Back in December, MBAM did get a hit on Trojan.Happili (see the cleaning effort here). I consider myself a pretty conservative surfer and try and watch what I click on. It could be we didn't get it all or I slipped up an inadvertently clicked on a link I shouldn't have.
Now I want to get to know this stuff more than ever so I can help others who find themselves in the same situation. I'm not there yet, which is why I need help on this one. Meanwhile, more research ...
OTL Logs follow:
OTL logfile created on: 2/3/2013 9:44:41 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Roman\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.12 Gb Total Physical Memory | 2.12 Gb Available Physical Memory | 67.97% Memory free
4.97 Gb Paging File | 3.99 Gb Available in Paging File | 80.40% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.24 Gb Total Space | 406.65 Gb Free Space | 87.97% Space Free | Partition Type: NTFS
Drive E: | 74.53 Gb Total Space | 48.17 Gb Free Space | 64.63% Space Free | Partition Type: NTFS
Computer Name: ZTDESKTOP | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/02/03 09:43:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roman\Desktop\OTL.exe
PRC - [2013/01/20 14:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Roman\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/12/26 10:09:06 | 000,171,976 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2012/12/26 10:05:32 | 000,168,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2012/12/26 10:03:22 | 000,203,400 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes\mbamscheduler.exe
PRC - [2012/12/14 04:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/12/02 10:07:55 | 000,086,216 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
PRC - [2012/10/31 19:38:02 | 000,519,584 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\SmartPrint\BootStrap.exe
PRC - [2012/10/17 04:05:54 | 001,837,672 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
PRC - [2012/10/17 04:05:10 | 000,673,384 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
PRC - [2012/10/17 04:02:20 | 000,790,120 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
PRC - [2012/09/12 12:21:04 | 001,278,648 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2012/08/14 13:58:58 | 000,646,800 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2012/02/10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
PRC - [2011/11/03 10:21:00 | 001,787,752 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PDF Professional 7\PdfPro7Hook.exe
PRC - [2011/09/26 12:27:08 | 000,024,216 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\Info Center\InfoCenter.exe
PRC - [2011/08/12 12:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/06/05 20:41:34 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2010/06/16 16:42:58 | 000,839,680 | ---- | M] () -- C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
PRC - [2009/04/07 13:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files\dcmsvc\dcmsvc.exe
PRC - [2008/04/14 11:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013/01/09 03:16:54 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll
MOD - [2013/01/09 03:16:43 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013/01/09 03:15:46 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013/01/09 03:15:36 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2012/08/02 18:15:02 | 001,542,720 | ---- | M] () -- C:\Program Files\WOT\WOT.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/08/12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/08/12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/08/12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/08/12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/04/11 14:40:24 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\corelcreatorpm.dll
MOD - [2010/06/16 16:42:58 | 000,839,680 | ---- | M] () -- C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
MOD - [2009/04/07 13:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files\dcmsvc\dcmsvc.exe
MOD - [2001/12/20 15:21:10 | 000,024,576 | ---- | M] () -- C:\Program Files\WS_FTP Pro\nsftpch.dll
MOD - [2001/10/11 16:34:50 | 000,077,824 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\system32\CorelCreatorMessages.exe -- (CorelCreatorMessages)
SRV - [2013/01/27 15:07:22 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/08 21:54:28 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/26 10:09:06 | 000,171,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2012/12/26 10:05:32 | 000,168,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/12/26 10:03:22 | 000,203,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/14 04:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/12/02 10:07:55 | 000,086,216 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2012/11/26 09:09:22 | 001,225,312 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/11/26 09:09:20 | 000,659,040 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/11/16 21:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/11/09 12:21:16 | 000,160,944 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/23 09:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012/08/31 13:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/02/10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/01/18 04:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/09/09 01:13:50 | 000,135,016 | ---- | M] (Nuance Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Nuance\PDF Professional 7\PDFProFiltSrv.exe -- (PDFProFiltSrv)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/06/05 19:12:44 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/06/25 12:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\Roman\Desktop\Run\a2ddax86.sys -- (A2DDA)
