Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware.C10DDCDA

Started by ThreeRingCircus , Jul 05 2011 09:17 AM

  • Please log in to reply

#1
ThreeRingCircus
Posted 05 July 2011 - 09:17 AM

ThreeRingCircus

    New Member

  • Member
  • Pip
  • 2 posts
I upgraded my antivirus software as the version I was using would no longer be supported. The install of the upgrade caused some issues although none were related to any malware/virus. Just the software itself. As we were working through the process, tech support for trend required that I uninstall all of the extra programs like malwarebytes that I had installed as they say they don't play nice with trend. Fast forward a week or so. Now I keep getting the notice that there is a computer virus found in my tpcdos.dll file and of course this can't be cleaned or quarantined. They are no help in attempting to fix it, instead they request that I go to microsoft's website to get help. Microsoft shows no information about this malware, and I cannot find what to do about replacing the infected file, etc. So here I am.

I've done what I know to do, but have not installed the things I've used in the past like malwarebytes due ot the insistence of the trend tech support person. (and yes, I have considered moving to another AV software package in my frustration!) I'm beyond understanding how to fix this one. I continue to get notification that the malware as listed in the topic title is in the tpcdos.dll file and but I can do nothing about it. It does not seem to be effecting my computer much but it is an older model, and generally a tad slower anyway.

I'd sure love to have some help fixing this - or knowing that I can safely ignore it. :)

And as an aside, Trend blocked OTL several times during it's run stating that it was highly suspicious and was attempting to change system files.

Here is the OTL log:

OTL logfile created on: 7/5/2011 10:32:26 AM - Run 1
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Documents and Settings\Chris\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.51 Gb Available Physical Memory | 25.58% Memory free
2.60 Gb Paging File | 1.35 Gb Available in Paging File | 51.84% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 21.62 Gb Free Space | 30.25% Space Free | Partition Type: NTFS
Drive F: | 465.65 Gb Total Space | 381.01 Gb Free Space | 81.82% Space Free | Partition Type: FAT32

Computer Name: NEWBABY | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/05 10:32:02 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.exe
PRC - [2011/06/24 13:25:43 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/22 19:53:40 | 012,596,912 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2011/06/15 20:33:17 | 001,398,024 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2011/06/15 20:33:13 | 000,853,256 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\UfNavi.exe
PRC - [2011/06/15 20:33:00 | 000,648,456 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
PRC - [2011/06/15 20:32:58 | 000,488,768 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
PRC - [2011/06/15 20:32:56 | 000,337,160 | ---- | M] () -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2011/06/15 20:32:51 | 000,492,808 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
PRC - [2011/06/15 20:32:33 | 000,703,008 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
PRC - [2009/02/18 08:50:25 | 000,266,240 | ---- | M] () -- C:\WINDOWS\system32\CSHelper.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (SafeList) ==========

MOD - [2011/07/05 10:32:02 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 20:12:08 | 000,282,624 | ---- | M] () -- C:\WINDOWS\amezitoha.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/06/15 20:33:00 | 000,648,456 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (tmproxy)
SRV - [2011/06/15 20:32:58 | 000,488,768 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV - [2011/06/15 20:32:56 | 000,337,160 | ---- | M] () [Auto | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2011/06/15 20:32:33 | 000,703,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/05/12 15:12:14 | 000,026,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2009/02/18 08:50:25 | 000,266,240 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\CSHelper.exe -- (CSHelper)
SRV - [2008/11/12 18:16:34 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/06/15 20:35:45 | 000,335,376 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TM_CFW.sys -- (tmcfw)
DRV - [2011/06/15 20:35:43 | 000,066,320 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2011/02/23 17:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/12/03 05:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/07/30 17:29:10 | 000,249,424 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2010/07/30 17:29:00 | 000,036,432 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2010/07/30 17:06:08 | 001,331,512 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vsapint.sys -- (vsapint)
DRV - [2010/07/19 18:03:10 | 000,059,472 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/07/19 18:03:00 | 000,051,792 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/07/19 18:02:54 | 000,163,408 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/09/30 21:22:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/06/17 12:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 12:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 12:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 12:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2009/06/17 12:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/04/01 14:33:16 | 000,018,560 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2007/01/03 17:25:18 | 000,027,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\frmupgr.sys -- (DFUBTUSB)
DRV - [2004/09/17 16:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/06/16 05:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 06:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 06:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 06:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...UGO&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.msn.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.102
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2536: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2594: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1698: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\software\mozilla\Firefox\extensions\\{A5DCA3F5-ED5A-4ed3-9671-DBB0C68FA469}: C:\Program Files\WebEnhancements\WebEnhancements.xpi [2011/04/14 11:29:35 | 000,002,115 | ---- | M] ()
FF - HKLM\software\mozilla\Firefox\extensions\\{2BB89C54-13A6-49A2-A038-495E3ADDF22D}: C:\Documents and Settings\Chris\Local Settings\Application Data\{2BB89C54-13A6-49A2-A038-495E3ADDF22D}\ [2011/06/18 10:20:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{D50F772E-BEFC-47BB-8D9D-505290AB05F1}: C:\Documents and Settings\Chris\Local Settings\Application Data\{D50F772E-BEFC-47BB-8D9D-505290AB05F1} [2011/06/20 12:55:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{F1135728-5C72-4762-BD08-57176624A400}: C:\Documents and Settings\Chris\Local Settings\Application Data\{F1135728-5C72-4762-BD08-57176624A400} [2011/06/22 19:47:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{927EF153-CFE9-4ADC-B78F-A949905BD69D}: C:\Documents and Settings\Chris\Local Settings\Application Data\{927EF153-CFE9-4ADC-B78F-A949905BD69D} [2011/06/29 08:20:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{E41832E8-53DD-44D0-A1A1-B80F3CED5229}: C:\Documents and Settings\Chris\Local Settings\Application Data\{E41832E8-53DD-44D0-A1A1-B80F3CED5229}\ [2011/06/29 09:32:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/24 13:25:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/23 19:51:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/06/22 19:53:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Netscape Browser 8.1.2.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components
FF - HKLM\software\mozilla\Netscape Browser 8.1.2.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins
FF - HKCU\software\mozilla\Firefox\extensions\\{A5DCA3F5-ED5A-4ed3-9671-DBB0C68FA469}: C:\Program Files\WebEnhancements\WebEnhancements.xpi [2011/04/14 11:29:35 | 000,002,115 | ---- | M] ()
FF - HKCU\software\mozilla\Firefox\extensions\\{2BB89C54-13A6-49A2-A038-495E3ADDF22D}: C:\Documents and Settings\Chris\Local Settings\Application Data\{2BB89C54-13A6-49A2-A038-495E3ADDF22D}\ [2011/06/18 10:20:50 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\extensions\\{D50F772E-BEFC-47BB-8D9D-505290AB05F1}: C:\Documents and Settings\Chris\Local Settings\Application Data\{D50F772E-BEFC-47BB-8D9D-505290AB05F1} [2011/06/20 12:55:47 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\extensions\\{F1135728-5C72-4762-BD08-57176624A400}: C:\Documents and Settings\Chris\Local Settings\Application Data\{F1135728-5C72-4762-BD08-57176624A400} [2011/06/22 19:47:48 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\extensions\\{927EF153-CFE9-4ADC-B78F-A949905BD69D}: C:\Documents and Settings\Chris\Local Settings\Application Data\{927EF153-CFE9-4ADC-B78F-A949905BD69D} [2011/06/29 08:20:54 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\extensions\\{E41832E8-53DD-44D0-A1A1-B80F3CED5229}: C:\Documents and Settings\Chris\Local Settings\Application Data\{E41832E8-53DD-44D0-A1A1-B80F3CED5229}\ [2011/06/29 09:32:57 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/24 13:25:53 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/23 19:51:33 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/06/22 19:53:45 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKCU\software\mozilla\Netscape Browser 8.1.2.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components
FF - HKCU\software\mozilla\Netscape Browser 8.1.2.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins

[2011/01/28 18:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Extensions
[2011/01/28 14:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/05/16 07:44:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\extensions
[2010/09/08 21:09:53 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/04/29 08:47:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/12/12 08:59:11 | 000,000,000 | ---D | M] (AI Roboform Toolbar for Firefox) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\extensions\{22119944-ED35-4ab1-910B-E619EA06A115}(2)
[2010/09/14 14:07:02 | 000,000,000 | ---D | M] (Media Converter) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2008/12/12 08:58:52 | 000,000,000 | ---D | M] (Interclue) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\extensions\{c33c5b47-69c8-45a4-a5e0-af85bbe628dd}(2)
[2011/05/06 11:35:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\extensions\nostmp
[2011/03/25 07:15:15 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\extensions\[email protected]
[2008/12/12 08:59:14 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\extensions\support@lastpass(2).com
[2011/04/14 11:30:58 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\searchplugins\bing-zugo.xml
[2009/02/23 17:12:34 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\ukme60md.default\searchplugins\MyStart Search.xml
[2011/05/04 13:33:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/06/18 10:20:50 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\CHRIS\LOCAL SETTINGS\APPLICATION DATA\{2BB89C54-13A6-49A2-A038-495E3ADDF22D}
[2011/06/29 08:20:54 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\CHRIS\LOCAL SETTINGS\APPLICATION DATA\{927EF153-CFE9-4ADC-B78F-A949905BD69D}
[2011/06/20 12:55:47 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\CHRIS\LOCAL SETTINGS\APPLICATION DATA\{D50F772E-BEFC-47BB-8D9D-505290AB05F1}
[2011/06/29 09:32:57 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\CHRIS\LOCAL SETTINGS\APPLICATION DATA\{E41832E8-53DD-44D0-A1A1-B80F3CED5229}
[2011/06/22 19:47:48 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\CHRIS\LOCAL SETTINGS\APPLICATION DATA\{F1135728-5C72-4762-BD08-57176624A400}
[2009/05/20 07:56:06 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
() (No name found) -- C:\PROGRAM FILES\WEBENHANCEMENTS\WEBENHANCEMENTS.XPI
[2011/06/24 13:25:44 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/10 02:09:32 | 000,079,216 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npContribute.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2007/03/09 19:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2011/05/06 11:34:43 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/02/03 11:25:09 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (eBay Toolbar Helper) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - File not found
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
O2 - BHO: (Web Enhancements) - {CC0F2900-8A5B-4D0D-9E44-10435BC40774} - C:\Program Files\WebEnhancements\WebEnhancements.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O3 - HKLM\..\Toolbar: (eBay Toolbar) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - File not found
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (Search) - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll ()
O3 - HKLM\..\Toolbar: (no name) - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O4 - HKLM..\Run: [Pzorumutokara] C:\WINDOWS\amezitoha.dll ()
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe ()
O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [Rxikimoxihuvuwo] C:\WINDOWS\tpcdos.dll ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &1 Analyze Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O8 - Extra context menu item: &2 Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O8 - Extra context menu item: &3 Edit Identities - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O8 - Extra context menu item: &4 Edit Passcards - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O8 - Extra context menu item: &5 Fill from Identity - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O8 - Extra context menu item: &6 Fill from Passcard - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O8 - Extra context menu item: &7 Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O8 - Extra context menu item: &8 Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O8 - Extra context menu item: &9 Robo Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O9 - Extra 'Tools' menuitem : &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O9 - Extra Button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O9 - Extra 'Tools' menuitem : &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O9 - Extra Button: RF toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O9 - Extra 'Tools' menuitem : &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: statcounter.com ([www] https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} http://download.micr...tualEarth3D.cab (Reg Error: Key error.)
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} http://dlmanager.aka...vex-2.0.4.4.cab (DownloadManager Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} http://www.pulse3d.c...yer5.2AxWin.cab (Pulse V5 ActiveX Control)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} http://www.auctiva.c...oad/XUpload.ocx (Persits Software XUpload)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:1 (Internet Explorer Channel Bar) - 131A6951-7F78-11D0-A979-00C04FD705A2
O24 - Desktop WallPaper: C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chris\Local Settings\Application Data\Magentic\Runtime\Magentic Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.NS0 -- [ NTFS ]
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.NS1 -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/05 10:32:02 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.exe
[2011/07/04 12:50:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Application Data\ElevatedDiagnostics
[2011/07/04 12:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/07/04 12:42:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/07/02 19:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/07/02 19:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/07/02 19:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/07/02 19:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/07/02 18:51:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/06/29 09:32:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\{E41832E8-53DD-44D0-A1A1-B80F3CED5229}
[2011/06/29 08:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\{927EF153-CFE9-4ADC-B78F-A949905BD69D}
[2011/06/28 15:49:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\My Documents\Ebay Policies
[2011/06/23 13:48:45 | 009,132,352 | ---- | C] (GigaTribe SAS ) -- C:\Documents and Settings\Chris\Desktop\gigatribe_setup3.01.007.exe
[2011/06/22 19:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\{F1135728-5C72-4762-BD08-57176624A400}
[2011/06/20 12:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\{D50F772E-BEFC-47BB-8D9D-505290AB05F1}
[2011/06/18 10:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\{2BB89C54-13A6-49A2-A038-495E3ADDF22D}
[2011/06/15 20:42:36 | 000,709,896 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\tmufeng.dll
[2011/06/15 20:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Trend Micro Internet Security
[2011/06/15 20:40:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trend Micro
[2011/06/15 20:36:32 | 000,656,648 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\UfWSC.cpl
[2011/06/15 20:35:47 | 001,331,512 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\vsapint.sys
[2011/06/15 20:35:45 | 000,335,376 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\TM_CFW.sys
[2011/06/15 20:35:44 | 000,249,424 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmxpflt.sys
[2011/06/15 20:35:43 | 000,066,320 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmtdi.sys
[2011/06/15 20:35:43 | 000,036,432 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmpreflt.sys
[2011/06/15 20:19:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chris\Desktop\en-US_TISDell_Download
[2011/06/15 20:01:25 | 105,145,416 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Chris\Desktop\en-US_TISDell_Download.exe
[2011/06/14 15:28:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\log

