OTL.Txt:
OTL logfile created on: 6/24/2011 2:43:38 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Beji\Desktop\Next_StepPrep
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.87 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 56.94% Memory free
7.94 Gb Paging File | 5.89 Gb Available in Paging File | 74.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 350.03 Gb Free Space | 75.15% Space Free | Partition Type: NTFS
Computer Name: BEJI-PC | User Name: Beji | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/24 02:43:03 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Beji\Desktop\Next_StepPrep\OTL.exe
PRC - [2011/05/17 13:29:46 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2010/07/13 21:00:01 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/07/06 13:30:48 | 000,240,480 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe
PRC - [2010/06/01 10:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2009/11/25 21:43:53 | 000,277,104 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009/11/25 16:42:20 | 000,292,824 | ---- | M] (PC Tools ) -- C:\Program Files (x86)\Registry Mechanic\RMTray.exe
PRC - [2009/11/25 16:42:18 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2009/11/25 16:42:18 | 000,104,408 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2009/10/14 14:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 14:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 02:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/07/27 19:19:10 | 000,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2009/07/16 16:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
PRC - [2009/02/02 22:35:10 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
PRC - [2009/02/02 22:35:10 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/02/02 22:35:06 | 001,832,072 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/02/02 22:35:06 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/05/15 17:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- C:\Program Files (x86)\ActivIdentity\ActivClient\accoca.exe
PRC - [2007/05/15 17:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- C:\Program Files (x86)\ActivIdentity\ActivClient\acevents.exe
PRC - [2007/05/15 17:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files (x86)\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007/05/15 17:08:00 | 000,130,864 | ---- | M] (ActivIdentity) -- C:\Program Files (x86)\ActivIdentity\ActivClient\acsagent.exe
PRC - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
========== Modules (SafeList) ==========
MOD - [2011/06/24 02:43:03 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Beji\Desktop\Next_StepPrep\OTL.exe
MOD - [2008/01/20 21:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/10/07 02:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/02/17 11:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/11/25 16:42:18 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2009/02/02 22:35:10 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2009/02/02 22:35:10 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/02/02 22:35:08 | 003,234,848 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/02/02 22:35:08 | 000,425,800 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC)
SRV - [2009/02/02 22:35:06 | 001,832,072 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/27 13:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/01/20 21:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 21:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/15 17:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files (x86)\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/06/23 16:25:10 | 000,225,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpsHelper.sys -- (WpsHelper)
DRV:64bit: - [2010/12/14 19:51:20 | 000,051,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/12/13 05:06:06 | 000,173,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009/10/07 02:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 02:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/02 22:35:12 | 000,052,784 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wpsdrvnt.sys -- (WPS)
DRV:64bit: - [2009/02/02 22:35:10 | 000,482,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SRTSPL64.SYS -- (SRTSPL)
DRV:64bit: - [2009/02/02 22:35:10 | 000,447,536 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\Drivers\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2009/02/02 22:35:10 | 000,032,304 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2009/02/02 22:35:08 | 000,064,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\teefer2.sys -- (Teefer2)
DRV:64bit: - [2009/02/02 22:35:04 | 000,025,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\COH_Mon.sys -- (COH_Mon)
DRV:64bit: - [2008/05/08 16:24:14 | 000,337,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2008/03/21 18:47:14 | 001,253,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/20 21:46:54 | 000,026,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\stcusb.sys -- (SCMUSB)
DRV:64bit: - [2008/01/20 21:46:52 | 000,019,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2008/01/20 21:46:52 | 000,013,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Dot4Scan.sys -- (Dot4Scan)