DRV - [2012/12/26 10:12:06 | 000,060,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2012/12/26 10:08:44 | 000,091,200 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2012/12/26 10:07:54 | 000,092,192 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/12/26 10:06:54 | 000,565,416 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/12/26 10:06:04 | 000,084,464 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2012/12/26 10:06:04 | 000,084,464 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2012/12/26 10:05:52 | 000,362,640 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/12/26 10:05:22 | 000,065,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/12/26 10:05:02 | 000,234,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/12/26 10:04:34 | 000,132,976 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/09/21 15:09:06 | 004,261,224 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/09/21 15:09:00 | 000,310,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2012/04/20 16:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/06/25 12:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/11/09 12:12:42 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2009/10/07 03:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/07/01 10:53:34 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2009/07/01 10:53:30 | 000,066,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009/03/25 13:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/05/21 08:48:04 | 000,277,376 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008/02/14 13:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2004/08/12 10:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001/09/07 09:57:00 | 000,584,336 | R--- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hsf_cnxt.sys -- (winachsf)
DRV - [2001/09/07 09:57:00 | 000,534,125 | R--- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v124nt.sys -- (V124)
DRV - [2001/09/07 09:57:00 | 000,426,783 | R--- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\k56nt.sys -- (K56)
DRV - [2001/09/07 09:57:00 | 000,310,899 | R--- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fallback.sys -- (Fallback)
DRV - [2001/09/07 09:57:00 | 000,217,019 | R--- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\faxnt.sys -- (SoftFax)
DRV - [2001/09/07 09:57:00 | 000,127,405 | R--- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fsksnt.sys -- (Fsks)
DRV - [2001/09/07 09:57:00 | 000,080,449 | R--- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\spkpnt.sys -- (SpeakerPhone)
DRV - [2001/09/07 09:57:00 | 000,077,426 | R--- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\basic2.sys -- (basic2)
DRV - [2001/09/07 09:57:00 | 000,067,654 | R--- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rksample.sys -- (Rksample)
DRV - [2001/09/07 09:57:00 | 000,056,607 | R--- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tonesnt.sys -- (Tones)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{5496894E-FE95-4A30-9F1A-944E9259673D}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{A0038F32-F1DB-4E89-B3C6-BDCFBB83AEEC}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\..\SearchScopes\{D730CC2D-E51A-451C-BD7B-F3D5D2B6FBC5}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: xvmaiknmln%40xvmaiknmln.org:2.5
FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
FF - prefs.js..extensions.enabledAddons: %7BD19CA586-DD6C-4a0a-96F8-14644F340D60%7D:15.1.0
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013/01/31 17:31:23 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@ascendo-inc/DataVault;version=1: C:\Program Files\DataVault\npapi.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Documents and Settings\Roman\Local Settings\Application Data\DIRECTV Player\npPCShowPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Documents and Settings\Roman\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Documents and Settings\Roman\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1650a312-02bc-40ee-977e-83f158701739}: C:\Program Files\SiteAdvisor\FF1
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/12/15 09:44:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2012/12/02 09:58:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2013/02/03 09:43:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/27 15:07:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/11/05 11:57:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roman\Application Data\Mozilla\Extensions
[2013/01/27 15:04:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roman\Application Data\Mozilla\Firefox\Profiles\43597dhz.default\Extensions
[2006/02/28 07:00:00 | 000,004,815 | ---- | M] () (No name found) -- C:\Documents and Settings\Roman\Application Data\Mozilla\Firefox\Profiles\43597dhz.default\Extensions\[email protected]
