weird things afoot for me these days. i just got my computer cleaned (on this thread: http://www.geekstogo..._1#entry2218514) and somehow the following things have started happening:
1. when i play music in winamp, about every 5 minutes it pauses. i have no idea what that's about, but it's new.
2. when i open up firefox, there's a yahoo quicksearch icon in the pull-down search engine menu, no matter how many times i delete it. and if i do a firefox search by typing words into the url field, instead of a google search it's a yahoo search. this coincided with a day in which i opened up firefox and saw that my home page had been switched to a "mysearch" yahoo-driven site.
3. when i just signed into geeks to go, in the sign-in screen, the word "computers" was double-underlined and an adsense ad showed up when i scrolled over it. i thought that i had already defeated that virus, but it appears to be back.
i ran the OTL log and it created a file called "OTL.txt" and one called "Extras.txt" -- I've pasted both of them below.
help?
thanks so much.
best -- sue
OTL log
OTL logfile created on: 11/8/2012 2:48:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Meddle\Desktop\fight club
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.37 Mb Total Physical Memory | 290.75 Mb Available Physical Memory | 28.66% Memory free
2.38 Gb Paging File | 1.83 Gb Available in Paging File | 76.81% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49.80 Gb Total Space | 17.12 Gb Free Space | 34.37% Space Free | Partition Type: NTFS
Computer Name: CASCADE | User Name: Meddle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/11/08 14:48:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meddle\Desktop\fight club\OTL.exe
PRC - [2012/10/24 09:50:37 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/10/17 12:46:45 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/10/09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2012/09/11 13:58:41 | 000,388,576 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2011/06/10 13:41:32 | 001,575,184 | ---- | M] (Blue Coat Systems, Inc.) -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
PRC - [2009/07/13 22:18:12 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/09/04 19:54:44 | 000,880,722 | ---- | M] (Trend Micro Incorporated.) -- C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe
PRC - [2006/08/01 08:00:04 | 000,774,144 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel RMS License Manager\WinNT\lservnt.exe
PRC - [2006/06/13 09:09:44 | 000,052,736 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2006/04/11 18:39:22 | 000,176,201 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
PRC - [2006/04/06 11:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2005/08/30 13:36:28 | 000,262,215 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe
PRC - [2005/08/30 13:36:26 | 000,585,792 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe
PRC - [2005/08/30 13:36:26 | 000,290,889 | ---- | M] (Trend Micro Incorporated.) -- C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe
PRC - [2005/08/30 13:36:20 | 000,823,362 | ---- | M] (Trend Micro Incorporated.) -- C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
PRC - [2000/06/29 00:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
========== Modules (No Company Name) ==========
MOD - [2012/10/24 09:50:39 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/09/11 13:58:48 | 002,061,280 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2012/09/11 13:58:46 | 000,157,664 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012/09/11 13:58:46 | 000,021,984 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2011/11/03 07:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/09/15 13:51:00 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2009/07/13 22:18:12 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006/10/09 15:12:40 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2006/04/26 21:32:28 | 000,081,920 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2006/04/11 18:39:20 | 000,081,995 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEHook.dll
MOD - [2005/12/19 12:08:30 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2005/08/30 13:36:28 | 000,221,248 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security 12\TmPfwRul.dll
MOD - [2005/08/30 13:36:26 | 000,131,072 | ---- | M] () -- C:\Program Files\Trend Micro\Internet Security 12\tmdbg.dll
MOD - [2002/01/08 09:08:22 | 000,051,712 | ---- | M] () -- C:\WINDOWS\system32\ngprtserv.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus®
SRV - [2012/10/17 12:46:45 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/10/09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/06/10 13:41:32 | 001,575,184 | ---- | M] (Blue Coat Systems, Inc.) [Auto | Running] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (bckwfs)
SRV - [2009/07/13 22:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/09/04 19:54:44 | 000,880,722 | ---- | M] (Trend Micro Incorporated.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe -- (PcCtlCom)
SRV - [2006/08/01 08:00:04 | 000,774,144 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel RMS License Manager\WinNT\lservnt.exe -- (Sentinel RMS License Manager)
SRV - [2006/06/13 09:09:44 | 000,052,736 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2006/04/06 11:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2005/08/30 13:36:28 | 000,262,215 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe -- (tmproxy)
SRV - [2005/08/30 13:36:26 | 000,585,792 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe -- (TmPfw)