========== Files - Modified Within 30 Days ==========

[2011/07/05 11:08:14 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0F09439C-686D-4CFA-81EF-C605BBB99C6D}.job
[2011/07/05 10:55:41 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Asedejoxodoka.dat
[2011/07/05 10:55:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Ccanezuduqi.bin
[2011/07/05 10:55:15 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-442540277-37624018-819299768-1006UA.job
[2011/07/05 10:44:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/05 10:32:02 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chris\Desktop\OTL.exe
[2011/07/05 05:55:01 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-442540277-37624018-819299768-1006Core.job
[2011/07/05 02:44:02 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/02 19:10:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/02 19:05:31 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/07/02 12:28:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/02 09:33:41 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2011/07/01 20:59:01 | 000,066,048 | ---- | M] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/01 20:59:01 | 000,000,578 | ---- | M] () -- C:\WINDOWS\M3JPEG.INI
[2011/07/01 18:08:38 | 000,000,082 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Mama Jenn Spelling Printables.URL
[2011/06/30 03:19:04 | 000,448,654 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/30 03:19:04 | 000,074,428 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/29 13:58:52 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/29 13:58:50 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\Google Chrome.lnk
[2011/06/29 09:34:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/29 09:32:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/29 09:32:44 | 2145,439,744 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/29 03:02:40 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/26 22:00:00 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011/06/23 13:48:46 | 009,132,352 | ---- | M] (GigaTribe SAS ) -- C:\Documents and Settings\Chris\Desktop\gigatribe_setup3.01.007.exe
[2011/06/22 19:47:02 | 193,224,704 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/06/16 23:00:52 | 000,011,264 | ---- | M] () -- C:\WINDOWS\DCEBoot.exe
[2011/06/16 10:48:10 | 000,000,109 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\I can teach my child! Toilet Paper Tube Book (with pull tabs).URL
[2011/06/16 10:47:40 | 000,000,102 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\StrongStart Story Stones for Little Red Hen.URL
[2011/06/15 20:40:44 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Trend Micro Internet Security.lnk
[2011/06/15 20:36:32 | 000,656,648 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\UfWSC.cpl
[2011/06/15 20:35:45 | 000,335,376 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\TM_CFW.sys
[2011/06/15 20:35:43 | 000,066,320 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmtdi.sys
[2011/06/15 20:35:28 | 000,709,896 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\tmufeng.dll
[2011/06/15 20:03:43 | 105,145,416 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Chris\Desktop\en-US_TISDell_Download.exe
[2011/06/12 19:42:22 | 000,000,075 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\1st Grade Resources.URL

========== Files Created - No Company Name ==========

[2011/07/02 19:10:05 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/02 19:05:31 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/07/01 18:08:38 | 000,000,082 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\Mama Jenn Spelling Printables.URL
[2011/06/18 10:20:56 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Asedejoxodoka.dat
[2011/06/18 10:20:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ccanezuduqi.bin
[2011/06/16 23:00:52 | 000,011,264 | ---- | C] () -- C:\WINDOWS\DCEBoot.exe
[2011/06/16 10:48:10 | 000,000,109 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\I can teach my child! Toilet Paper Tube Book (with pull tabs).URL
[2011/06/16 10:47:40 | 000,000,102 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\StrongStart Story Stones for Little Red Hen.URL
[2011/06/15 20:40:44 | 000,000,799 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Trend Micro Internet Security.lnk
[2011/06/15 18:55:25 | 2145,439,744 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/14 15:28:28 | 000,163,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2011/06/14 15:28:28 | 000,059,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\tmactmon.sys
[2011/06/14 15:28:28 | 000,051,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\tmevtmgr.sys
[2011/06/12 19:42:22 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\1st Grade Resources.URL
[2011/04/26 14:17:39 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/26 14:17:38 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/03/21 09:49:58 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/03/21 09:49:58 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/02/02 23:47:19 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/02/02 22:41:21 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/02/02 22:41:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/02/02 22:41:21 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/02/02 22:41:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/02/02 22:41:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/01/24 13:53:10 | 000,079,360 | RHS- | C] () -- C:\WINDOWS\System32\olethk32M.dll
[2010/12/25 17:42:45 | 000,144,684 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/10 20:45:16 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\$_hpcst$.hpc
[2010/03/09 19:21:19 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/08/02 18:22:35 | 000,695,617 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2009/08/02 18:22:34 | 000,025,044 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2009/06/23 11:43:02 | 000,000,578 | ---- | C] () -- C:\WINDOWS\M3JPEG.INI
[2009/05/31 17:32:36 | 000,176,128 | ---- | C] () -- C:\WINDOWS\GeoCodecLib.dll
[2009/05/31 17:32:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\LiveClient.dll
[2009/03/13 10:49:30 | 000,091,520 | ---- | C] () -- C:\WINDOWS\System32\WebIQEngineSetup.exe
[2009/02/18 08:50:25 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\CSHelper.exe
[2008/09/01 19:53:12 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\24057EB7A7.sys
[2008/08/23 14:21:23 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/05/14 10:27:09 | 001,108,480 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2008/05/14 10:27:09 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\libfishsound.dll
[2008/05/14 10:27:09 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\libooogg.dll
[2008/05/14 10:27:09 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\liboooggseek.dll
[2008/05/14 10:27:08 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\dsfoggdemux2.dll
[2008/05/14 10:27:08 | 000,052,736 | ---- | C] () -- C:\WINDOWS\System32\dsfoggmux.dll
[2008/05/14 10:27:08 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\dsfvorbisdecoder.dll
[2008/05/14 10:27:08 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\dsfvorbisencoder.dll
[2008/03/29 14:12:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PezDownload.INI
[2007/08/29 08:49:22 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1020.dll
[2007/08/29 08:49:21 | 000,442,368 | R--- | C] () -- C:\WINDOWS\System32\zshp1020.exe
[2007/08/13 07:42:41 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/02 13:53:19 | 000,000,022 | ---- | C] () -- C:\WINDOWS\iexplore.ini
[2007/07/26 11:57:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Game.INI
[2007/07/16 16:30:16 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\PFP120JPR.{PB
[2007/07/16 16:30:16 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Chris\Application Data\PFP120JCM.{PB
[2007/03/22 16:47:35 | 000,046,344 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/12/28 16:13:01 | 000,000,028 | ---- | C] () -- C:\WINDOWS\QFNOA.INI
[2006/10/11 13:36:21 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/06/30 11:01:23 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\uninstpw.exe
[2006/06/12 21:14:59 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\fusioncache.dat
[2006/05/04 10:19:25 | 000,000,083 | ---- | C] () -- C:\WINDOWS\IMPORTCLIENT.INI
[2006/04/05 14:02:55 | 000,003,089 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/02/23 12:40:08 | 000,000,114 | ---- | C] () -- C:\WINDOWS\kpcms.ini
[2006/02/23 12:40:06 | 000,000,810 | ---- | C] () -- C:\WINDOWS\EZPHOTO.INI
[2006/02/15 12:24:50 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/02/14 18:41:41 | 000,066,048 | ---- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/14 17:00:39 | 000,000,000 | ---- | C] () -- C:\Program Files\pspbrwse.jbf
[2006/02/14 12:46:59 | 000,000,152 | RHS- | C] () -- C:\WINDOWS\System32\A7B77E0524.sys
[2006/02/14 12:40:32 | 000,000,054 | ---- | C] () -- C:\WINDOWS\TwUI240.INI
[2006/02/06 23:59:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/06 23:51:14 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/02/06 23:45:47 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/06 23:44:18 | 000,035,149 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/02/06 23:23:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/02/06 23:22:40 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2006/02/06 23:22:36 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/01/27 19:10:02 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\PTfile1.dll
[2006/01/14 14:16:21 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\infcpy.dll
[2005/12/23 01:44:57 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2005/08/31 13:07:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cpascrrc6(2).dll
[2005/06/11 11:47:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fpprintmon.dll
[2004/08/10 15:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 15:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 15:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 15:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 14:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 14:57:15 | 002,402,632 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 14:51:27 | 000,282,624 | ---- | C] () -- C:\WINDOWS\amezitoha.dll
[2004/08/10 14:51:27 | 000,126,976 | ---- | C] () -- C:\WINDOWS\tpcdos.dll
[2004/08/10 14:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 14:51:20 | 000,448,654 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 14:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 14:51:20 | 000,074,428 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 14:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 14:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 14:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 14:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 14:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 14:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 14:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 14:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/03/20 23:32:15 | 000,000,113 | ---- | C] () -- C:\WINDOWS\Picture Easy 3.ini