[2013/01/27 15:04:36 | 000,007,532 | ---- | M] () (No name found) -- C:\Documents and Settings\Roman\Application Data\Mozilla\Firefox\Profiles\43597dhz.default\Extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
[2013/01/27 15:07:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/27 15:07:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/02/03 09:43:13 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/12/15 09:44:50 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2013/01/27 15:07:23 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/25 07:28:43 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/05 11:58:17 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/11/25 07:28:43 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Documents and Settings\Roman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: NDS PCShow Plugin (Enabled) = C:\Documents and Settings\Roman\Local Settings\Application Data\DIRECTV Player\npPCShowPlugin.dll
CHR - plugin: PCShow Player Plugin (Enabled) = C:\Documents and Settings\Roman\Local Settings\Application Data\DIRECTV Player\npPlayerPlugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: McAfee Virtual Technician (Enabled) = C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - Extension: YouTube = C:\Documents and Settings\Roman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Documents and Settings\Roman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: SiteAdvisor = C:\Documents and Settings\Roman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: SiteAdvisor = C:\Documents and Settings\Roman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: Gmail = C:\Documents and Settings\Roman\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012/12/28 16:16:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Smart Print BHO) - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll (Hewlett-Packard)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Professional 7\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (WsftpBrowserHelper Class) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 7\bin\ZeonIEFavClient.dll (Zeon Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DocuCom PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 7\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [dcmsvc] C:\Program Files\dcmsvc\dcmsvc.exe ()
O4 - HKLM..\Run: [Info Center] C:\Program Files\PCPitstop\Info Center\InfoCenter.exe (PC Pitstop LLC)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [PDF7 Registry Controller] C:\Program Files\Nuance\PDF Professional 7\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFProHook] C:\Program Files\Nuance\PDF Professional 7\PdfPro7Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKCU..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [OpenDNS Updater] C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe ()
O4 - Startup: C:\Documents and Settings\Roman\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Roman\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Open with Nuance PDF Converter 7 - C:\Program Files\Nuance\PDF Professional 7\cnvres_eng.dll (Nuance Communications, Inc.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\HPQuickPrintLauncher.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\HPQuickPrintLauncher.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O15 - HKCU\..Trusted Domains: xmradio.com ([xmro] http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {57AF0810-BDA7-47A5-B02D-FDA1073C04B0} https://www.mydlink....eX//TunnelX.ocx (TunnelX Control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...pdetect119b.cab (GMNRev Class)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.we...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53371D86-939F-42EB-8692-365423C01C6D}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\Documents and Settings\Roman\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Roman\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/05 20:08:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/02/03 09:43:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Roman\Desktop\OTL.exe
[2013/02/03 09:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2013/02/03 09:27:08 | 000,000,000 | ---D | C] -- C:\_OTM
[2013/01/27 15:07:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/27 05:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\AzTools
[2013/01/26 17:17:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\My Documents\Geek U Training
[2013/01/26 15:07:03 | 000,000,000 | ---D | C] -- C:\Malware
[2013/01/26 14:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\My Documents\KeyNote NF
[2013/01/26 14:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/01/26 14:14:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
[2013/01/26 11:01:47 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
[2013/01/26 11:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Application Data\mIRC
[2013/01/26 11:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\mIRC
[2013/01/23 19:48:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/01/14 18:04:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2013/01/09 06:05:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roman\Local Settings\Application Data\PCHealth
[2013/01/04 19:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2009/08/20 17:59:23 | 003,902,784 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\Roman\gosetup.exe