DRV:64bit: - [2007/05/11 18:31:02 | 003,612,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech QuickCam Fusion(UVC)
DRV:64bit: - [2007/05/11 18:30:50 | 000,050,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2006/10/31 03:00:00 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2011/05/17 03:00:00 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110623.018\EX64.SYS -- (NAVEX15)
DRV - [2011/05/17 03:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110623.018\ENG64.SYS -- (NAVENG)
DRV - [2011/05/09 03:00:00 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/09 03:00:00 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/02/02 22:35:10 | 000,482,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\srtspl64.sys -- (SRTSPL)
DRV - [2009/02/02 22:35:10 | 000,447,536 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\srtsp64.sys -- (SRTSP)
DRV - [2009/02/02 22:35:10 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\srtspx64.sys -- (SRTSPX)
DRV - [2009/02/02 22:35:04 | 000,025,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\COH_Mon.sys -- (COH_Mon)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.yahoo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...F&PC=VIATDF&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:3.12.2.16749
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.bing.com/...F&PC=VIATDF&q="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/03/19 21:50:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\Firefox [2010/12/06 14:03:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/12/06 14:03:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/23 08:25:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/23 08:25:31 | 000,000,000 | ---D | M]
[2010/07/14 11:30:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Beji\AppData\Roaming\Mozilla\Extensions
[2009/12/02 23:13:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Beji\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/06/23 11:42:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Beji\AppData\Roaming\Mozilla\Firefox\Profiles\obk5o0q6.default\extensions
[2010/07/23 10:04:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Beji\AppData\Roaming\Mozilla\Firefox\Profiles\obk5o0q6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/13 14:24:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Beji\AppData\Roaming\Mozilla\Firefox\Profiles\obk5o0q6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/07/16 09:50:37 | 000,000,000 | ---D | M] (Panda3D Game Engine Plug-In) -- C:\Users\Beji\AppData\Roaming\Mozilla\Firefox\Profiles\obk5o0q6.default\extensions\[email protected]
[2011/05/30 00:05:13 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Beji\AppData\Roaming\Mozilla\Firefox\Profiles\obk5o0q6.default\extensions\[email protected]
[2010/11/04 10:05:25 | 000,002,255 | ---- | M] () -- C:\Users\Beji\AppData\Roaming\Mozilla\Firefox\Profiles\obk5o0q6.default\searchplugins\askcom.xml
[2010/12/06 14:56:07 | 000,001,834 | ---- | M] () -- C:\Users\Beji\AppData\Roaming\Mozilla\Firefox\Profiles\obk5o0q6.default\searchplugins\bing.xml
[2011/05/08 13:05:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/06 04:21:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/05/08 13:05:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/03/19 21:50:48 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES (X86)\GOOGLE\GOOGLE GEARS\FIREFOX
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll ()
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files (x86)\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [masqform.exe] C:\Program Files (x86)\PureEdge\Viewer 6.5\masqform.exe (PureEdge™ Solutions Inc.)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKCU..\Run: [CollaborationHost] File not found
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RegistryMechanic] C:\Program Files (x86)\Registry Mechanic\RMTray.exe (PC Tools )
O4 - HKCU..\Run: [WMPNSCFG] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/16 14:52:32 | 000,000,000 | ---D | C] -- C:\Users\Beji\Documents\fatherday
[2011/06/15 11:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Musicnotes
[2011/06/15 11:29:12 | 000,000,000 | ---D | C] -- C:\Users\Beji\Documents\Musicnotes
[2011/06/15 11:29:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Musicnotes
[2011/06/15 11:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\Musicnotes
[2011/06/15 11:29:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Musicnotes
[2011/06/01 11:02:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/06/01 09:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/06/01 09:51:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/24 02:28:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/24 01:19:46 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 01:19:46 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 01:08:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/23 17:07:00 | 000,000,446 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Beji.job
[2011/06/23 16:25:10 | 000,225,328 | ---- | M] () -- C:\Windows\SysNative\drivers\wpshelper.sys
[2011/06/23 14:28:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/23 09:55:32 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8D6B2ADD-1B5C-417E-8C2E-2F079D7ED25E}.job
[2011/06/22 13:14:32 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/22 13:14:32 | 000,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/22 13:14:32 | 000,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/22 13:09:43 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011/06/19 13:57:55 | 000,400,936 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/16 14:50:19 | 000,014,336 | ---- | M] () -- C:\Users\Beji\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/15 12:02:39 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Guru.lnk
[2011/06/15 12:02:39 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\Musicnotes Player.lnk
[2011/06/15 11:39:29 | 000,024,572 | ---- | M] () -- C:\Users\Beji\Documents\Jacobs-ThereAreWorseThingsICouldDo.mtd
[2011/06/15 11:35:54 | 000,008,070 | ---- | M] () -- C:\Users\Beji\Documents\Andrews-MyFavoriteThings.mtd
[2011/06/15 11:33:47 | 000,007,164 | ---- | M] () -- C:\Users\Beji\Documents\Traditional-FatherAbraham.mtd
[2011/06/15 11:31:51 | 000,016,122 | ---- | M] () -- C:\Users\Beji\Documents\Loeb-FatherAbraham.mtd
[2011/06/12 11:36:15 | 000,344,528 | ---- | M] () -- C:\Users\Beji\Desktop\ratcliff.wav
[2011/06/08 14:26:05 | 000,084,627 | ---- | M] () -- C:\Users\Beji\Documents\hellokitty.jpg
[2011/06/02 13:53:23 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011/06/02 11:13:27 | 000,000,110 | ---- | M] () -- C:\Users\Beji\Desktop\Yahoo!.url
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/15 11:39:46 | 000,024,572 | ---- | C] () -- C:\Users\Beji\Documents\Jacobs-ThereAreWorseThingsICouldDo.mtd
[2011/06/15 11:36:46 | 000,008,070 | ---- | C] () -- C:\Users\Beji\Documents\Andrews-MyFavoriteThings.mtd
[2011/06/15 11:34:16 | 000,007,164 | ---- | C] () -- C:\Users\Beji\Documents\Traditional-FatherAbraham.mtd
[2011/06/15 11:32:06 | 000,016,122 | ---- | C] () -- C:\Users\Beji\Documents\Loeb-FatherAbraham.mtd
[2011/06/15 11:29:12 | 000,001,001 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Guru.lnk
[2011/06/15 11:29:12 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\Musicnotes Player.lnk
[2011/06/12 11:36:10 | 000,344,528 | ---- | C] () -- C:\Users\Beji\Desktop\ratcliff.wav
[2011/06/08 14:26:56 | 000,084,627 | ---- | C] () -- C:\Users\Beji\Documents\hellokitty.jpg
[2011/06/02 11:13:27 | 000,000,110 | ---- | C] () -- C:\Users\Beji\Desktop\Yahoo!.url
[2010/11/24 14:44:39 | 000,000,732 | ---- | C] () -- C:\Users\Beji\AppData\Local\d3d9caps64.dat
[2010/09/19 18:06:06 | 000,000,680 | ---- | C] () -- C:\Users\Beji\AppData\Local\d3d9caps.dat
[2010/09/18 06:53:11 | 000,024,088 | ---- | C] () -- C:\Users\Beji\AppData\Roaming\UserTile.png
[2010/03/13 14:16:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/19 22:08:45 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/02/19 22:08:45 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/02/19 22:08:42 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/02/02 21:56:15 | 000,000,010 | ---- | C] () -- C:\Windows\Wininit.ini
[2009/11/25 14:16:51 | 000,014,336 | ---- | C] () -- C:\Users\Beji\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/15 16:34:33 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2008/10/15 16:34:33 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/10/15 15:04:27 | 000,021,657 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 21:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/12/28 10:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:8C35AEA7
< End of report >
Extras:
OTL Extras logfile created on: 6/24/2011 2:43:38 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Beji\Desktop\Next_StepPrep
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.87 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 56.94% Memory free
7.94 Gb Paging File | 5.89 Gb Available in Paging File | 74.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 350.03 Gb Free Space | 75.15% Space Free | Partition Type: NTFS
Computer Name: BEJI-PC | User Name: Beji | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l File not found
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 0
"UacDisableNotify" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Free Music Zilla\FMZilla.exe" = C:\Program Files (x86)\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla -- ()
"C:\Program Files (x86)\Free Music Zilla\FMZilla.exe" = C:\Program Files (x86)\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B43711-3BB4-4017-9160-93916EF7A867}" = lport=445 | protocol=6 | dir=in | app=system |
"{0B780011-CA35-41CF-8903-B15C89030E4F}" = lport=137 | protocol=17 | dir=in | app=system |
"{18D0238A-571C-4D3F-88C5-23C053173B8C}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3B3D5017-E926-4AC5-B3AE-33458530DB0C}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B8A6F65-485B-4782-8532-D2E5C485577B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8A3387E4-0CBE-47EC-A228-83AB03711D77}" = rport=137 | protocol=17 | dir=out | app=system |
"{8B1D64B3-E69F-4845-A85A-868855D40232}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{AB5F408A-9D31-4009-B0DE-DE57921AF945}" = lport=138 | protocol=17 | dir=in | app=system |
"{B02547CF-9668-445A-B4B4-1FDD30ACA904}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BDD79F73-4E8E-48FA-B6B9-E47E112A8580}" = rport=139 | protocol=6 | dir=out | app=system |
"{D49D762A-AEE7-451A-AE3A-2A3BF5F1AD2F}" = lport=139 | protocol=6 | dir=in | app=system |
"{E70C7B3F-B432-4B08-AFEE-844662CBE370}" = rport=445 | protocol=6 | dir=out | app=system |
"{EB2AE572-D7F1-4AF2-AC6F-3319980E98D7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B910653-C3F9-4058-967E-87BDD02BD24A}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{0BA53B6A-0A11-488F-8016-8FC25BD934B7}" = protocol=58 | dir=out | [email protected],-28546 |
"{0BC05878-AC14-469D-A9C0-8D391A9136B2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{25E25D9E-3A01-40BD-874D-E49B60406B80}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{27C94333-0D8A-4986-801C-070627C16786}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{39D4196C-BA92-4778-BD15-7DC85A0E374C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{417802E3-7619-46C8-85F8-0036BE3DC2CB}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{42031D36-FD8B-4023-8088-D7BF3442F7C8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{47536A8D-2FC2-41AF-95FE-367FBA449804}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\symantec shared\ccapp.exe |
"{47F63C8B-BD7D-487F-8E67-9B7096F02C9D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\symantec shared\ccapp.exe |
"{61E698E0-F8E0-41CC-AF4A-C4BBF4555D0C}" = protocol=1 | dir=in | [email protected],-28543 |
"{6A3879F5-A99E-4C43-BBD0-95F0C597C314}" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\symantec endpoint protection\smc.exe |
"{6D9E6CFF-3D38-4713-8DCE-085DB6145ECA}" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\symantec endpoint protection\smc.exe |
"{80D16675-3D3D-4238-B2F9-A3E7E4B50CCD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8516F1D1-A92C-4CC8-8A09-83461E0EDF4A}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{A17D98E5-4CC8-4234-A9F4-23DCF69D81D1}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{B045710A-7479-4F8C-BE2F-A6E88ADDA883}" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\symantec endpoint protection\snac64.exe |
"{C3280297-F515-4CB5-87E5-834D7B90D5DF}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{CE53ADA4-454D-458B-9A8B-A5F1170748E6}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{D1479939-C7BF-4C0E-8CA5-FA52C9B9D213}" = protocol=1 | dir=out | [email protected],-28544 |
"{D5063A19-202A-45CD-ADEA-066D8185DB2B}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{E17E5EDB-DE04-43DA-8C64-79377D934315}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{E2460FAD-94B1-4C0A-BBF4-C62D6238933D}" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\symantec endpoint protection\snac64.exe |
"{E404E8C4-B6CB-45B9-8008-430D65A5E850}" = protocol=58 | dir=in | [email protected],-28545 |
"{FF148A2D-6C48-414C-AE6E-B59BBC01D845}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP100_series" = Canon iP100 series
"{73CA0462-DD49-495D-A6E5-AC4CF6F5FAC1}" = Symantec Endpoint Protection
"{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E5C95CA5-4565-4B9D-97ED-05088D775614}" = Apple Mobile Device Support
"CanonMyPrinter" = Canon My Printer
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 24
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{578596FF-7F65-4767-9F90-37920741148C}" = MSN Toolbar Platform
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient CAC 6.1 x86
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{B95F4276-E8C9-4F29-AD11-91022064DD6C}" = Mastering Elementary Middle School Math 2009
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{E0000650-0650-0650-0650-000000000650}" = PureEdge Viewer 6.5
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F522E59E-7168-4B4A-885E-1030009BEE56}" = DBsign Web Signer
"{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639}" = Microsoft Search Enhancement Pack
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Cake Mania® 2" = Cake Mania® 2
"Canon iP100 series User Registration" = Canon iP100 series User Registration
"Canon Setup Utility 2.4" = Canon Setup Utility 2.4
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Free Music Zilla_is1" = Free Music Zilla
"FrostWire" = FrostWire 4.21.1
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.7.0 (Full)
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"McAfee Security Scan" = McAfee Security Scan
"MiaMath" = MiaMath
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.5.5
"NSS" = Norton Security Scan
"PROR" = Microsoft Office Professional 2007
"Registry Mechanic_is1" = Registry Mechanic 9.0
"uCertify M70-620" = uCeritify M70-620 - TS: Microsoft Windows Vista, Configuring
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SOE-Free Realms" = Free Realms
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.7.1
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/17/2011 9:26:45 AM | Computer Name = Beji-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18498, time stamp
0x4c28b29a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x00000001, process id 0x14d4, application start time
0x01cc14893b810cd0.
Error - 5/17/2011 8:50:20 PM | Computer Name = Beji-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Trojan.Gen.2 in File: C:\Users\Beji\AppData\Local\Temp\DWH53A9.tmp
by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied.
Action Description: The file was left unchanged.
Error - 5/17/2011 8:53:50 PM | Computer Name = Beji-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18498, time stamp
0x4c28b29a, faulting module npwinext.dll, version 4.0.417.0, time stamp 0x4c3382da,
exception code 0xc0000005, fault offset 0x00011849, process id 0x19b4, application
start time 0x01cc14becad796d0.
Error - 5/18/2011 3:41:13 PM | Computer Name = Beji-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18498, time stamp
0x4c28b29a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x38003209, process id 0x704, application start time
0x01cc157095e97fd0.
Error - 5/18/2011 7:43:07 PM | Computer Name = Beji-PC | Source = WinMgmt | ID = 10
Description =
Error - 5/20/2011 2:38:39 AM | Computer Name = Beji-PC | Source = WinMgmt | ID = 10
Description =
Error - 5/20/2011 2:50:38 AM | Computer Name = Beji-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Security Risk Found!Trojan.Gen.2 in File: C:\Users\Beji\AppData\Local\Temp\DWH399.tmp
by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description:
The file was quarantined successfully.
Error - 5/20/2011 7:07:43 AM | Computer Name = Beji-PC | Source = Application Error | ID = 1000
Description = Faulting application mswinext.exe, version 4.0.417.0, time stamp 0x4c3382e3,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x00000000, process id 0xa40, application start time 0x01cc16dd748a0e90.
Error - 5/22/2011 10:02:45 AM | Computer Name = Beji-PC | Source = WinMgmt | ID = 10
Description =
Error - 5/23/2011 2:11:52 PM | Computer Name = Beji-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18498, time stamp
0x4c28b29a, faulting module npwinext.dll, version 4.0.417.0, time stamp 0x4c3382da,
exception code 0xc0000005, fault offset 0x00011849, process id 0x14fc, application
start time 0x01cc1970ff132ca0.
[ System Events ]
Error - 6/14/2011 5:08:47 AM | Computer Name = Beji-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 6/14/2011 5:09:17 AM | Computer Name = Beji-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 6/14/2011 9:24:18 AM | Computer Name = Beji-PC | Source = Print | ID = 6161
Description = The document Microsoft Word - Document1, owned by Beji, failed to
print on printer Canon iP100 series. Try to print the document again, or restart
the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 65536.
Number of bytes printed: 24736. Total number of pages in the document: 1. Number
of pages printed: 0. Client computer: \\BEJI-PC. Win32 error code returned by the
print processor: 1. Incorrect function.
Error - 6/18/2011 1:40:49 AM | Computer Name = Beji-PC | Source = DCOM | ID = 10016
Description =
Error - 6/19/2011 2:57:52 PM | Computer Name = Beji-PC | Source = HTTP | ID = 15016
Description =
Error - 6/21/2011 12:31:29 AM | Computer Name = Beji-PC | Source = HTTP | ID = 15016
Description =
Error - 6/22/2011 11:44:18 AM | Computer Name = Beji-PC | Source = HTTP | ID = 15016
Description =
Error - 6/22/2011 11:50:55 AM | Computer Name = Beji-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{56A13482-F4FA-41E2-BAE4-E4D0AEF6C2B3}
because another computer on the network has the same name. The server could not
start.
Error - 6/22/2011 11:50:55 AM | Computer Name = Beji-PC | Source = netbt | ID = 4321
Description = The name "BEJI-PC :20" could not be registered on the interface
with IP address 0.0.0.0. The computer with the IP address 192.168.15.3 did not allow
the name to be claimed by this computer.
Error - 6/22/2011 2:09:33 PM | Computer Name = Beji-PC | Source = HTTP | ID = 15016
Description =
< End of report >