SRV - [2005/08/30 13:36:26 | 000,290,889 | ---- | M] (Trend Micro Incorporated.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe -- (Tmntsrv)
SRV - [2000/06/29 00:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011/06/10 13:41:02 | 000,086,544 | ---- | M] (Blue Coat Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bckd.sys -- (bckd)
DRV - [2009/12/30 10:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2008/11/26 17:42:42 | 000,205,328 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (Tmfilter)
DRV - [2008/11/26 17:42:40 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (Tmpreflt)
DRV - [2008/11/26 17:39:56 | 001,195,384 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\VsapiNT.sys -- (Vsapint)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/19 11:16:06 | 000,053,888 | ---- | M] (Echo Digital Audio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\echo1394.sys -- (echo1394)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/06/13 09:09:42 | 000,011,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CdaC15BA.SYS -- (CdaC15BA)
DRV - [2006/03/14 07:22:00 | 000,090,176 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\sentinel.sys -- (Sentinel)
DRV - [2005/11/16 18:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/11/02 16:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/14 12:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 12:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 12:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/30 13:36:30 | 001,884,585 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TM_CFW.sys -- (tm_cfw)
DRV - [2005/08/30 13:36:30 | 000,038,528 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2005/08/12 14:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 13:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 00:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 00:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 00:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/02/13 13:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2000/02/03 11:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo....r=spigot-yhp-ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 F4 EA 33 ED AC CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 3F BD FE 10 ED B9 29 4C A8 69 03 9F 26 C0 31 67 [binary data]
IE - HKCU\..\URLSearchHook: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files\FreeRIP Toolbar\IE\6.5\freeripToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {2AC18CD2-D729-498D-AB8C-79683DB8FFBA}
IE - HKCU\..\SearchScopes\{2AC18CD2-D729-498D-AB8C-79683DB8FFBA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=386496"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/messages/1008973203|http://productforums.google.com/forum/#!category-topic/chrome/discuss-chrome/R4gHWcJdgH0%5B1-25%5D"
FF - prefs.js..keyword.URL: "http://search.yahoo....type=386496&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/11/23 15:23:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/28 14:13:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/28 12:20:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2012/10/11 16:06:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Meddle\Application Data\Mozilla\Extensions
[2011/02/16 16:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Meddle\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/10/28 14:13:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/24 09:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/24 09:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/24 09:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/10/14 13:54:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files\FreeRIP Toolbar\IE\6.5\freeripToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (FreeRIP Toolbar) - {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - C:\Program Files\FreeRIP Toolbar\IE\6.5\freeripToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [pccguide.exe] C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" File not found
O4 - HKCU..\Run: [OE_OEM] C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1148501628630 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D286BE99-4C0C-4FDE-9DF9-42F3978FEDC0}: DhcpNameServer = 208.67.222.222 208.67.220.220 8.8.4.4
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Meddle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Meddle\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 01:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/26 08:23:22 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/11/08 14:51:16 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/11/08 12:20:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Meddle\Recent
[2012/10/28 14:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/26 18:38:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\Application Data\FreeRIP
[2012/10/26 11:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\Application Data\Search Settings
[2012/10/26 11:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\My Documents\My Kindle Content
[2012/10/26 11:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012/10/26 11:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\FreeRIP Toolbar
[2012/10/26 11:35:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\Start Menu\Programs\Amazon
[2012/10/26 11:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\Local Settings\Application Data\Amazon
[2012/10/24 18:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\Application Data\Foxit Software
[2012/10/18 10:43:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/10/18 10:37:12 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/10/17 20:56:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\Desktop\backups
[2012/10/17 14:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\Local Settings\Application Data\Sun
[2012/10/17 12:49:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2012/10/17 12:49:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/10/17 12:47:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/10/17 12:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2012/10/17 12:28:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\Local Settings\Application Data\VS Revo Group
[2012/10/17 12:28:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2012/10/17 12:28:03 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2012/10/17 12:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/10/16 10:52:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\My Documents\carrie
[2012/10/11 11:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meddle\Desktop\Old Firefox Data
[2012/10/10 17:01:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Meddle\Start Menu\Programs\Administrative Tools
[1 C:\Documents and Settings\Meddle\*.tmp files -> C:\Documents and Settings\Meddle\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/11/08 14:51:16 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/11/08 14:47:01 | 000,000,218 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2012/11/08 14:47:01 | 000,000,204 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2012/11/08 14:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/08 12:01:15 | 000,194,983 | ---- | M] () -- C:\Documents and Settings\Meddle\Desktop\earth hold up.jpg
[2012/11/08 11:16:30 | 000,000,435 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2012/11/08 11:15:18 | 000,000,109 | ---- | M] () -- C:\WINDOWS\System32\prsrvk.tgz
[2012/11/08 11:15:18 | 000,000,095 | ---- | M] () -- C:\WINDOWS\System32\prsrvk.dll
[2012/11/08 11:15:18 | 000,000,086 | ---- | M] () -- C:\WINDOWS\System32\nsprs.tgz
[2012/11/08 11:15:18 | 000,000,072 | ---- | M] () -- C:\WINDOWS\System32\nsprs.dll
[2012/11/08 11:15:15 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/08 11:15:11 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/08 11:15:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/11/07 23:29:55 | 000,521,987 | ---- | M] () -- C:\Documents and Settings\Meddle\Desktop\StoneCroweFlier0001.jpg
[2012/11/07 21:44:58 | 000,443,482 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/11/07 21:44:58 | 000,072,582 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/11/06 16:49:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/11/04 14:19:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/28 14:13:20 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Meddle\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/10/26 11:35:40 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\Meddle\Desktop\Kindle.lnk
[2012/10/26 11:34:30 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\Meddle\Desktop\FreeRIP.lnk
[2012/10/25 14:39:26 | 000,001,534 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ss.ini
[2012/10/24 18:24:39 | 000,002,565 | ---- | M] () -- C:\Documents and Settings\Meddle\Application Data\Microsoft\Internet Explorer\Quick Launch\OpenOffice.org Writer.lnk
[2012/10/18 10:42:13 | 000,212,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/10/17 12:42:12 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2012/10/14 13:58:31 | 000,000,014 | ---- | M] () -- C:\WINDOWS\System32\tmpPrst.tgz
[2012/10/14 13:54:50 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/10/12 18:41:56 | 020,480,000 | ---- | M] () -- C:\Documents and Settings\Meddle\Local Settings\Application Data\store-pp.jbs
[2012/10/10 12:27:54 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[1 C:\Documents and Settings\Meddle\*.tmp files -> C:\Documents and Settings\Meddle\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/11/08 12:01:12 | 000,194,983 | ---- | C] () -- C:\Documents and Settings\Meddle\Desktop\earth hold up.jpg
[2012/11/07 23:29:51 | 000,521,987 | ---- | C] () -- C:\Documents and Settings\Meddle\Desktop\StoneCroweFlier0001.jpg
[2012/10/28 14:13:20 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Meddle\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/10/26 11:35:40 | 000,001,635 | ---- | C] () -- C:\Documents and Settings\Meddle\Desktop\Kindle.lnk
[2012/10/17 12:42:12 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
[2012/10/14 15:32:12 | 000,000,095 | ---- | C] () -- C:\WINDOWS\System32\prsrvk.dll
[2012/10/14 15:32:11 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\nsprs.dll
[2012/10/14 13:58:31 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2012/10/12 18:41:56 | 020,480,000 | ---- | C] () -- C:\Documents and Settings\Meddle\Local Settings\Application Data\store-pp.jbs
[2012/10/10 17:22:04 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\tmpPrst.tgz
[2012/08/19 12:15:59 | 000,041,528 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/08/09 16:05:50 | 000,001,534 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ss.ini
[2012/03/04 13:39:38 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2012/03/04 13:38:52 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\rvkauth2.dll
[2012/03/04 13:38:51 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\rvkauth1.dll
[2012/02/15 10:23:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/20 15:21:46 | 025,552,579 | ---- | C] () -- C:\Program Files\cool backup info.zip
[2011/07/20 10:59:33 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/04/18 21:10:49 | 006,814,952 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2011/04/18 21:10:49 | 000,017,766 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2010/12/10 21:15:22 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/12/10 21:15:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/01/09 12:25:54 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/13 09:26:31 | 000,051,712 | ---- | C] () -- C:\Documents and Settings\Meddle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/05/26 09:34:21 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Meddle\Application Data\PFP120JPR.{PB
[2006/05/26 09:34:21 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Meddle\Application Data\PFP120JCM.{PB
[2006/05/24 12:07:03 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Meddle\Local Settings\Application Data\fusioncache.dat
[2006/05/21 12:55:19 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
========== ZeroAccess Check ==========
[2005/08/16 01:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 16:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 16:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/01/11 12:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2006/05/24 14:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2008/04/04 13:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2008/02/27 10:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon
[2012/08/09 16:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2010/09/05 10:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2008/04/07 10:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2008/04/07 10:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2008/09/12 09:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tracktion 2
[2010/09/05 10:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ViceVersa PRO 2
[2010/09/28 19:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/01/04 16:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{55BB476E-39AF-4872-82A7-A1D535E12361}
[2010/03/04 10:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/01/21 13:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Amazon
[2011/11/23 17:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\AnvSoft
[2006/05/24 14:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Autodesk
[2012/10/17 12:53:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Azureus
[2009/07/15 14:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Canneverbe_Limited
[2008/04/07 12:17:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Canon
[2012/09/13 14:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\dBpoweramp
[2011/11/23 15:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\DDMSettings
[2012/04/23 16:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Dropbox
[2008/06/06 10:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Echo AudioFire Console
[2012/10/24 18:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Foxit Software
[2010/10/21 17:29:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\FreeAudioPack
[2012/10/26 18:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\FreeRIP
[2008/07/18 06:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\iPodder
[2010/09/05 10:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Leadertech
[2006/06/13 09:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Mathsoft
[2011/02/17 14:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\QuickScan
[2008/04/07 10:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\ScanSoft
[2012/10/26 11:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Search Settings
[2011/02/16 16:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\Thunderbird
[2012/10/28 14:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meddle\Application Data\uTorrent
========== Purity Check ==========
< End of report >
OTL "extras" log
OTL Extras logfile created on: 11/8/2012 2:48:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Meddle\Desktop\fight club
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1014.37 Mb Total Physical Memory | 290.75 Mb Available Physical Memory | 28.66% Memory free
2.38 Gb Paging File | 1.83 Gb Available in Paging File | 76.81% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49.80 Gb Total Space | 17.12 Gb Free Space | 34.37% Space Free | Partition Type: NTFS
Computer Name: CASCADE | User Name: Meddle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\hnetmon32.exe" = C:\WINDOWS\system32\hnetmon32.exe:*:Enabled:Windows Update Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe" = C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe" = C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator -- (Hewlett-Packard Co.)
"C:\Documents and Settings\Meddle\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Meddle\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05410000-64A6-4248-A026-9745C1E9E159}" = Microsoft Encarta Encyclopedia Deluxe 2005
"{0564C76B-8E1F-4157-8654-B0F9F308BEE9}" = HP Deskjet 3050 J610 series Basic Device Software
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{19D697C4-FD79-45CE-AE2E-0A3B13404FC7}" = StruCalc 8.0.108
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{23B72D50-1C7E-491C-8086-9E060051D316}" = Manual CanoScan LiDE 60
"{24C242C0-28C0-43C8-A0A1-FE181F3B3319}" = OpenOffice.org 2.0
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{408D5763-DC74-4B68-B75B-1258EE039999}" = RISA-2D