[2009/05/18 18:24:08 | 000,726,008 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\Roman\gotomypc_438.exe
========== Files - Modified Within 30 Days ==========
[2013/02/03 09:52:28 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/02/03 09:48:00 | 000,000,490 | ---- | M] () -- C:\WINDOWS\tasks\HP Photo Creations Communicator.job
[2013/02/03 09:43:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Roman\Desktop\OTL.exe
[2013/02/03 09:35:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/03 09:34:58 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2013/02/03 08:54:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/02 23:00:18 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{BDE7133C-82B2-4BF4-85C5-B5D91B4A4BA3}.job
[2013/02/02 17:10:13 | 000,001,659 | ---- | M] () -- C:\Documents and Settings\Roman\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
[2013/02/02 13:25:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2013/02/02 12:43:58 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/02 12:21:44 | 000,001,005 | ---- | M] () -- C:\WINDOWS\wsftppro.INI
[2013/02/01 07:28:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/01/31 19:06:06 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\Roman\Desktop\Jan 2013 ARES Rpt.lnk
[2013/01/28 17:54:19 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\Roman\Desktop\Microsoft Word 2010.lnk
[2013/01/27 05:14:26 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Blueline.lnk
[2013/01/26 12:58:31 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\Roman\Start Menu\Programs\Startup\Dropbox.lnk
[2013/01/26 12:58:16 | 000,001,008 | ---- | M] () -- C:\Documents and Settings\Roman\Desktop\Dropbox.lnk
[2013/01/26 11:01:47 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\mIRC.lnk
[2013/01/19 12:18:01 | 000,002,443 | ---- | M] () -- C:\Documents and Settings\Roman\Desktop\Microsoft Publisher 2003.lnk
[2013/01/09 03:15:08 | 000,506,244 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/09 03:15:08 | 000,088,142 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/09 03:04:46 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/05 07:50:52 | 000,060,052 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2013/01/04 19:59:52 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\Roman\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013/01/04 19:49:39 | 000,281,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/04 18:19:02 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Roman\Desktop\Shortcut to SCANPST.EXE.lnk
========== Files Created - No Company Name ==========
[2013/01/27 05:14:26 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Blueline.lnk
[2013/01/26 11:01:47 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\mIRC.lnk
[2013/01/04 18:19:02 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Roman\Desktop\Shortcut to SCANPST.EXE.lnk
[2012/12/31 18:06:32 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Roman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/28 16:13:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/10/28 15:20:30 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini
[2012/02/16 19:57:26 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/30 06:29:00 | 002,473,151 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1687530015-1697978249-4202760790-1004-0.dat
[2012/01/30 06:28:56 | 000,297,042 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/12/25 07:55:52 | 000,000,681 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/17 11:48:59 | 000,002,560 | ---- | C] () -- C:\Documents and Settings\Roman\repl.dat
[2011/12/16 08:09:43 | 000,002,560 | ---- | C] () -- C:\WINDOWS\repl.dat
[2011/09/29 17:20:07 | 000,000,656 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2011/09/29 17:19:02 | 000,068,951 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2011/09/29 17:19:02 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat.temp
[2011/08/19 04:26:20 | 010,919,784 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2011/08/19 04:26:20 | 000,338,136 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2011/08/19 04:26:20 | 000,103,272 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011/06/27 21:34:03 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011/05/04 21:13:28 | 000,021,907 | ---- | C] () -- C:\Documents and Settings\Roman\Application Data\Microsoft Excel.ADR
[2011/04/11 14:40:24 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\corelcreatorpm.dll
[2011/03/05 19:25:48 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/02/27 07:38:36 | 000,001,128 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2011/02/18 22:02:48 | 000,060,052 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/10/21 16:49:27 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Roman\Local Settings\Application Data\fusioncache.dat
[2010/03/02 19:57:59 | 000,003,998 | ---- | C] () -- C:\Documents and Settings\Roman\Application Data\SAS7_000.DAT
[2009/07/17 12:55:36 | 000,300,848 | ---- | C] ( ) -- C:\Documents and Settings\All Users\dcmsvcsetup.exe
[2008/11/22 10:38:36 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\Roman\default.pls
[2008/11/06 20:15:14 | 000,023,139 | ---- | C] () -- C:\Documents and Settings\Roman\Application Data\Comma Separated Values (Windows).ADR
