:UDP:*:Enabled:Pando P2P UDP Listening Port
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"59132:TCP" = 59132:TCP:*:Enabled:Pando
"59132:UDP" = 59132:UDP:*:Enabled:Pando
"57924:TCP" = 57924:TCP:*:Enabled:Pando
"57924:UDP" = 57924:UDP:*:Enabled:Pando
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- (America Online)
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- (AOL LLC)
"C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL Inc.)
"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)
"C:\Program Files\Common Files\aol\System Information\sinf.exe" = C:\Program Files\Common Files\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL Inc.)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AOL 9.5\waol.exe" = C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL
"C:\Program Files\AOL 9.5a\waol.exe" = C:\Program Files\AOL 9.5a\waol.exe:*:Enabled:AOL
"C:\Program Files\AOL 9.5b\waol.exe" = C:\Program Files\AOL 9.5b\waol.exe:*:Enabled:AOL
"C:\Program Files\Common Files\aol\1241117001\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1241117001\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL Inc.)
"C:\Program Files\AOL 9.5j\waol.exe" = C:\Program Files\AOL 9.5j\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AOL 9.5c\waol.exe" = C:\Program Files\AOL 9.5c\waol.exe:*:Enabled:AOL
"C:\Program Files\AOL 9.6\waol.exe" = C:\Program Files\AOL 9.6\waol.exe:*:Enabled:AOL
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Pando Networks\Pando\Pando.exe" = C:\Program Files\Pando Networks\Pando\Pando.exe:*:Enabled:Pando -- (Pando Networks)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\AOL Desktop 9.6b\AOLBrowser\aolbrowser.exe" = C:\Program Files\AOL Desktop 9.6b\AOLBrowser\aolbrowser.exe:*:Disabled:AOLBrowser -- (AOL Inc.)
"C:\Program Files\Cake Poker 2.0\PokerClient.exe" = C:\Program Files\Cake Poker 2.0\PokerClient.exe:*:Enabled:Cake Poker 2.0


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{08DA21BF-9912-409E-B802-943C6DC2DA81}" = USB Multimedia Keyboard Driver
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{21F2F449-0579-4079-9DDF-F8D987F829ED}" = WinXP Manager
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3215EBED-1D06-42fb-A05C-A752A46FB24C}" = Canon MP530
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3B8186F0-EAA2-012B-AE69-000000000000}" = TurboTax 2009 wnyiper
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{443DC1E4-965E-EA2C-3BA2-5BEA7C00E353}" = Adobe Support Advisor
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{8877979C-AF7D-4BFE-9608-9E61972DA202}" = Process Patrol 2
"{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}" = Windows Support Tools
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}" = PixiePack Codec Pack
"{B4CF72FF-4A3F-44A7-BFF2-31A8E1CC70B6}" = Application Compatibility Toolkit
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{CB0888EE-96D8-4713-84DC-36462C33AEB4}" = Bazooka Scanner
"{CD0DC280-2489-4464-A2FC-16104676394A}" = WD SmartWare
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{E3A874C2-D334-4321-BF9C-804C67382F26}" = Rapidshare Auto Downloader 3.6.1
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Acoustica MP3 CD Burner" = Acoustica MP3 CD Burner
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AdobeSupportAdvisor.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Support Advisor
"Alert Marquee" = Alert Marquee 1.00
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Canon MP530 User Registration" = Canon MP530 User Registration
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Easy Schedule Maker_is1" = Easy Schedule Maker 2
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"ffdshow" = ffdshow (remove only)
"FotoSketcher_is1" = FotoSketcher - Version 1.9
"Foxit PDF Editor" = Foxit PDF Editor
"Free Mp3/Wma/Ogg Converter_is1" = Free Mp3/Wma/Ogg Converter 3.9
"'Full Speed' Internet Booster + Performance Tests3.3" = 'Full Speed' Internet Booster + Performance Tests
"Glary Utilities_is1" = Glary Utilities 2.11.0.638
"Holiday Lights" = Holiday Lights 5.4
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"IsoBuster_is1" = IsoBuster 1.7
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MoffFreeCalc_is1" = Moffsoft FreeCalc
"Monkey's Audio_is1" = Monkey's Audio
"MP Navigator 2.2" = Canon MP Navigator 2.2
"PDFZilla_is1" = PDFZilla V1.0.7
"Quicken WillMaker Plus 2009" = Quicken WillMaker Plus 2009
"Registry First Aid_is1" = Registry First Aid
"S3" = KM400/KN400 Display Driver and Utilities
"Second Nature - A Spooktacular Halloween" = Second Nature - A Spooktacular Halloween
"Second Nature - Audubon On Wings of Beauty" = Second Nature - Audubon On Wings of Beauty
"Second Nature - Glimmer Train Stories" = Second Nature - Glimmer Train Stories
"Second Nature - Light on the Water" = Second Nature - Light on the Water
"Second Nature - Rainforest Alliance presents the Amazing Amazon" = Second Nature - Rainforest Alliance presents the Amazing Amazon
"Second Nature - Winter Beauty" = Second Nature - Winter Beauty
"Second Nature Screen Saver Update" = Second Nature Screen Saver Update
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"The KMPlayer" = The KMPlayer (remove only)
"TuneUp Utilities" = TuneUp Utilities
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"Uninstall Gold_is1" = Uninstall Gold 2.0.2.302
"Veetle TV" = Veetle TV 0.9.18
"Verizon Help and Support" = Verizon Help and Support Tool
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"Weather Pulse 2.2.4.4" = Weather Pulse 2.2.4.4
"Windows Doctor_is1" = Windows Doctor 2.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"yuls" = YULS -- YUVsoft's lossless video codec (Remove Only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sportsbook.com" = Sportsbook.com