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CE88F4D-B74E-4F92-9DA4-ECEB60ED362A}" = TBS WMP Plug-in
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP 3.92
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D7-0209-0409-0000-0060B0CE6BBA}" = AutoCAD LT 2004
"{597E70FF-7C46-4EED-8092-91B7C2E0529D}" = Google SketchUp 7
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{65F75F96-C727-45F7-A657-135BE84ADE30}" = iPF700 Printer Driver Extra Kit
"{66140774-5E3F-4B6D-8FBD-E940AE8AAEF6}" = FreeRIP Toolbar v6.5
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7314A846-10ED-4BF6-B084-D359E9D4B89C}" = SAP2000 14
"{7698EDA5-A90F-4205-99CB-8FF6F9048ED9}" = Trend Micro PC-cillin Internet Security 12
"{78183C31-521C-438E-98C3-B646B0037A7F}" = Mathcad 12
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8E63EAE6-34CB-4AC4-8838-C2BFB4C30BB2}" = TJ-Beam
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3752427-9AAA-4B1C-B428-01723E0E9FFA}" = 2x1/4x1 USB Peripheral Switch
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0B7F6B4-CE78-439F-9E72-AD4C79FC63F2}" = Sentinel RMS License Manager
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{E30E7561-A466-4393-B8BF-FD93E733EF3C}" = Microsoft Office Live Meeting 2007
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
"{FC3D904A-88CC-49E8-989C-1888CF411C13}" = RISABase 2.0 Demo
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"7-Zip" = 7-Zip 9.20
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Amazon Kindle" = Amazon Kindle
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.12
"Any Video Converter_is1" = Any Video Converter 3.3.0
"AudibleManager" = AudibleManager
"AudioFire Windows Drivers" = AudioFire Windows Drivers
"Autodesk Express Viewer" = Autodesk Express Viewer
"AviSynth" = AviSynth 2.5
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"Blue Coat K9 Web Protection" = Blue Coat K9 Web Protection 4.2.123
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"CutePDF Writer Installation" = CutePDF Writer 2.6
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DivX Setup" = DivX Setup
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"ERUNT_is1" = ERUNT 1.1j
"Foxit Reader_is1" = Foxit Reader
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.1
"Handbrake" = Handbrake 0.9.2
"HP Photo Creations" = HP Photo Creations
"ie8" = Windows Internet Explorer 8
"InstallShield_{4CE88F4D-B74E-4F92-9DA4-ECEB60ED362A}" = TBS WMP Plug-in
"Juice" = Juice 2.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"Mozilla Thunderbird 15.0.1 (x86 en-US)" = Mozilla Thunderbird 15.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NETGEAR Print Server Software" = NETGEAR Print Server Software
"SC DVD Copier_is1" = SC DVD Copier 3.3.0.0
"Shockwave" = Shockwave
"Simpson AutoCAD Menu" = Simpson AutoCAD Menu
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 2.0.3
"VobSub" = VobSub v2.23 (Remove Only)
"WildTangent CDA" = WildTangent Web Driver
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMA To MP3 Converter" = WMA To MP3 Converter
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"JoinMe" = join.me
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/26/2012 4:15:22 PM | Computer Name = CASCADE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11406
Error - 10/26/2012 4:15:22 PM | Computer Name = CASCADE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11406
Error - 10/27/2012 12:19:33 AM | Computer Name = CASCADE | Source = Application Error | ID = 1000
Description = Faulting application coolpro2.exe, version 2.0.2095.0, faulting module
pcm.flt, version 0.0.0.0, fault address 0x00002f6e.
Error - 10/27/2012 12:20:32 AM | Computer Name = CASCADE | Source = Application Error | ID = 1000
Description = Faulting application coolpro2.exe, version 2.0.2095.0, faulting module
pcm.flt, version 0.0.0.0, fault address 0x00002f6e.
Error - 11/5/2012 3:36:40 AM | Computer Name = CASCADE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/5/2012 3:36:40 AM | Computer Name = CASCADE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7625
Error - 11/5/2012 3:36:40 AM | Computer Name = CASCADE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7625
Error - 11/5/2012 3:36:56 AM | Computer Name = CASCADE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/5/2012 3:36:56 AM | Computer Name = CASCADE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 23265
Error - 11/5/2012 3:36:56 AM | Computer Name = CASCADE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 23265
[ System Events ]
Error - 11/5/2012 4:33:37 PM | Computer Name = CASCADE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 11/6/2012 7:18:08 PM | Computer Name = CASCADE | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.101 on
the Network Card with network address 0016CE5BB72C.
Error - 11/6/2012 7:18:28 PM | Computer Name = CASCADE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)
Error - 11/6/2012 7:18:28 PM | Computer Name = CASCADE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 11/8/2012 4:42:30 PM | Computer Name = CASCADE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/8/2012 4:42:35 PM | Computer Name = CASCADE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/8/2012 4:42:40 PM | Computer Name = CASCADE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/8/2012 4:42:44 PM | Computer Name = CASCADE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/8/2012 4:42:52 PM | Computer Name = CASCADE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 11/8/2012 4:42:56 PM | Computer Name = CASCADE | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
< End of report >