========== ZeroAccess Check ==========
[2008/10/31 20:23:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 11:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 11:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/12/19 08:23:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011/07/15 18:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2009/05/27 18:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2012/06/17 07:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/09/26 07:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2011/12/30 11:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2013/02/03 09:37:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2012/01/21 06:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstopDat
[2011/12/30 11:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2012/12/02 10:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2010/09/26 07:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\White Sky, Inc
[2011/12/30 11:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon
[2011/02/12 07:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/11/25 09:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Amazon
[2011/03/08 20:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Ascendo
[2011/12/25 07:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\AuctionSentry
[2009/12/07 18:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2013/02/03 09:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Dropbox
[2012/05/08 20:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\DTV
[2010/12/27 07:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\GetRightToGo
[2010/10/30 19:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\ID Vault
[2008/12/12 16:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\InterTrust
[2010/01/27 19:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Leadertech
[2011/02/22 06:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Nolo
[2011/12/30 11:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Nuance
[2012/12/29 18:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\OpenDNS Updater
[2008/11/22 06:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Quicken WillMaker
[2012/12/25 13:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\QuickScan
[2008/09/05 20:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\SampleView
[2012/12/23 17:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\TeamViewer
[2010/04/11 06:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Uniblue
[2012/12/02 10:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Visan
[2012/11/09 15:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\webex
[2011/07/17 18:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Windows Desktop Search
[2011/07/17 18:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Windows Search
[2012/11/27 18:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Wireshark
[2011/12/30 11:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Roman\Application Data\Zeon
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 239 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0574215C
@Alternate Data Stream - 235 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0FF263E8
< End of report >
OTL Extras logfile created on: 2/3/2013 9:44:41 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Roman\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.12 Gb Total Physical Memory | 2.12 Gb Available Physical Memory | 67.97% Memory free
4.97 Gb Paging File | 3.99 Gb Available in Paging File | 80.40% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 462.24 Gb Total Space | 406.65 Gb Free Space | 87.97% Space Free | Partition Type: NTFS
Drive E: | 74.53 Gb Total Space | 48.17 Gb Free Space | 64.63% Space Free | Partition Type: NTFS
Computer Name: ZTDESKTOP | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:HP Digital Imaging Monitor -- (Hewlett-Packard Co.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Documents and Settings\Roman\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Roman\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update v4 Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
"C:\Program Files\HP\HP Officejet Pro 8600\Bin\FaxApplications.exe" = C:\Program Files\HP\HP Officejet Pro 8600\Bin\FaxApplications.exe:LocalSubNet:Enabled:HP Officejet Pro 8600 FaxApplications -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Officejet Pro 8600\Bin\DigitalWizards.exe" = C:\Program Files\HP\HP Officejet Pro 8600\Bin\DigitalWizards.exe:LocalSubNet:Enabled:HP Officejet Pro 8600 DigitalWizards -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Officejet Pro 8600\Bin\SendAFax.exe" = C:\Program Files\HP\HP Officejet Pro 8600\Bin\SendAFax.exe:LocalSubNet:Enabled:HP Officejet Pro 8600 SendFaxAppExe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe" = C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup (HP Officejet Pro 8600) -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe" = C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator (HP Officejet Pro 8600) -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe" = C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:HP Network Communicator COM (HP Officejet Pro 8600) -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{0E6EC2D7-5C9B-28B7-C848-171EDACB9625}" = Warner Bros. Digital Copy Manager