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/26/2011 8:52:15 PM | Computer Name = DENNIS-3836B9B6 | Source = Windows Product Activation | ID = 1009
Description = You have not activated Windows within the grace period. To activate
Windows, contact a customer service representative by telephone.

Error - 2/27/2011 2:16:20 PM | Computer Name = DENNIS-3836B9B6 | Source = Windows Product Activation | ID = 1010
Description = The Windows license was restored due to a system error. You might
need to reactivate your Windows product.

Error - 2/27/2011 6:40:07 PM | Computer Name = DENNIS-3836B9B6 | Source = Application Error | ID = 1000
Description = Faulting application weatherpulse.exe, version 2.2.4.4, faulting module
kernel32.dll, version 5.1.2600.5512, fault address 0x00012aeb.

Error - 2/27/2011 7:05:44 PM | Computer Name = DENNIS-3836B9B6 | Source = Application Error | ID = 1000
Description = Faulting application weatherpulse.exe, version 2.2.4.4, faulting module
kernel32.dll, version 5.1.2600.5512, fault address 0x00012aeb.

Error - 2/27/2011 7:09:10 PM | Computer Name = DENNIS-3836B9B6 | Source = Application Error | ID = 1000
Description = Faulting application weatherpulse.exe, version 2.2.4.4, faulting module
kernel32.dll, version 5.1.2600.5512, fault address 0x00012aeb.

Error - 2/27/2011 7:10:21 PM | Computer Name = DENNIS-3836B9B6 | Source = Application Error | ID = 1000
Description = Faulting application weatherpulse.exe, version 2.2.4.4, faulting module
kernel32.dll, version 5.1.2600.5512, fault address 0x00012aeb.

Error - 2/27/2011 7:16:42 PM | Computer Name = DENNIS-3836B9B6 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16827, faulting
module urlmon.dll, version 6.0.2900.5512, fault address 0x0003e6e7.

Error - 2/27/2011 7:16:58 PM | Computer Name = DENNIS-3836B9B6 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16827, faulting
module urlmon.dll, version 6.0.2900.5512, fault address 0x0003e6e7.

Error - 2/28/2011 12:42:11 AM | Computer Name = DENNIS-3836B9B6 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16827, faulting
module urlmon.dll, version 6.0.2900.5512, fault address 0x0003e6e7.

Error - 2/28/2011 1:39:53 AM | Computer Name = DENNIS-3836B9B6 | Source = ESENT | ID = 474
Description = wuauclt (1472) The database page read from the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb"
at offset 6254592 (0x00000000005f7000) for 4096 (0x00001000) bytes failed verification
due to a page checksum mismatch. The expected checksum was 745183625 (0x2c6a9989)
and the actual checksum was 745179529 (0x2c6a8989). The read operation will fail
with error -1018 (0xfffffc06). If this condition persists then please restore
the database from a previous backup.

[ System Events ]
Error - 2/28/2011 2:08:31 AM | Computer Name = DENNIS-3836B9B6 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 2/28/2011 8:06:25 AM | Computer Name = DENNIS-3836B9B6 | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 2/28/2011 8:07:25 AM | Computer Name = DENNIS-3836B9B6 | Source = Service Control Manager | ID = 7000
Description = The TuneUp Theme Extension service failed to start due to the following
error: %%1083

Error - 2/28/2011 8:07:27 AM | Computer Name = DENNIS-3836B9B6 | Source = Service Control Manager | ID = 7000
Description = The Apple Mobile Device service failed to start due to the following
error: %%3

Error - 2/28/2011 8:07:27 AM | Computer Name = DENNIS-3836B9B6 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

Error - 2/28/2011 8:08:54 AM | Computer Name = DENNIS-3836B9B6 | Source = DCOM | ID = 10010
Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register
with DCOM within the required timeout.

Error - 2/28/2011 12:52:58 PM | Computer Name = DENNIS-3836B9B6 | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 2/28/2011 12:53:19 PM | Computer Name = DENNIS-3836B9B6 | Source = Service Control Manager | ID = 7000
Description = The TuneUp Theme Extension service failed to start due to the following
error: %%1083

Error - 2/28/2011 12:53:19 PM | Computer Name = DENNIS-3836B9B6 | Source = Service Control Manager | ID = 7000
Description = The Apple Mobile Device service failed to start due to the following
error: %%3

Error - 2/28/2011 12:53:23 PM | Computer Name = DENNIS-3836B9B6 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
sptd

[ TuneUp Events ]
Error - 12/31/2009 7:06:59 PM | Computer Name = DENNIS-3836B9B6 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 4/12/2010 11:22:25 PM | Computer Name = DENNIS-3836B9B6 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP