This topic is locked
This morning, I received the Win32.Fareit!IK (Ikarus) infection on my PC (Win XP SP3). I got a white screen that took over my whole screen. It acted very similar to the FBI Ramsome infection I got a few months ago. With both this current infection and with the FBI ramsome infection, I was able to gain control over my system by using HitmanPro by Surfrite.
However, I am unable now to startup my system in Safe mode leading me to believe that perhaps I am still suffering from this infection or I have another infection on my system.
I would appreciate if someone would help me get to the bottom of this.
Here is my OTL log...
=================================
OTL logfile created on: 5/6/2013 4:43:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 72.83% Memory free
4.84 Gb Paging File | 4.25 Gb Available in Paging File | 87.86% Paging File free
Paging file location(s): C:\pagefile.sys 2046 7000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.75 Gb Total Space | 25.59 Gb Free Space | 10.99% Space Free | Partition Type: NTFS
Drive D: | 3.90 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 3.69 Gb Total Space | 3.67 Gb Free Space | 99.50% Space Free | Partition Type: FAT32
Computer Name: VOSTRO420 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/05/06 16:43:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
PRC - [2013/01/31 23:43:16 | 000,389,168 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2009/04/10 16:38:53 | 000,160,592 | ---- | M] (Siber Systems) -- C:\Program Files\RoboForm\robotaskbaricon.exe
PRC - [2009/03/25 23:25:54 | 000,773,632 | ---- | M] () -- C:\Program Files\RegCleaner\RegCleanr.exe
PRC - [2008/07/20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013/01/31 23:43:19 | 002,242,096 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2013/01/31 23:43:18 | 000,158,256 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013/01/31 23:43:18 | 000,022,576 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2013/01/11 04:17:32 | 000,105,984 | ---- | M] () -- C:\Program Files\Free Download Manager\fdmumsp.dll
MOD - [2010/07/04 17:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/03/21 14:19:50 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla\fzshellext.dll
MOD - [2009/03/25 23:25:54 | 000,773,632 | ---- | M] () -- C:\Program Files\RegCleaner\RegCleanr.exe
MOD - [2007/09/20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007/07/23 16:04:46 | 000,068,080 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\dlaapi_w.dll
========== Services (SafeList) ==========
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/16 16:10:51 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/30 21:01:00 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/11/01 09:08:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2011/11/01 09:07:39 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/09/26 10:05:32 | 008,158,720 | ---- | M] () [On_Demand | Stopped] -- c:\Program Files\WAMPServer\bin\mysql\mysql5.5.16\bin\mysqld.exe -- (wampmysqld)
SRV - [2011/09/26 09:50:40 | 000,018,432 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\Program Files\WAMPServer\bin\apache\Apache2.2.21\bin\httpd.exe -- (wampapache)
SRV - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008/07/20 18:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\Drivers\neokdss.sys -- (neokdss)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011/11/01 09:07:42 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/09/17 16:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/09/17 16:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/07/06 04:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/07/04 15:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/02/22 03:44:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/03/25 06:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/08/18 19:03:28 | 000,079,960 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008/08/18 18:20:06 | 004,752,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/07/21 17:09:12 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008/07/21 17:09:02 | 003,007,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/04/13 23:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2007/12/03 12:13:48 | 000,011,264 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\diag69xp.sys -- (Diag69xp)
DRV - [2007/11/20 02:14:08 | 000,016,640 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS -- (RTLVLAN)
DRV - [2007/11/20 02:04:50 | 000,008,960 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LANPkt.sys -- (LANPkt)
DRV - [2007/07/23 16:05:20 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007/07/23 16:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007/07/23 16:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007/07/23 16:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007/07/23 16:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007/07/23 16:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007/07/23 16:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007/07/23 16:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007/07/23 15:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/07/23 15:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/09/09 04:12:58 | 000,101,632 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cxfalcon.sys -- (CXFALCON)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/?pc=AVBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=AVBR