"{0F2F77E4-4053-4108-B153-81F0B42EDCF4}" = WebIQ Technology Engine
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{27711CB0-26B3-4D99-88A9-4E4D60C34850}" = Family Tree Maker 2009
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{39003340-EAA2-012B-ADCD-000000000000}" = TurboTax 2009 wkyiper
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{413CEBC4-ABA1-4AC4-ADFB-69FA195F09AB}" = 7300_Help
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{46235FF7-2CBE-4A84-BEDA-87348D1F7850}" = HP Officejet Pro 8600 Help
"{46CB5C9E-BE06-42B6-8B59-C037B8E93889}" = NetObjects Fusion 12.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5A427F-BA39-4BF0-9999-9A47FBE60C9F}" = Visual C++ 9.0 Runtime for Dragon NaturallySpeaking
"{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{4F38594F-2C4A-4C42-B2C4-505E225F6F80}" = HP Product Detection
"{4FE224A2-C56D-4289-AE73-F7267BA0C9F6}" = NetObjects Fusion 12.0
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{5F3783B7-F809-45A7-8A92-A44B441FDA7C}" = DIRECTV Player
"{5FE545A1-D215-4216-9189-E7B39C9D1CC1}" = Quicken 2011
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6438EBAC-5305-39A5-A93E-88CDFA6CE947}" = Google Chrome
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{654977DB-0001-0002-0001-EABD228DDE8B}" = Microsoft Download Manager
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{669B49D6-BCA8-4F7C-9248-CE5677750285}" = HP Officejet Pro 8600 Product Improvement Study
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6F9C25B0-6ABF-4FB0-8793-176487F963EE}" = Nuance PDF Converter Professional 7
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7752CBAC-3B2D-43c0-98CA-A1A16CCF7E3C}" = HP Smart Print 1.1.5.2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89EAD745-088B-4160-B964-42C4D4D273AD}" = Family Tree Maker 2010
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8EAB4100-B343-41AE-A880-418746998209}" = HP Officejet Pro 8600 Basic Device Software
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies
"{91E30409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC57E3F-0478-4005-98D3-4C6850C5A6E7}" = TurboTax 2011 wkyiper
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9EF5B77F-703E-4953-9DA9-186E28A62568}" = 7300Trb
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.01)
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = TEG-PCITXR 32bit Gigabit PCI Adatper
"{ADBFF96D-EE54-46EA-A835-899955CDCFD8}" = 7300
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}" = HP Officejet Pro 8600 Help
"{B762B2A5-883B-454B-A586-1DF6C4528262}" = MX-950 Editor
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BDE1289F-4025-41A5-AD17-101DB4D82CA7}" = TRS2004
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3334366-BCED-4D4B-A266-23E3414FC29D}" = NetObjects Fusion 10.0
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0EE2F91-CC20-426F-A4D5-7FFE54E55015}" = TurboTax 2010 wkyiper
"{D1CDE21A-E27A-48CE-8831-3E33E793222E}" = NetObjects Fusion 12.0
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DCAEC601-735C-41AE-B84F-D792F09FB7D1}" = WOT for Internet Explorer
"{DE6ABE61-EF3B-4E56-87CF-460E8F57B46E}" = Auction Sentry
"{E3436EE2-D5CB-4249-840B-3A0140CC34C1}" = PhoneTools
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA5B4DB8-BF9A-4E23-B7FB-0A387A3A0E8F}" = Free JavaScript Editor 4.7
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}" = Dragon NaturallySpeaking 11
"{F03D7004-F232-4B7A-A4A0-4B8FC118C4BD}" = Trainz
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"384C2C6074E8C219998710CE8D95B252A3A0CBAE" = Windows Driver Package - NVIDIA (nv) Display (10/16/2010 6.14.12.6099)
"4E55C63BFCAACCF944B3AA49E7999CA9BAFFE208" = Windows Driver Package - NVIDIA (nv) Display (05/15/2012 6.14.13.0142)
"5A3659A1699DAACF9BD615CB9AADA1F1BF3AE327" = Windows Driver Package - NVIDIA (nv) Display (06/07/2010 6.14.12.5721)
"6B499777B71FB5ACC52946DD82ECB4D02826D410" = Windows Driver Package - NVIDIA (nv) Display (02/29/2012 6.14.12.9610)
"7-Zip" = 7-Zip 9.22beta
"86A6EABF7537A8DD39CE93DF122356CA3E99E579" = Windows Driver Package - NVIDIA (nv) Display (08/03/2011 6.14.12.8026)
"8CE3EF3AF6188C2679CF2148F39931549AA983A1" = Windows Driver Package - Logitech (LVUVC) Image (09/21/2012 13.51.823.0)
"971D4E9C5CED6477B8F2A6B10A77BA64785DC7B6" = Windows Driver Package - Logitech USB (01/17/2012 13.31.1044.0)
"A00DACBCF80381024878EBEE918DADEFF532AC10" = Windows Driver Package - NVIDIA (nv) Display (02/09/2012 6.14.12.9573)
"A261B7217DB17A0B0C1499769911A4C2763B50AC" = Windows Driver Package - Logitech (lvrs) MEDIA (01/17/2012 13.31.1044.0)
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AF5EBAB19E0AC92AFFCF6BB01BC6113C68246F96" = Windows Driver Package - NVIDIA (nv) Display (04/07/2011 6.14.12.7061)
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"BB85278BE9A24627B9133B324B11AE8AAED9B52B" = Windows Driver Package - NVIDIA (nv) Display (09/23/2012 6.14.13.0681)
"Blueline_is1" = Blueline 1.1.1
"CDE5ADE5BBAD3E7B3EDC2254E9B4AA5699C49243" = Windows Driver Package - NVIDIA (nv) Display (10/07/2011 6.14.12.8558)
"CLRPassword Tracker" = Password Tracker Deluxe 3.62
"CNXT_MODEM_PCI_VEN_14F1&DEV_2016&SUBSYS_021913E0" = Conexant HSF V92 56K RTAD Speakerphone PCI Modem
"com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1" = Warner Bros. Digital Copy Manager
"D6FC380758CCD46F9200CAD66C4A7C041CBDC50E" = Windows Driver Package - NVIDIA (nv) Display (07/09/2010 6.14.12.5896)
"dcmsvc_is1" = dcmsvc 1.0
"DEF5BD9CE83771293DCFAEA94AC5FADFD235B2ED" = Windows Driver Package - NVIDIA (nv) Display (03/15/2010 6.14.11.9713)
"Disney Dreams" = Disney Dreams Screen Saver
"Disney Epic Mickey: Prima Official eGuide" = Disney Epic Mickey: Prima Official eGuide
"E9CAC95DEDD5D81AF01EF321643F69919AB4CBB0" = Windows Driver Package - Logitech (LVUVC) Image (01/17/2012 13.31.1044.0)
"ED32DE45B100947E631306FC4BC656D5E8212C18" = Windows Driver Package - NVIDIA (nv) Display (05/20/2011 6.14.12.7533)
"ERUNT_is1" = ERUNT 1.1j
"F4BBA3D2672296BC5BDBB7527330AD1C077B1C8C" = Windows Driver Package - Logitech (lvrs) MEDIA (09/21/2012 13.51.823.0)
"Family Tree Maker 2009" = Family Tree Maker 2009
"Family Tree Maker 2010" = Family Tree Maker 2010
"FC9E8D6BEED299828396FA9693664A5B08161EBA" = Windows Driver Package - NVIDIA (nv) Display (01/07/2011 6.14.12.6658)
"Google Updater" = Google Updater
"HP Photo & Imaging" = HP Image Zone 4.7
"HP Photo Creations" = HP Photo Creations
"ie8" = Windows Internet Explorer 8
"Info Center_is1" = Info Center 1.0.0.7
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"McAfee Virtual Technician" = McAfee Virtual Technician
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"mIRC" = mIRC
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"OpenDNS Updater" = OpenDNS Updater 2.2.1
"Paint Shop Pro 6" = Paint Shop Pro 6.02 CD
"Password Safe" = Password Safe
"PC Matic_is1" = PC Matic 1.1.0.44
"PrintMaster Premier 4.00" = PrintMaster Premier 4.00
"Quicken WillMaker Plus 2011" = Quicken WillMaker Plus 2011
"Secunia PSI" = Secunia PSI (3.0.0.6001)
"SyncBack_is1" = SyncBack
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 8" = TeamViewer 8
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"TurboTax 2011" = TurboTax 2011
"Windows CE Services" = Microsoft ActiveSync 3.7
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinZip" = WinZip
"Wireshark" = Wireshark 1.8.4 (32-bit)
"WS_FTP Pro" = Ipswitch WS_FTP Pro
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1/27/2013 9:43:58 PM | Computer Name = ZTDESKTOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 1/27/2013 9:43:58 PM | Computer Name = ZTDESKTOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 1/27/2013 9:43:58 PM | Computer Name = ZTDESKTOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 1/27/2013 9:43:58 PM | Computer Name = ZTDESKTOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 1/30/2013 6:19:06 PM | Computer Name = ZTDESKTOP | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2324 (0x914) Thread address : 0x7C90E514 Thread message : Build VSCORE.15.1.0.513
/ 5500.1093 Object being scanned = \Device\HarddiskVolume2\WINDOWS\system32\rasapi32.dll
by C:\Program Files\Malwarebytes\mbamservice.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0)
7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 2/2/2013 6:05:28 PM | Computer Name = ZTDESKTOP | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 2/2/2013 6:07:49 PM | Computer Name = ZTDESKTOP | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 2/2/2013 6:07:54 PM | Computer Name = ZTDESKTOP | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
Error - 2/3/2013 10:39:50 AM | Computer Name = ZTDESKTOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
Error - 2/3/2013 10:39:50 AM | Computer Name = ZTDESKTOP | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\MCAFEE\MCAFEE
SECURITYCENTER.LNK> in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: A device attached to the system is not functioning. (0x8007001f)
[ System Events ]
Error - 1/30/2013 6:19:17 PM | Computer Name = ZTDESKTOP | Source = Service Control Manager | ID = 7022
Description = The McAfee Proxy Service service hung on starting.
Error - 1/30/2013 6:19:33 PM | Computer Name = ZTDESKTOP | Source = Service Control Manager | ID = 7031
Description = The McAfee McShield service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.
Error - 1/30/2013 6:22:03 PM | Computer Name = ZTDESKTOP | Source = DCOM | ID = 10010
Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register
with DCOM within the required timeout.
Error - 1/31/2013 6:32:07 PM | Computer Name = ZTDESKTOP | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NVSvc service.
Error - 1/31/2013 6:34:01 PM | Computer Name = ZTDESKTOP | Source = DCOM | ID = 10010
Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register
with DCOM within the required timeout.
Error - 2/2/2013 1:46:30 PM | Computer Name = ZTDESKTOP | Source = DCOM | ID = 10010
Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register
with DCOM within the required timeout.
Error - 2/3/2013 10:27:09 AM | Computer Name = ZTDESKTOP | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 2/3/2013 10:27:09 AM | Computer Name = ZTDESKTOP | Source = Service Control Manager | ID = 7034
Description = The MBAMScheduler service terminated unexpectedly. It has done this
1 time(s).
Error - 2/3/2013 10:27:09 AM | Computer Name = ZTDESKTOP | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 2/3/2013 10:27:09 AM | Computer Name = ZTDESKTOP | Source = Service Control Manager | ID = 7034
Description = The MBAMService service terminated unexpectedly. It has done this
1 time(s).
< End of report >