[2003/11/21 13:55:06 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\pdbrowse.dll
[2003/07/31 19:21:52 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\hllapi32.dll
[2003/06/21 17:16:01 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\XFILEXR.DLL
[2003/06/21 17:15:46 | 000,049,616 | ---- | C] () -- C:\WINDOWS\System32\JCB.DLL
[2003/06/21 17:15:42 | 000,048,088 | ---- | C] () -- C:\WINDOWS\System32\DSCVR.DLL
[2003/06/21 17:13:03 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\OEMREG.DLL
[2003/06/21 17:13:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\NETBIOS.DLL
[2003/06/21 17:12:54 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[2003/06/21 17:12:49 | 000,008,576 | ---- | C] () -- C:\WINDOWS\System32\ICMUPG.DLL
[2003/06/21 17:11:52 | 000,002,490 | ---- | C] () -- C:\WINDOWS\System32\DLCNDI.DLL
[2003/02/17 11:14:50 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2002/12/09 19:43:27 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2002/12/09 19:43:27 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2002/08/05 15:09:41 | 001,160,512 | ---- | C] () -- C:\WINDOWS\System32\HPFtrl12.dll
[2002/08/05 15:09:41 | 000,023,296 | ---- | C] () -- C:\WINDOWS\System32\HPFtst12.dll
[2002/08/05 15:09:40 | 000,313,056 | ---- | C] () -- C:\WINDOWS\System32\HPFsrl12.dll
[2002/08/05 15:09:40 | 000,251,424 | ---- | C] () -- C:\WINDOWS\System32\HPFwin12.dll
[2002/08/05 15:09:40 | 000,222,336 | ---- | C] () -- C:\WINDOWS\System32\HPFmrl12.dll
[2002/08/05 15:09:40 | 000,160,416 | ---- | C] () -- C:\WINDOWS\System32\HPFprl12.dll
[2002/08/05 15:09:40 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\HPFsui12.dll
[2002/08/05 15:09:40 | 000,117,760 | ---- | C] () -- C:\WINDOWS\System32\HPFrsa12.dll
[2002/08/05 15:09:40 | 000,050,080 | ---- | C] () -- C:\WINDOWS\System32\HPFpcl12.dll
[2002/08/05 15:09:40 | 000,030,176 | ---- | C] () -- C:\WINDOWS\System32\HPFmlc12.dll
[2002/08/05 15:09:40 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\HPFlmn12.dll
[2002/08/05 15:09:40 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\HPFrst12.dll
[2002/08/05 15:09:40 | 000,016,448 | ---- | C] () -- C:\WINDOWS\System32\HPFmon12.dll
[2002/08/05 15:09:40 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\HPFnet12.dll
[2002/08/05 15:09:40 | 000,013,184 | ---- | C] () -- C:\WINDOWS\System32\HPFpml12.dll
[2002/08/05 15:09:40 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\HPFrsu12.dll
[2002/08/05 15:09:40 | 000,006,976 | ---- | C] () -- C:\WINDOWS\System32\HPFitk12.dll
[2002/08/05 15:09:40 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\HPFrss12.dll
[2002/08/05 15:09:39 | 000,851,968 | ---- | C] () -- C:\WINDOWS\System32\HPFimg12.dll
[2002/08/05 15:09:39 | 000,102,304 | ---- | C] () -- C:\WINDOWS\System32\HPFcui12.dll
[2002/08/05 15:09:39 | 000,006,336 | ---- | C] () -- C:\WINDOWS\System32\HPFdos12.dll
[2002/08/05 15:09:39 | 000,005,088 | ---- | C] () -- C:\WINDOWS\System32\HPFhrl12.dll
[2002/08/05 15:09:38 | 000,158,752 | ---- | C] () -- C:\WINDOWS\System32\HPFcps12.dll
[2002/08/05 15:09:38 | 000,049,184 | ---- | C] () -- C:\WINDOWS\System32\HPF24r12.dll
[2002/08/05 15:09:38 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\HPFcbl12.dll
[2002/08/05 15:09:37 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\HPFkal12.dll
[2002/08/05 15:09:37 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HPFiop12.dll
[2002/08/05 15:09:37 | 000,033,568 | ---- | C] () -- C:\WINDOWS\System32\HPFp9812.dll
[2002/08/05 15:09:37 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\HPFl9812.dll
[2002/08/05 15:09:36 | 000,806,848 | ---- | C] () -- C:\WINDOWS\System32\HPFhft12.dll
[2002/08/05 15:09:36 | 000,105,984 | ---- | C] () -- C:\WINDOWS\System32\HPFc9512.dll
[2002/08/05 15:09:36 | 000,067,136 | ---- | C] () -- C:\WINDOWS\System32\HPFc1612.dll
[2002/08/05 15:09:36 | 000,033,696 | ---- | C] () -- C:\WINDOWS\System32\HPFecp12.dll
[2002/05/24 15:40:33 | 000,116,640 | ---- | C] () -- C:\WINDOWS\System32\Ptsaci40.dll
[2002/04/09 21:58:32 | 000,000,282 | ---- | C] () -- C:\Program Files\Common Files\wsftp_options.ini
[2002/03/21 21:31:26 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\PTISTP.DLL
[2002/03/11 21:09:47 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2001/11/29 20:40:12 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\DCCWFP32.DLL
[2001/11/27 14:48:09 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\WFXTHK32.DLL
[2001/11/27 14:48:09 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\HFX3W3.DLL
[2001/11/27 14:48:09 | 000,015,324 | ---- | C] () -- C:\WINDOWS\System32\WFXTHK16.DLL
[2001/11/13 12:58:25 | 000,270,848 | ---- | C] () -- C:\WINDOWS\UNWISE32.EXE
[2001/10/10 23:21:11 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\gif89.dll
[2001/10/10 21:49:23 | 000,007,008 | ---- | C] () -- C:\WINDOWS\System32\SETUPKIT.DLL
[2001/10/10 21:49:23 | 000,000,101 | ---- | C] () -- C:\WINDOWS\ttinstal.ini
[2001/10/10 21:49:13 | 000,019,968 | ---- | C] () -- C:\WINDOWS\CloseApp.exe
[2001/10/10 21:49:11 | 000,323,072 | ---- | C] () -- C:\WINDOWS\System32\Peer.dll
[2001/10/10 21:49:10 | 000,045,952 | ---- | C] () -- C:\WINDOWS\System32\LTVDD62W.DRV
[2001/10/10 21:49:10 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\LTTWN62N.DLL
[2001/10/10 21:49:10 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LFPCX62N.DLL
[2001/10/10 21:49:10 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\Peer_Res.dll
[2001/10/10 21:49:10 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\LFPCT62N.DLL
[2001/10/10 21:49:10 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\LFWMF62N.DLL
[2001/10/10 21:49:10 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\LFTGA62N.DLL
[2001/10/10 21:49:10 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\LFWPG62N.DLL
[2001/10/10 21:49:10 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\LFPCD62N.DLL
[2001/10/10 21:49:10 | 000,003,200 | ---- | C] () -- C:\WINDOWS\System32\LTTHK62W.DLL
[2001/10/10 21:49:09 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\LFFAX62N.DLL
[2001/10/10 21:49:09 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\LFCMP62N.DLL
[2001/10/10 21:49:09 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\LFTIF62N.DLL
[2001/10/10 21:49:09 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\LTFIL62N.DLL
[2001/10/10 21:49:09 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\LFBMP62N.DLL
[2001/09/14 00:25:37 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\MSWHEEL.DLL
[2001/09/03 23:13:46 | 000,271,264 | ---- | C] () -- C:\WINDOWS\System32\VBRUN100.DLL
[2001/09/03 23:13:45 | 000,010,355 | ---- | C] () -- C:\WINDOWS\System32\PLATPLUS.DLL
[2001/09/03 23:13:44 | 000,143,802 | ---- | C] () -- C:\WINDOWS\System32\BC30RTL.DLL
[2001/07/06 15:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2001/05/19 18:20:59 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2001/05/06 21:17:24 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2001/05/06 21:06:25 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2001/05/06 20:35:34 | 000,007,808 | ---- | C] () -- C:\WINDOWS\System32\DC240U.SYS
[2001/05/01 14:24:13 | 000,001,330 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2001/04/30 00:19:38 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\NetFerret.dll
[2001/04/29 22:07:35 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\cdtool.dll
[2001/04/29 20:22:12 | 000,132,064 | ---- | C] () -- C:\WINDOWS\System32\WMPASS.DLL
[2000/09/08 18:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1999/08/12 01:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/08/12 01:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1999/01/22 19:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 09:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL
[1979/12/31 18:34:02 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.DLL

========== LOP Check ==========

[2009/10/25 12:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2006/05/20 10:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7
[2006/02/09 16:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2008/02/12 18:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ebates__MoeMoney__Maker
[2009/04/17 18:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eBay
[2011/02/03 00:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2008/12/12 11:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2008/12/12 10:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/01/02 13:21:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leapfrog
[2007/04/06 17:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/12/23 11:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2010/06/17 21:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoMail
[2006/02/09 16:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2006/05/10 10:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/05/30 15:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/05/18 13:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WholeSecurity
[2010/11/18 18:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008/01/02 10:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\acccore
[2008/06/02 09:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Aim
[2008/11/07 10:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/02/12 18:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Ebates__MoeMoney__Maker
[2009/04/17 18:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\eBay
[2011/07/04 12:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\ElevatedDiagnostics
[2009/08/31 09:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Elluminate
[2006/09/05 07:28:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Ericom
[2011/01/17 17:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\FileExchange
[2009/01/07 10:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Genie-Soft
[2010/01/01 20:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\GigaTribe
[2006/02/09 16:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\H2ST
[2011/03/21 09:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\IObit
[2006/10/13 15:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Leadertech
[2010/09/14 14:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Moyea
[2010/06/18 16:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\NETGEAR Live Parental Controls
[2010/06/14 14:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Netscape
[2007/05/17 11:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\OfficeUpdate12
[2010/03/31 15:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\OpenDNS Updater
[2006/05/10 10:42:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\PhotoParade
[2008/03/05 15:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\PictureTrail
[2010/03/27 17:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\ProspectorV3
[2011/07/03 13:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\ProspectorV5
[2010/10/18 15:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\rsvme
[2006/02/09 17:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Siber Systems
[2011/01/28 18:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Thunderbird
[2006/05/10 10:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\TuneUp Software
[2007/06/29 12:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Viewpoint
[2006/12/21 17:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\WholeSecurity
[2006/04/20 10:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\WholeSecurity(2)
[2010/09/13 09:40:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\Windows Search
[2010/03/27 17:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chris\Application Data\WinPatrol
[2011/07/02 12:28:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/06/26 22:00:00 | 000,000,384 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
[2011/07/02 09:33:41 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job
[2011/07/05 11:08:14 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0F09439C-686D-4CFA-81EF-C605BBB99C6D}.job

========== Purity Check ==========



< End of report >

Thanks for anything you can do!
  • 0

Advertisements

#2
ThreeRingCircus
Posted 05 July 2011 - 09:20 AM

ThreeRingCircus

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
And here is an "Extras" box that also popped up, in case you need it.

OTL Extras logfile created on: 7/5/2011 10:32:26 AM - Run 1
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Documents and Settings\Chris\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.51 Gb Available Physical Memory | 25.58% Memory free
2.60 Gb Paging File | 1.35 Gb Available in Paging File | 51.84% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 21.62 Gb Free Space | 30.25% Space Free | Partition Type: NTFS
Drive F: | 465.65 Gb Total Space | 381.01 Gb Free Space | 81.82% Space Free | Partition Type: FAT32

Computer Name: NEWBABY | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\PROGRAM FILES\WINAMP\WINAMP.EXE" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\PROGRAM FILES\WINAMP\WINAMP.EXE" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\PROGRAM FILES\WINAMP\WINAMP.EXE" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"57141:TCP" = 57141:TCP:*:Enabled:Pando
"57141:UDP" = 57141:UDP:*:Enabled:Pando

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\IncrediMail\bin\IMApp.exe" = C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1140022579\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1140022579\ee\aolsoftware.exe:*:Enabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\1140022579\ee\aim6.exe" = C:\Program Files\Common Files\AOL\1140022579\ee\aim6.exe:*:Enabled:AIM -- (America Online, Inc.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Java\j2re1.4.2_03\bin\javaw.exe" = C:\Program Files\Java\j2re1.4.2_03\bin\javaw.exe:*:Enabled:javaw -- ()
"C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe" = C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe:*:Enabled:IncrediMail Installer -- ()
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- ()
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE:*:Enabled:SAgent4 -- (SEIKO EPSON CORPORATION)
"C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic -- (IncrediMail, Ltd.)
"C:\Program Files\Magentic\bin\Magentic.exe" = C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic -- ()
"C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic -- ()
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe" = C:\Program Files\LeapFrog\LeapFrog Connect\LeapFrogConnect.exe:*:Enabled:LeapFrog Connect -- (LeapFrog Enterprises, Inc.)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Pando Networks\Pando\Pando.exe" = C:\Program Files\Pando Networks\Pando\Pando.exe:*:Enabled:Pando -- (Pando Networks)
"C:\Program Files\GigaTribe\gigatribe.exe" = C:\Program Files\GigaTribe\gigatribe.exe:*:Enabled:GigaTribe -- (Gigatribe SAS)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1027F42C-7274-43C3-9F8B-94235B171C6F}_is1" = 2.0
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18DB3375-0649-4EA3-959A-44F1ACD278BA}" = IncrediMail
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 15
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DB5FD00-BB93-4AF3-B925-77DAA0E4E2F4}" = eBay Toolbar Featuring Yahoo!
"{3E908702-AF35-4611-9518-955DA24B7E07}" = Microsoft XML Parser and SDK
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Google AFE
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{50063EEB-8CD5-4AA4-AA13-30699DD92629}" = Adobe Setup
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5BB770DE-19FF-4D71-A0E0-1F21E1847512}" = Adobe PDistiller
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69A83D99-D41B-4396-BCC4-3DCB77DFFED0}" = WebIQ Technology Engine
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator
"{79FE5DA1-E1F0-421E-8872-DC7409AC789B}" = eBook Pro Viewer 5.02
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A621B45A-D138-4A95-BE10-7CABA05EF94E}" = Trend Micro Internet Security
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando
"{ABEA93FA-8D65-11D2-98AB-00C04F79C5D1}" = Microsoft IntelliPoint
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6359569-E03E-4CDC-98E8-CDD080C6EEB5}" = LeapFrog Connect
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF3E8BE9-2AD1-42A9-97CD-33AD9826A9E8}" = Prospector
"{D1973749-F5E7-40EB-B528-F2B78685B9FF}" = essvcpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D46E4432-0CBD-4C52-804D-B35C8CFCA17B}" = Office Animation Runtime
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E51FFEFB-68E2-4516-B293-35DC83B9767E}" = LeapFrog Tag Plugin
"{EA8E9BC0-09DB-11D5-94FA-9DEE663A8041}" = MailDefense
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA23FE38-470F-4C70-88BF-6B2C1BD32742}" = DSC308
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator 8.0" = Adobe Illustrator 8.0
"Adobe PhotoDeluxe 2.0" = Adobe PhotoDeluxe 2.0
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_4c96cd7621076512aaef5e76536b4ef" = Adobe Contribute CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"AIM_7" = AIM 7
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"ArtistScope Plugin IE 424.2.0.0" = ArtistScope Plugin IE 42
"CCleaner" = CCleaner
"CDPhotoDeinstKey" = ColorDesk Photo
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Digital Editions" = Adobe Digital Editions
"Google Desktop" = Google Desktop
"HP Document Viewer" = HP Document Viewer 5.3
"HP-LaserJet 1020 series" = LaserJet 1020 series
"HTC_WModemDriver" = WModem Driver Installer
"HTPE3" = HyperTerminal Private Edition v5.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"IrfanView" = IrfanView (remove only)
"KODAK DC240" = KODAK DC240 Software
"Magentic" = Magentic
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"Mozilla Thunderbird (3.1.11)" = Mozilla Thunderbird (3.1.11)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"Photo Organizer 1.8" = Photo Organizer
"PhotoMail" = PhotoMail Maker
"Picture Easy 3.0" = Picture Easy 3.1
"PrintMaster 10" = PrintMaster
"PROPLUS" = Microsoft Office Professional Plus 2007
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"Search Toolbar" = Search Toolbar
"ShalSoft.GigaTribe_is1" = GigaTribe 3.01.005
"Smart Defrag 2_is1" = Smart Defrag 2
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"TTInstallerDeinstKey" = TrueType Font Installer
"UPCShell" = LeapFrog Connect
"ViewpointMediaPlayer" = Viewpoint Media Player
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player 1.1.4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebEnhancements" = WebEnhancements
"WIC" = Windows Imaging Component
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WS_FTP Pro" = Ipswitch WS_FTP Pro
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Connect Add-in" = Adobe Connect Add-in
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/14/2011 8:13:43 PM | Computer Name = NEWBABY | Source = Microsoft Fax | ID = 32045
Description = Fax Service failed to initialize because it could not initialize the
TAPI devices. Verify that the fax modem was installed and configured correctly. Win32
error code: -2147483576. This error code indicates the cause of the error.