IE - HKCU\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=AVB3DF&pc=AVBR
IE - HKCU\..\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{B7B664DF-3AF9-4C8E-8148-F42BB7831D27}: "URL" = http://www.ask.com/w...q={searchTerms}
IE - HKCU\..\SearchScopes\{BD8C95ED-9080-4F58-9423-80C0C3B0DA87}: "URL" = http://www.ant.com/s...q={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....=utf-8&fr=b2ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledAddons: fdm_ffext%40freedownloadmanager.org:1.5.7.9
FF - prefs.js..extensions.enabledAddons: firebug%40software.joehewitt.com:1.8.3
FF - prefs.js..extensions.enabledAddons: gamescenter%40gamescenter.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.100
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VLC Player\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\RoboForm\Firefox [2009/04/10 16:40:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/14 21:09:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\GamesCenter\GamesCenter.xpi [2013/02/13 20:11:54 | 000,037,470 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Firefox\components [2013/01/19 20:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Firefox\plugins [2012/10/22 16:51:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/31 23:43:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013/01/31 23:43:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/14 21:09:41 | 000,000,000 | ---D | M]
[2010/09/02 18:49:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2010/09/02 18:49:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/02/07 01:02:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions
[2009/03/21 22:23:50 | 000,000,000 | ---D | M] (Screen grab!) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/03/21 22:23:50 | 000,000,000 | ---D | M] (Project Whois) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\{10841c30-a967-11da-a746-0800200c9a66}
[2009/12/15 20:10:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/03/21 22:23:50 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/03/21 22:23:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/03/21 22:23:49 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011/03/22 14:13:49 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/03/21 22:23:50 | 000,000,000 | ---D | M] ("Download Embedded") -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\[email protected]
[2011/11/14 19:20:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\nostmp
[2011/11/14 22:13:03 | 000,101,566 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\[email protected]
[2011/11/14 20:27:14 | 001,242,958 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\p1ygwk6x.default\extensions\[email protected]
[2013/01/15 19:32:23 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSIONS\1.5.7.9
[2013/02/13 20:11:54 | 000,037,470 | ---- | M] () (No name found) -- C:\PROGRAM FILES\GAMESCENTER\GAMESCENTER.XPI
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2012/07/20 00:24:25 | 000,442,810 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15237 more lines...
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O3 - HKLM\..\Toolbar: (ReGet Bar) - {17939A30-18E2-471E-9D3A-56DD725F1215} - C:\Program Files\ReGet Software\ReGet Deluxe\IEBar.dll (ReGet Software)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {71AAABE5-1F0F-11D7-BD6F-004854603DCE} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {871F91FD-3A92-4988-A842-16AB2CFF5AF1} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {981FE6A8-260C-4930-960F-C3BC82746CB0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ReGet Bar) - {17939A30-18E2-471E-9D3A-56DD725F1215} - C:\Program Files\ReGet Software\ReGet Deluxe\IEBar.dll (ReGet Software)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to AD Black List - Reg Error: Value error. File not found
O8 - Extra context menu item: Block All Images from the Same Server - Reg Error: Value error. File not found
O8 - Extra context menu item: Customize Menu - C:\Program Files\RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - C:\Program Files\Common Files\ReGet Shared\cc_link.htm ()
O8 - Extra context menu item: Download A&ll by ReGet Deluxe - C:\Program Files\Common Files\ReGet Shared\cc_all.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download web site with Free Download Manager - C:\Program Files\Free Download Manager\dlpage.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Google AdSense Preview Tool - http://pagead2.googl...en/preview.html File not found
O8 - Extra context menu item: Highlight - Reg Error: Value error. File not found
O8 - Extra context menu item: Lookup on Merriam Webster - Reg Error: Value error. File not found
O8 - Extra context menu item: Lookup on Wikipedia - Reg Error: Value error. File not found
O8 - Extra context menu item: Open All Links in This Page... - Reg Error: Value error. File not found
O8 - Extra context menu item: Open In New Avant Browser - Reg Error: Value error. File not found
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Search - Reg Error: Value error. File not found
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm File not found
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} http://www.seehere.c...cts/canvasx.cab (CanvasX Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1355941663546 (MUWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} http://www.retailgis...geUploader6.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: Garmin Communicator Plug-In Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F2A6403-7314-497B-A070-FD7C5D16EC66}: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {16664848-0E00-11D2-8059-000000000000} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/25 17:29:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/06 16:43:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2013/05/06 16:06:00 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2013/05/06 10:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\cau
[2013/04/14 16:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\2013-04-14
[2013/04/13 22:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\2013-04-13
[2013/04/13 16:24:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\A-PDF Restrictions Remover
[2013/04/13 16:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\A-PDF Restrictions Remover
[2013/04/13 16:24:09 | 001,644,626 | ---- | C] (A-PDF Solution ) -- C:\Documents and Settings\user\Desktop\a-pdf-rr.exe
========== Files - Modified Within 30 Days ==========
[2013/05/06 16:43:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
[2013/05/06 16:17:20 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/05/06 16:16:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/06 16:14:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/06 16:12:17 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3802978102-789454063-359933768-1005UA.job
[2013/05/06 16:07:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/06 16:07:18 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/06 16:07:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/06 16:07:12 | 3220,160,512 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/06 16:06:00 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2013/05/06 15:55:46 | 000,001,616 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk
[2013/05/06 15:43:48 | 000,085,102 | ---- | M] () -- C:\WINDOWS\gaweumi.aor
[2013/05/06 15:43:28 | 000,124,929 | ---- | M] () -- C:\WINDOWS\jozl.ksf
[2013/05/06 15:43:26 | 000,049,262 | ---- | M] () -- C:\WINDOWS\ghcltc.opo
[2013/05/06 15:43:21 | 000,059,419 | ---- | M] () -- C:\WINDOWS\fuctu.vfh
[2013/05/06 10:30:38 | 000,003,812 | ---- | M] () -- C:\WINDOWS\pcp.cem
[2013/05/06 10:30:26 | 000,260,935 | ---- | M] () -- C:\WINDOWS\bheq.xuj
[2013/05/06 10:29:35 | 000,218,360 | ---- | M] () -- C:\WINDOWS\jxfr.etn
[2013/05/06 07:12:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3802978102-789454063-359933768-1005Core.job
[2013/05/03 21:40:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/04/24 15:29:01 | 000,057,916 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Land Available.pdf
[2013/04/13 20:09:16 | 000,062,028 | ---- | M] () -- C:\Documents and Settings\user\Desktop\2012_Pennsylvania_Return.pdf
[2013/04/13 20:08:35 | 000,026,274 | ---- | M] () -- C:\Documents and Settings\user\Desktop\2012_Federal_Return.pdf
[2013/04/13 16:38:59 | 000,545,453 | ---- | M] () -- C:\Documents and Settings\user\Desktop\MOM 2012 PA Tax Return.pdf
[2013/04/13 16:33:03 | 000,520,335 | ---- | M] () -- C:\Documents and Settings\user\Desktop\2012_pa-40.pdf
[2013/04/13 16:25:44 | 000,019,017 | ---- | M] () -- C:\Documents and Settings\user\Desktop\2012_Federal_1040_NoRestriction.pdf
[2013/04/13 16:24:32 | 001,644,626 | ---- | M] (A-PDF Solution ) -- C:\Documents and Settings\user\Desktop\a-pdf-rr.exe
[2013/04/13 16:19:37 | 000,018,957 | ---- | M] () -- C:\Documents and Settings\user\Desktop\2012_Federal_1040.pdf
[2013/04/13 07:40:28 | 003,497,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/04/13 07:38:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/04/13 05:09:35 | 000,153,475 | ---- | M] () -- C:\Documents and Settings\user\Desktop\2011 EIT-Net Profits Individual Tax Return.pdf
[2013/04/13 05:03:39 | 000,138,644 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Crossmark higher pay for new hires.jpg
[2013/04/12 22:21:24 | 001,532,977 | ---- | M] () -- C:\Documents and Settings\user\Desktop\Available and Tax Free Properties For Sale.pdf
[2013/04/12 21:23:06 | 002,389,362 | ---- | M] () -- C:\Documents and Settings\user\Desktop\17th Street RA Properties.pdf
[2013/04/09 22:44:53 | 003,762,688 | ---- | M] () -- C:\Documents and Settings\user\Desktop\LTX1040_OperatorsManual_2013.pdf
========== Files Created - No Company Name ==========
[2013/05/06 15:43:46 | 000,085,102 | ---- | C] () -- C:\WINDOWS\gaweumi.aor
[2013/05/06 10:30:31 | 000,124,929 | ---- | C] () -- C:\WINDOWS\jozl.ksf
[2013/05/06 10:30:31 | 000,003,812 | ---- | C] () -- C:\WINDOWS\pcp.cem
[2013/05/06 10:30:26 | 000,260,935 | ---- | C] () -- C:\WINDOWS\bheq.xuj
[2013/05/06 10:29:35 | 000,218,360 | ---- | C] () -- C:\WINDOWS\jxfr.etn
[2013/05/06 10:29:35 | 000,049,262 | ---- | C] () -- C:\WINDOWS\ghcltc.opo
[2013/05/06 10:28:23 | 000,059,419 | ---- | C] () -- C:\WINDOWS\fuctu.vfh
[2013/04/24 15:29:01 | 000,057,916 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Land Available.pdf
[2013/04/13 20:09:16 | 000,062,028 | ---- | C] () -- C:\Documents and Settings\user\Desktop\2012_Pennsylvania_Return.pdf
[2013/04/13 20:08:35 | 000,026,274 | ---- | C] () -- C:\Documents and Settings\user\Desktop\2012_Federal_Return.pdf
[2013/04/13 16:38:59 | 000,545,453 | ---- | C] () -- C:\Documents and Settings\user\Desktop\MOM 2012 PA Tax Return.pdf
[2013/04/13 16:32:59 | 000,520,335 | ---- | C] () -- C:\Documents and Settings\user\Desktop\2012_pa-40.pdf
[2013/04/13 16:25:44 | 000,019,017 | ---- | C] () -- C:\Documents and Settings\user\Desktop\2012_Federal_1040_NoRestriction.pdf
[2013/04/13 16:19:37 | 000,018,957 | ---- | C] () -- C:\Documents and Settings\user\Desktop\2012_Federal_1040.pdf
[2013/04/13 05:09:35 | 000,153,475 | ---- | C] () -- C:\Documents and Settings\user\Desktop\2011 EIT-Net Profits Individual Tax Return.pdf
[2013/04/13 05:02:52 | 000,138,644 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Crossmark higher pay for new hires.jpg
[2013/04/12 22:21:19 | 001,532,977 | ---- | C] () -- C:\Documents and Settings\user\Desktop\Available and Tax Free Properties For Sale.pdf
[2013/04/12 21:20:13 | 002,389,362 | ---- | C] () -- C:\Documents and Settings\user\Desktop\17th Street RA Properties.pdf
[2013/04/09 22:44:53 | 003,762,688 | ---- | C] () -- C:\Documents and Settings\user\Desktop\LTX1040_OperatorsManual_2013.pdf
[2013/03/16 21:40:42 | 002,250,054 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1.bmp
[2013/03/16 21:40:25 | 000,350,795 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1.jpg
[2012/11/13 13:36:09 | 000,000,082 | ---- | C] () -- C:\WINDOWS\TmProxy.ini
[2012/11/13 13:36:09 | 000,000,082 | ---- | C] () -- C:\WINDOWS\TmPfw.ini
[2012/11/13 13:36:09 | 000,000,018 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2012/09/05 18:55:36 | 000,000,086 | ---- | C] () -- C:\WINDOWS\digiclock.INI
[2012/06/18 21:55:21 | 000,000,021 | ---- | C] () -- C:\WINDOWS\asfbin.ini
[2012/02/16 01:17:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/14 19:27:43 | 000,223,039 | ---- | C] () -- C:\WINDOWS\hpwins24.dat
[2011/09/14 19:27:43 | 000,001,758 | ---- | C] () -- C:\WINDOWS\hpwmdl24.dat
[2011/09/13 23:18:44 | 000,001,758 | ---- | C] () -- C:\WINDOWS\hpwmdl24.dat.temp
[2010/05/28 14:03:30 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Adobe GIF Format CS5 Prefs
[2010/05/28 12:14:09 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Adobe PNG Format CS5 Prefs
[2010/05/28 12:13:25 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2009/03/21 22:21:17 | 000,009,342 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft Excel.EML
[2009/03/21 22:21:17 | 000,009,342 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Comma Separated Values (Windows).EML
[2009/03/21 22:21:17 | 000,009,339 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Tab Separated Values (Windows).EML
[2009/03/21 22:21:17 | 000,009,336 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Tab Separated Values (DOS).EML
[2009/03/21 22:21:17 | 000,009,326 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft Access.EML
[2009/03/21 22:21:17 | 000,009,175 | ---- | C] () -- C:\Documents and Settings\user\Application Data\dBase.EML
[2009/03/21 22:21:16 | 000,009,338 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Comma Separated Values (DOS).EML
[2009/03/21 22:21:16 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\user\Application Data\.zreglib
[2009/03/21 21:14:12 | 000,153,600 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/21 21:14:12 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\fusioncache.dat
[2009/03/21 21:12:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\user\.gtk-bookmarks
========== ZeroAccess Check ==========
[2008/04/25 17:34:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/10/15 21:00:10 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011/10/22 11:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ant.com
[2009/03/22 21:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2013/05/06 15:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cau
[2011/10/17 09:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.4 Output
[2013/01/15 19:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Free Download Manager
[2010/08/24 08:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2009/08/11 07:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2011/11/09 22:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoodSync
[2013/03/17 06:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2011/11/05 09:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/05/28 08:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2009/04/10 16:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2009/03/22 15:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2012/04/07 19:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SnapStream
[2009/03/18 20:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/06/24 13:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2011/03/12 01:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/04 13:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/03/21 22:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ACD Systems
[2009/03/21 22:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AI Internet Solutions
[2012/03/23 23:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AntsSoft
[2013/01/19 00:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Audacity
[2009/03/21 22:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Avant Browser
[2011/11/03 21:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Avant Downloader
[2009/03/22 16:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Canon
[2009/03/21 22:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\CDBurnerXPP
[2012/01/27 15:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/03/21 22:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ComfortSoftware
[2009/03/21 22:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\COWON
[2010/12/22 00:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\DomainSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2009/03/21 22:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\EAST Technologies
[2012/10/30 21:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\eFax Messenger
[2012/11/20 20:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FileZilla
[2012/12/01 01:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\FixCleaner
[2011/11/19 03:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Foxit Software
[2013/05/06 10:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Free Download Manager
[2009/08/11 07:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GARMIN
[2009/03/26 00:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GetRightToGo
[2011/11/25 21:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\GoodSync
[2009/03/21 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ImageBadger
[2009/03/21 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ImgBurn
[2009/03/21 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\InfraRecorder
[2009/03/21 22:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\InterTrust
[2011/10/17 09:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\j2 Global
[2010/06/01 09:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\KompoZer
[2010/06/01 13:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\kompozer.net
[2009/03/25 00:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Locate32
[2010/10/22 21:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2009/03/21 22:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\mojosoft
[2012/11/27 18:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mp3tag
[2009/03/21 22:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\MSNInstaller
[2009/03/21 22:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Netscape
[2009/03/21 22:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\OfficeUpdate12
[2011/11/01 22:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\OpenOffice.org
[2009/03/21 22:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Opera
[2010/11/28 15:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ReGet Software
[2009/03/21 22:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ScanSoft
[2009/03/21 22:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Scooter Software
[2011/03/12 01:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SimfaticForms
[2009/03/21 22:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\SlySoft
[2009/03/21 22:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Snapfish
[2009/03/21 22:22:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Systweak
[2011/12/09 23:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\TechSmith
[2009/03/21 22:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Tenebril
[2010/06/06 14:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Thinstall
[2010/09/02 18:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Thunderbird
[2012/01/24 23:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\tinySpell
[2012/02/02 00:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\TypingMaster7
[2009/03/21 22:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Windows Desktop Search
[2009/03/21 22:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Windows Search
[2009/03/21 22:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Xanadu Tools
========== Purity Check ==========
< End of report >
=================================
OTL Extras logfile created on: 5/6/2013 4:43:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 72.83% Memory free
4.84 Gb Paging File | 4.25 Gb Available in Paging File | 87.86% Paging File free
Paging file location(s): C:\pagefile.sys 2046 7000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.75 Gb Total Space | 25.59 Gb Free Space | 10.99% Space Free | Partition Type: NTFS
Drive D: | 3.90 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive H: | 3.69 Gb Total Space | 3.67 Gb Free Space | 99.50% Space Free | Partition Type: FAT32
Computer Name: VOSTRO420 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC Player\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [locate] -- C:\Program Files\Locate32\Locate32.exe /p "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VLC Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"25735:TCP" = 25735:TCP:*:Enabled:BitComet 25735 TCP
"25735:UDP" = 25735:UDP:*:Enabled:BitComet 25735 UDP
"14735:TCP" = 14735:TCP:*:Enabled:BitComet 14735 TCP
"14735:UDP" = 14735:UDP:*:Enabled:BitComet 14735 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Documents and Settings\user\Local Settings\temp\7zS0074\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\user\Local Settings\temp\7zS0074\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Beyond TV\BTVRegistrationService.exe" = C:\Program Files\Beyond TV\BTVRegistrationService.exe:*:Enabled:Beyond TV Registration Service
"C:\Program Files\Beyond TV\BTVWebServiceProxy.exe" = C:\Program Files\Beyond TV\BTVWebServiceProxy.exe:*:Enabled:Beyond TV Web Service Proxy
"C:\Program Files\Beyond TV\BTVLibraryService.exe" = C:\Program Files\Beyond TV\BTVLibraryService.exe:*:Enabled:Beyond TV Library Service
"C:\Program Files\Beyond TV\BTVNetworkService.exe" = C:\Program Files\Beyond TV\BTVNetworkService.exe:*:Enabled:Beyond TV Network Service
"C:\Program Files\Beyond TV\BTVRecordingEngine.exe" = C:\Program Files\Beyond TV\BTVRecordingEngine.exe:*:Enabled:Beyond TV Recording Engine
"C:\Program Files\Beyond TV\BTVGuideDataLoader.exe" = C:\Program Files\Beyond TV\BTVGuideDataLoader.exe:*:Enabled:Beyond TV Guide Data Loader
"C:\Program Files\Beyond TV\BTVSettingsService.exe" = C:\Program Files\Beyond TV\BTVSettingsService.exe:*:Enabled:Beyond TV Settings Service
"C:\Program Files\Beyond TV\BTVTaskManagerService.exe" = C:\Program Files\Beyond TV\BTVTaskManagerService.exe:*:Enabled:Beyond TV Task Manager Service
"C:\Program Files\Beyond TV\BTVD3DShell.exe" = C:\Program Files\Beyond TV\BTVD3DShell.exe:*:Enabled:Beyond TV ViewScape
"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool -- (Microsoft Corporation)
"C:\Program Files\QuickBooks\QBDBMgrN.exe" = C:\Program Files\QuickBooks\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe
"C:\Program Files\Simfatic Forms\SimfaticForms.exe" = C:\Program Files\Simfatic Forms\SimfaticForms.exe:*:Enabled:Simfatic Forms -- (Simfatic Solutions)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Documents and Settings\user\Local Settings\temp\7zS0074\OJ6000vE609_Full_14\setup\hpznui01.exe" = C:\Documents and Settings\user\Local Settings\temp\7zS0074\OJ6000vE609_Full_14\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\WAMPServer\bin\apache\Apache2.2.21\bin\httpd.exe" = C:\Program Files\WAMPServer\bin\apache\Apache2.2.21\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\SnapStream Media\Beyond TV\BTVRegistrationService.exe" = C:\Program Files\SnapStream Media\Beyond TV\BTVRegistrationService.exe:*:Enabled:Beyond TV Registration Service -- (SnapStream Media)
"C:\Program Files\SnapStream Media\Beyond TV\BTVWebServiceProxy.exe" = C:\Program Files\SnapStream Media\Beyond TV\BTVWebServiceProxy.exe:*:Enabled:Beyond TV Web Service Proxy -- (SnapStream Media)
"C:\Program Files\SnapStream Media\Beyond TV\BTVLibraryService.exe" = C:\Program Files\SnapStream Media\Beyond TV\BTVLibraryService.exe:*:Enabled:Beyond TV Library Service -- (SnapStream Media)
"C:\Program Files\SnapStream Media\Beyond TV\BTVNetworkService.exe" = C:\Program Files\SnapStream Media\Beyond TV\BTVNetworkService.exe:*:Enabled:Beyond TV Network Service -- (SnapStream Media)
"C:\Program Files\SnapStream Media\Beyond TV\BTVRecordingEngine.exe" = C:\Program Files\SnapStream Media\Beyond TV\BTVRecordingEngine.exe:*:Enabled:Beyond TV Recording Engine -- (SnapStream Media)
"C:\Program Files\SnapStream Media\Beyond TV\BTVGuideDataLoader.exe" = C:\Program Files\SnapStream Media\Beyond TV\BTVGuideDataLoader.exe:*:Enabled:Beyond TV Guide Data Loader -- (SnapStream Media)
"C:\Program Files\SnapStream Media\Beyond TV\BTVSettingsService.exe" = C:\Program Files\SnapStream Media\Beyond TV\BTVSettingsService.exe:*:Enabled:Beyond TV Settings Service -- (SnapStream Media)
"C:\Program Files\SnapStream Media\Beyond TV\BTVTaskManagerService.exe" = C:\Program Files\SnapStream Media\Beyond TV\BTVTaskManagerService.exe:*:Enabled:Beyond TV Task Manager Service -- (SnapStream Media)
"C:\Program Files\SnapStream Media\Beyond TV\BTVD3DShell.exe" = C:\Program Files\SnapStream Media\Beyond TV\BTVD3DShell.exe:*:Enabled:Beyond TV ViewScape -- (SnapStream Media, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1a413f37-ed88-4fec-9666-997AF4905D9C}" = FLV.com FLV Converter 4.5.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3E7F5E50-6956-4446-87BF-F422A8736B7F}" = Secure Online Account Numbers
"{3EC62F67-DDFA-434C-9610-1FDF71B8F1D4}" = BPDSoftware_Ini
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10
"{523E0A14-7141-6BE8-3075-C02C57651519}" = Domain Samurai
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69B02159-7624-4DBB-B9EE-F933039830AD}" = QuickBooks Premier Edition 2006
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71CEED82-6D60-4DB7-A351-3564A87F7C96}" = 6000E609_eDocs
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7791308C-85FB-43B9-93F2-7DE9CB7D5C4A}" = HP Officejet 6000 E609 Series
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{87841AF8-C785-42FF-A76E-CC0F0C2816CC}" = ATI Catalyst Control Center
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{88253B77-33C9-4A9D-9E4C-4579E39D9158}" = Diagnostics Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{930B2432-43D4-11D5-9871-00C04F8EEB39}" = Macromedia Fireworks MX
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}" = Opera 9.64
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A45C5EC7-F13E-4414-99BE-47373935C0FE}" = Eraser 6.0.10.2620
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B047C9CE-1B9B-45A9-89A0-7E6F81C16FEF}" = Camtasia Studio 6
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C2E8B236-7554-45FE-92C0-94EF76E4D182}" = Garmin City Navigator North America NT 2010.20
"{C45EB9E5-7165-4FB0-8C31-77FC4743362F}" = Manual CanoScan LiDE 25
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C91B24F6-1629-11E2-B696-21676188709B}" = PDF Split And Merge Basic
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = Canon CanoScan Toolbox 4.9
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE7EB3D-FBD9-4c74-8156-082D055C0354}" = BPDSoftware
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}" = WinZip 11.2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6DEE87-1C87-42ED-A108-7369BFE9076F}" = 32 bit Windows Card Reader Driver
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF6DA606-904D-4C18-823F-A4CFC3035E53}" = eFax Messenger
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Plus VX
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E39CFEE2-008E-459A-ADFD-60852A445D48}_is1" = Pazera Free 3GP to AVI Converter 1.4
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{EAFC0CD9-FE4B-ED2D-84DD-C0DBA0229ED9}" = Market Samurai
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20A984B-9B30-4A9E-A3AC-918AF0D85A48}" = Snagit 9.1.1
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AI RoboForm" = AI RoboForm (All Users)
"A-PDF Restrictions Remover_is1" = A-PDF Restrictions Remover
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"AudibleManager" = AudibleManager
"Audio Record Wizard_is1" = Audio Record Wizard v3.97
"AvantBrowser" = Avant Browser (remove only)
"Beyond TV" = SnapStream Beyond TV 4.2.0 Express
"BlueVoda_Website_Builder_1.0" = BlueVoda Website Builder 11.71
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CleanUp!" = CleanUp!
"ColorPic" = ColorPic
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"Domain Name Analyzer v6_is1" = Domain Name Analyzer v6.010311
"DomainSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Domain Samurai
"eBook Edit Pro_is1" = eBook Edit Pro v3.34.06
"eCover Studio_is1" = eCover Studio v2.00.34.289
"FileZilla Client" = FileZilla Client 3.3.2.1
"Foxit Reader_is1" = Foxit Reader 5.1
"Free Download Manager_is1" = Free Download Manager 3.9.2
"GamesCenter" = GamesCenter
"HijackThis" = HijackThis 2.0.2
"HitmanPro37" = HitmanPro 3.7
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Incomedia WebSite X5 v8 - Evolution" = Incomedia WebSite X5 v8 - Evolution
"Locate" = Locate32
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"Mozilla Thunderbird 17.0.2 (x86 en-US)" = Mozilla Thunderbird 17.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.53
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PDF Editor 2" = PDF Editor 2
"PIXresizer_is1" = PIXresizer
"ReGet Add-On For HTTPS" = ReGet Add-On For HTTPS
"ReGetEx" = ReGet Shell Extensions
"SimfaticForms_is1" = Simfatic Forms 3.1.4.231
"SWFText" = SWFText
"Template Bonus Pack_is1" = Template Bonus Pack v2
"The Logo Creator v5" = The Logo Creator v5
"tinySpell_is1" = tinySpell 1.9.40
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"Unlocker" = Unlocker 1.9.0
"VLC media player" = VLC media player 2.0.5
"WampServer 2_is1" = WampServer 2.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XHeader" = XHeader
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XSite Pro" = XSite Pro
"XSitePro2" = XSitePro2
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"JNLP" = JNLP
"ReGetDx" = ReGet Deluxe
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3/30/2013 11:33:02 PM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 3/31/2013 12:07:03 AM | Computer Name = VOSTRO420 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 4/13/2013 6:49:02 AM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/15/2013 5:11:15 AM | Computer Name = VOSTRO420 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash32_11_2_202_233.ocx, version 11.2.202.233, fault address 0x0002ad36.
Error - 4/15/2013 12:24:37 PM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/19/2013 7:32:23 AM | Computer Name = VOSTRO420 | Source = Application Error | ID = 1000
Description = Faulting application fdm.exe, version 3.9.1294.0, faulting module
fdm.exe, version 3.9.1294.0, fault address 0x0018e489.
Error - 4/19/2013 7:32:58 AM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/22/2013 5:50:23 AM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/3/2013 11:13:12 PM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/6/2013 3:41:49 PM | Computer Name = VOSTRO420 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved
[ Application Events ]
Error - 3/30/2013 11:33:02 PM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 3/31/2013 12:07:03 AM | Computer Name = VOSTRO420 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 4/13/2013 6:49:02 AM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/15/2013 5:11:15 AM | Computer Name = VOSTRO420 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash32_11_2_202_233.ocx, version 11.2.202.233, fault address 0x0002ad36.
Error - 4/15/2013 12:24:37 PM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/19/2013 7:32:23 AM | Computer Name = VOSTRO420 | Source = Application Error | ID = 1000
Description = Faulting application fdm.exe, version 3.9.1294.0, faulting module
fdm.exe, version 3.9.1294.0, fault address 0x0018e489.
Error - 4/19/2013 7:32:58 AM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/22/2013 5:50:23 AM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/3/2013 11:13:12 PM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/6/2013 3:41:49 PM | Computer Name = VOSTRO420 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved
[ Application Events ]
Error - 3/30/2013 11:33:02 PM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 3/31/2013 12:07:03 AM | Computer Name = VOSTRO420 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 4/13/2013 6:49:02 AM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/15/2013 5:11:15 AM | Computer Name = VOSTRO420 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash32_11_2_202_233.ocx, version 11.2.202.233, fault address 0x0002ad36.
Error - 4/15/2013 12:24:37 PM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/19/2013 7:32:23 AM | Computer Name = VOSTRO420 | Source = Application Error | ID = 1000
Description = Faulting application fdm.exe, version 3.9.1294.0, faulting module
fdm.exe, version 3.9.1294.0, fault address 0x0018e489.
Error - 4/19/2013 7:32:58 AM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/22/2013 5:50:23 AM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/3/2013 11:13:12 PM | Computer Name = VOSTRO420 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/6/2013 3:41:49 PM | Computer Name = VOSTRO420 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved
[ System Events ]
Error - 5/6/2013 10:39:31 AM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The HitmanPro 3.7 Crusader (Boot) service failed to start due to the
following error: %%3
Error - 5/6/2013 10:39:31 AM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The helpsvc service failed to start due to the following error: %%2
Error - 5/6/2013 10:39:33 AM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
Error - 5/6/2013 3:41:35 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The helpsvc service failed to start due to the following error: %%2
Error - 5/6/2013 3:41:44 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
Error - 5/6/2013 3:41:46 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7024
Description = The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific
error 0 (0x0).
Error - 5/6/2013 3:53:05 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The helpsvc service failed to start due to the following error: %%2
Error - 5/6/2013 3:53:08 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
Error - 5/6/2013 4:07:29 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The helpsvc service failed to start due to the following error: %%2
Error - 5/6/2013 4:07:31 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
[ System Events ]
Error - 5/6/2013 10:39:31 AM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The HitmanPro 3.7 Crusader (Boot) service failed to start due to the
following error: %%3
Error - 5/6/2013 10:39:31 AM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The helpsvc service failed to start due to the following error: %%2
Error - 5/6/2013 10:39:33 AM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
Error - 5/6/2013 3:41:35 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The helpsvc service failed to start due to the following error: %%2
Error - 5/6/2013 3:41:44 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
Error - 5/6/2013 3:41:46 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7024
Description = The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific
error 0 (0x0).
Error - 5/6/2013 3:53:05 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The helpsvc service failed to start due to the following error: %%2
Error - 5/6/2013 3:53:08 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
Error - 5/6/2013 4:07:29 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7000
Description = The helpsvc service failed to start due to the following error: %%2
Error - 5/6/2013 4:07:31 PM | Computer Name = VOSTRO420 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
< End of report >
Thanks,
Chuck
Edited by LVAD, 06 May 2013 - 02:54 PM.
Sign In
Create Account