Error - 6/14/2011 9:03:09 PM | Computer Name = NEWBABY | Source = ESENT | ID = 490
Description = svchost (1420) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\edb.log"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 6/14/2011 9:03:09 PM | Computer Name = NEWBABY | Source = ESENT | ID = 454
Description = Catalog Database (1420) Database recovery/restore failed with unexpected
error -1032.

Error - 6/14/2011 9:10:16 PM | Computer Name = NEWBABY | Source = Microsoft Fax | ID = 32045
Description = Fax Service failed to initialize because it could not initialize the
TAPI devices. Verify that the fax modem was installed and configured correctly. Win32
error code: -2147483576. This error code indicates the cause of the error.

Error - 6/15/2011 12:10:23 AM | Computer Name = NEWBABY | Source = Microsoft Fax | ID = 32045
Description = Fax Service failed to initialize because it could not initialize the
TAPI devices. Verify that the fax modem was installed and configured correctly. Win32
error code: -2147483576. This error code indicates the cause of the error.

Error - 6/20/2011 12:57:00 PM | Computer Name = NEWBABY | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module amezitoha.dll, version 0.0.0.0, fault address 0x00025e4b.

Error - 6/21/2011 3:36:48 PM | Computer Name = NEWBABY | Source = Application Error | ID = 1000
Description = Faulting application gigatribe.exe, version 3.1.5.0, faulting module
unknown, version 0.0.0.0, fault address 0x557231eb.

Error - 6/22/2011 7:49:15 PM | Computer Name = NEWBABY | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module amezitoha.dll, version 0.0.0.0, fault address 0x00025e4b.

Error - 6/28/2011 6:04:16 PM | Computer Name = NEWBABY | Source = Application Error | ID = 1000
Description = Faulting application gigatribe.exe, version 3.1.5.0, faulting module
qtcore4.dll, version 4.5.3.0, fault address 0x000e68dd.

Error - 6/29/2011 8:22:12 AM | Computer Name = NEWBABY | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module amezitoha.dll, version 0.0.0.0, fault address 0x00025e4b.

[ OSession Events ]
Error - 1/2/2011 6:39:38 PM | Computer Name = NEWBABY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 98
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6/16/2011 9:39:20 AM | Computer Name = NEWBABY | Source = Service Control Manager | ID = 7000
Description = The Trend Micro Proxy Service service failed to start due to the following
error: %%1053

Error - 6/16/2011 2:38:34 PM | Computer Name = NEWBABY | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service gusvc with
arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}

Error - 6/16/2011 2:38:39 PM | Computer Name = NEWBABY | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Google Software Updater
service to connect.

Error - 6/22/2011 7:48:48 PM | Computer Name = NEWBABY | Source = System Error | ID = 1003
Description = Error code 000000d1, parameter1 5466744e, parameter2 00000002, parameter3
00000001, parameter4 b95b1086.

Error - 6/22/2011 7:53:45 PM | Computer Name = NEWBABY | Source = System Error | ID = 1003
Description = Error code 000000d1, parameter1 00000001, parameter2 00000002, parameter3
00000001, parameter4 b9027086.

Error - 6/22/2011 7:55:01 PM | Computer Name = NEWBABY | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Trend Micro Personal
Firewall service to connect.

Error - 6/22/2011 7:55:01 PM | Computer Name = NEWBABY | Source = Service Control Manager | ID = 7000
Description = The Trend Micro Personal Firewall service failed to start due to the
following error: %%1053

Error - 6/29/2011 9:06:41 AM | Computer Name = NEWBABY | Source = Service Control Manager | ID = 7034
Description = The Pml Driver HPZ12 service terminated unexpectedly. It has done
this 1 time(s).

Error - 6/29/2011 9:09:45 AM | Computer Name = NEWBABY | Source = Service Control Manager | ID = 7034
Description = The Viewpoint Manager Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 6/29/2011 9:10:16 AM | Computer Name = NEWBABY | Source = Service Control Manager | ID = 7034
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s).


< End of report >
Thank you!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP