Rooter and OTLI
''ROOTER"
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
C:\ [Fixed] - NTFS - (Total:38130 Mo/Free:2842 Mo)
D:\ [CD-Rom] (Total:300 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:40 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:17 Mo/Free:17 Mo)
Sun 05/03/2009| 7:22
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Viewpoint\Common\ViewpointService.exe
---------- C:\WINDOWS\system32\SearchIndexer.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\WINDOWS\System32\wbem\unsecapp.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Google\Gmail Notifier\gnotify.exe
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Digital Line Detect\DLG.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
---------- C:\WINDOWS\system32\SearchProtocolHost.exe
---------- C:\WINDOWS\system32\SearchFilterHost.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
----------------------\\ Cracks & Keygens..
C:\DOCUME~1\ROSEHA~1\My Documents\Desktop\Unused Desktop Shortcuts\MassvePrme303XFORCE\Crack\massivekeygen-win32.rar
C:\DOCUME~1\ROSEHA~1\My Documents\Desktop\Unused Desktop Shortcuts\MassvePrme303XFORCE\Crack\massivekeygen.exe
1 - "C:\Rooter$\Rooter_1.txt" - Thu 04/30/2009|23:13
2 - "C:\Rooter$\Rooter_2.txt" - Sun 05/03/2009| 7:24
----------------------\\ Scan completed at 7:24
"OTListIt"
Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
C:\ [Fixed] - NTFS - (Total:38130 Mo/Free:2842 Mo)
D:\ [CD-Rom] (Total:300 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:40 Mo/Free:0 Mo)
F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
G:\ [Removable] (Total:17 Mo/Free:17 Mo)
Sun 05/03/2009| 7:22
----------------------\\ Processes..
--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
---------- C:\Program Files\Alwil Software\Avast4\ashServ.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Viewpoint\Common\ViewpointService.exe
---------- C:\WINDOWS\system32\SearchIndexer.exe
---------- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
---------- C:\WINDOWS\System32\wbem\unsecapp.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
---------- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Google\Gmail Notifier\gnotify.exe
---------- C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\Program Files\Digital Line Detect\DLG.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
---------- C:\WINDOWS\system32\SearchProtocolHost.exe
---------- C:\WINDOWS\system32\SearchFilterHost.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
----------------------\\ Cracks & Keygens..
C:\DOCUME~1\ROSEHA~1\My Documents\Desktop\Unused Desktop Shortcuts\MassvePrme303XFORCE\Crack\massivekeygen-win32.rar
C:\DOCUME~1\ROSEHA~1\My Documents\Desktop\Unused Desktop Shortcuts\MassvePrme303XFORCE\Crack\massivekeygen.exe
1 - "C:\Rooter$\Rooter_1.txt" - Thu 04/30/2009|23:13
2 - "C:\Rooter$\Rooter_2.txt" - Sun 05/03/2009| 7:24
----------------------\\ Scan completed at 7:24
OTListIt logfile created on: 5/3/2009 7:34:23 AM - Run 3
OTListIt2 by OldTimer - Version 2.0.15.1 Folder = C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\Geek Tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
382.00 Mb Total Physical Memory | 174.56 Mb Available Physical Memory | 45.70% Memory free
731.36 Mb Paging File | 336.65 Mb Available in Paging File | 46.03% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 22.78 Gb Free Space | 61.19% Space Free | Partition Type: NTFS
Drive D: | 300.46 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 41.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 1.64 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 17.59 Mb Total Space | 17.26 Mb Free Space | 98.08% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ITWPROSERVICES
Current User Name: Rose Hagstrom
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\WINDOWS\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\Geek Tools\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LPDSVC [On_Demand | Stopped]) -- C:\WINDOWS\System32\tcpsvcs.exe (Microsoft Corporation)
SRV - (Mhost [Auto | Stopped]) -- C:\Program Files\massive_mhost\mhost.exe ()
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (Viewpoint Manager Service [Auto | Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (Aavmker4 [System | Running]) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (aeaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (AliIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (aswFsBlk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMon2 [Auto | Running]) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswRdr [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (bcm4sbxp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - (CmdIde [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (EL90XBC [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\el90xbc5.sys (3Com Corporation)
DRV - (HSFHWBS2 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys (Conexant Systems)
DRV - (HSF_DP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems)
DRV - (i81x [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\i81xnt5.sys (Intel® Corporation)
DRV - (iAimFP0 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wADV01nt.sys (Intel® Corporation)
DRV - (iAimFP1 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wADV02NT.sys (Intel® Corporation)
DRV - (iAimFP2 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wADV05NT.sys (Intel® Corporation)
DRV - (iAimFP3 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys (Intel® Corporation)
DRV - (iAimFP4 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys (Intel® Corporation)
DRV - (iAimTV0 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wATV01nt.sys (Intel® Corporation)
DRV - (iAimTV1 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wATV02NT.sys (Intel® Corporation)
DRV - (iAimTV3 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wATV04nt.sys (Intel® Corporation)
DRV - (iAimTV4 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys (Intel® Corporation)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mraid35x [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (nv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (omci [System | Running]) -- C:\WINDOWS\System32\DRIVERS\omci.sys (Dell Computer Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (SABProcEnum [On_Demand | Stopped]) -- C:\WINDOWS\System32\sabprocenum.sys (SuperAdBlocker.com)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (smwdm [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\smwdm.sys (Analog Devices, Inc.)
DRV - (Sparrow [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (StillCam [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\serscan.sys (Microsoft Corporation)
DRV - (symc810 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_hi [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (ultra [Disabled | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (usbaudio [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems)
DRV - ({6080A529-897E-4629-A488-ABA0C29B635E} [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ialmsbw.sys (Intel Corporation)
DRV - ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91} [On_Demand | Stopped]) -- C:\WINDOWS\system32\drivers\ialmkchw.sys (Intel Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...p...&ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_Url = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;localhost;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yoog Search"
FF - prefs.js..browser.search.defaulturl: "http://www14.yoog.co.../search.php?q="
FF - prefs.js..browser.search.selectedEngine: "Yoog Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.8.1
FF - prefs.js..extensions.enabledItems: [email protected]:0.20
FF - prefs.js..extensions.enabledItems: {f86e6264-e877-5fce-c3e4-8668a7d99da2}:1.8
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.4.1
FF - prefs.js..extensions.enabledItems: {78533c73-dead-4339-aebb-0ebad9476c6f}:0.2.1
FF - prefs.js..extensions.enabledItems: {dc0a2d4c-21fd-45b6-961b-d882c49d752b}:0.6.0.2
FF - prefs.js..extensions.enabledItems: {b7400dc5-2077-4d79-a9ea-5f24f6a06259}:0.2.0.2
FF - prefs.js..extensions.enabledItems: {36734583-47ba-41ce-8164-a183618253d2}:3.00
FF - prefs.js..extensions.enabledItems: [email protected]:3.0.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:0.6
FF - prefs.js..extensions.enabledItems: {47d1d620-5e5b-11da-8cd6-0800200c9a66}:2.0
FF - prefs.js..extensions.enabledItems: {1f052e2a-b7b9-11d9-945f-00e08161165f}:1.8.33
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..extensions.enabledItems: {224d6e00-0336-11dd-95ff-0800200c9a66}:1.3.5.56
FF - prefs.js..extensions.enabledItems: {1f870b8e-d71f-11db-8314-0800200c9a66}:2.0.2
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.0.4
FF - prefs.js..extensions.enabledItems: {285da7e0-729d-11db-9fe1-0800200c9a66}:2.121408
FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.48
FF - prefs.js..extensions.enabledItems: {50931610-3d8e-11dd-ae16-0800200c9a66}:0.4.1
FF - prefs.js..keyword.URL: "http://www14.yoog.co.../search.php?q="
FF - user.js..browser.search.defaultenginename: "Yoog Search"
FF - user.js..browser.search.defaulturl: "http://www14.yoog.co.../search.php?q="
FF - user.js..browser.search.selectedEngine: "Yoog Search"
FF - user.js..keyword.URL: "http://www14.yoog.co.../search.php?q="
FF - user.js..keyword.enabled: true
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/30 22:05:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/28 16:28:13 | 00,000,000 | ---D | M]
[2008/12/01 18:13:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Extensions
[2008/12/01 18:13:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/02 15:51:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions
[2009/03/17 07:29:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2008/12/11 17:40:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2008/12/03 18:43:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{1f052e2a-b7b9-11d9-945f-00e08161165f}
[2008/12/03 18:46:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{1f870b8e-d71f-11db-8314-0800200c9a66}
[2008/12/01 18:18:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{224d6e00-0336-11dd-95ff-0800200c9a66}
[2008/12/18 10:18:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{285da7e0-729d-11db-9fe1-0800200c9a66}
[2008/12/01 18:52:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{36734583-47ba-41ce-8164-a183618253d2}
[2009/05/02 15:51:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2008/12/03 18:44:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{47d1d620-5e5b-11da-8cd6-0800200c9a66}
[2008/12/03 18:56:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{50931610-3d8e-11dd-ae16-0800200c9a66}
[2009/03/11 17:32:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
[2009/03/05 19:30:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/12/01 18:52:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{78533c73-dead-4339-aebb-0ebad9476c6f}
[2008/12/01 18:52:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{843910fe-46fc-4f15-a319-aca2bd71b55d}
[2008/12/01 18:52:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{8b0bc85b-b7b9-46ad-9cff-2325cc3ca111}
[2008/12/01 18:52:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{b7400dc5-2077-4d79-a9ea-5f24f6a06259}
[2008/12/01 18:52:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{b90fa88d-d623-40da-a4eb-7144f85a3139}
[2009/01/19 21:09:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2008/12/01 18:52:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{dc0a2d4c-21fd-45b6-961b-d882c49d752b}
[2009/02/18 17:27:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/04/06 15:36:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\{f86e6264-e877-5fce-c3e4-8668a7d99da2}
[2009/04/09 18:29:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2009/04/17 13:11:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2008/12/03 18:33:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2009/04/09 18:29:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2009/03/17 07:29:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2009/03/29 16:03:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2008/12/01 18:52:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2009/01/01 20:16:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2009/03/27 21:51:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2009/01/01 20:16:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2009/04/09 18:29:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rose Hagstrom\Application Data\mozilla\Firefox\Profiles\2axw2227.default\extensions\[email protected]
[2009/04/30 21:39:38 | 00,000,247 | ---- | M] () -- C:\Documents and Settings\Rose Hagstrom\Application Data\Mozilla\FireFox\Profiles\2axw2227.default\searchplugins\Yoog Search.xml
[2009/05/02 08:04:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/28 16:28:13 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/02/25 13:46:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/03/31 11:40:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/28 16:27:31 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/28 16:27:31 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/10/30 02:00:50 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/10/30 02:00:50 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/10/30 02:00:50 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/10/30 02:00:50 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/10/30 02:00:50 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/10/30 02:00:50 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/10/30 02:00:50 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (301828 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 10429 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (PCTools Site Guard) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll ()
O2 - BHO: (TBSB05288 Class) - {6714ADBD-C6C1-42A8-BD84-9C9339059421} - C:\Program Files\IEToolbar\ECO Bar\tbu05139\ecobar.dll File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Viewpoint Toolbar BHO) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.9.0\ViewBarBHO.dll (Viewpoint Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ECO Bar) - {10000000-1000-1000-1000-100000000000} - C:\Program Files\IEToolbar\ECO Bar\tbu05139\ecobar.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Viewpoint Toolbar) - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll (Viewpoint Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10000000-1000-1000-1000-100000000000} - C:\Program Files\IEToolbar\ECO Bar\tbu05139\ecobar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [hrlhlqls] "C:\WINDOWS\hrlhlqls.exe" File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O8 - Extra context menu item: &IE Toolbar search - res://C:\Program Files\411IEToolbar\toolbar.dll/SEARCH.HTML File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: frame.crazywinnings.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKLM\..Trusted Ranges: Range1 ([*] in Trusted sites)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: 1 range(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....738&clcid=0x409 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1123976077921 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1173662393033 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 10:59:58 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/02/29 09:13:53 | 00,575,080 | R--- | M] (magicJack L.P.) - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/02/29 09:13:53 | 00,016,158 | R--- | M] () - F:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2008/02/29 09:13:53 | 00,000,308 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2008/01/04 18:17:30 | 00,000,270 | ---- | M] () - G:\autorun.inf -- [ FAT ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
========== Files/Folders - Created Within 30 Days ==========
[4 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/05/02 15:32:31 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/05/02 15:32:30 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/05/02 15:32:29 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/05/02 15:32:27 | 00,026,944 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/05/02 15:32:24 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/05/02 15:32:21 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/05/02 15:32:20 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/05/02 15:32:20 | 00,094,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/05/02 15:32:20 | 00,093,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/05/02 15:31:41 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/05/02 15:31:41 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009/05/02 15:31:41 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/05/02 15:31:28 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/05/02 15:05:38 | 00,308,160 | ---- | C] (ALWIL Software) -- C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\avast_home_setup.exe
[2009/05/01 09:38:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rose Hagstrom\My Documents\My Received Files
[2009/05/01 08:53:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/05/01 08:50:42 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009/05/01 08:45:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/05/01 08:41:08 | 01,089,593 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntprint.cat
[2009/04/30 23:30:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/04/30 23:30:21 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/04/30 23:29:15 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/04/30 23:25:13 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/04/30 23:25:12 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/04/30 23:25:11 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/04/30 23:25:09 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll
[2009/04/30 23:25:09 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/04/30 23:25:07 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/04/30 23:25:07 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/04/30 23:25:04 | 00,000,000 | ---D | C] -- C:\c6e3d8596353b04659e7757f009685
[2009/04/30 23:10:06 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/04/30 22:14:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\Geek Tools
[2009/04/30 21:48:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rose Hagstrom\Application Data\Malwarebytes
[2009/04/30 21:47:48 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/30 21:47:45 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/30 21:47:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/04/30 21:47:42 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/30 21:45:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/04/30 21:44:53 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/04/29 17:17:52 | 00,040,423 | ---- | C] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\ITW-Original Master Customer List.wpd
[2009/04/29 17:17:52 | 00,007,680 | -HS- | C] () -- C:\WINDOWS\Thumbs.db
[2009/04/28 15:46:41 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/04/28 15:46:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/04/28 15:46:17 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009/04/28 15:45:53 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009/04/28 15:43:16 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009/04/26 16:19:57 | 00,001,269 | ---- | C] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\Max Journal Info.rtf
[2009/04/25 14:54:53 | 00,864,256 | ---- | C] (dti) -- C:\WINDOWS\System32\hrlhlqls.exe
[2009/04/25 14:54:24 | 00,385,024 | ---- | C] () -- C:\WINDOWS\djia6624.exe
[2009/04/25 14:52:21 | 00,227,109 | ---- | C] () -- C:\WINDOWS\qbxku3355.exe
[2009/04/25 14:52:20 | 00,223,009 | ---- | C] () -- C:\WINDOWS\lusfp2133.exe
[2009/04/25 14:09:54 | 00,000,224 | ---- | C] () -- C:\WINDOWS\System32\9B13A86D.plf
[2009/04/25 13:53:52 | 00,000,458 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/04/25 13:51:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/04/25 13:49:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2009/04/25 13:44:56 | 00,075,082 | ---- | C] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\12.jpg
[2009/04/22 11:23:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rose Hagstrom\My Documents\HTML
[2009/04/21 15:23:08 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\Creative Tools
[2009/04/21 14:55:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rose Hagstrom\My Documents\Text
[2009/04/21 10:39:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rose Hagstrom\Application Data\Ashampoo
[2009/04/21 10:38:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2009/04/21 10:37:35 | 00,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2009/04/20 21:28:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rose Hagstrom\My Documents\pnl
[2009/04/20 15:46:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rose Hagstrom\My Documents\QPPriv
[2009/04/19 13:22:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rose Hagstrom\Application Data\Apple Computer
[2009/04/19 13:08:52 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/04/19 13:07:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/04/19 13:05:28 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/04/19 13:05:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/04/17 19:52:51 | 00,000,000 | ---D | C] -- C:\Program Files\Massive
[2009/04/17 19:49:08 | 00,000,008 | ---- | C] () -- C:\WINDOWS\ldf.dat
[2009/04/17 19:48:45 | 00,000,000 | ---D | C] -- C:\Program Files\massive_mhost
[2009/04/15 21:07:24 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/15 21:07:23 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/15 21:07:22 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/15 21:07:21 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/15 21:07:20 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/15 21:07:19 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/15 21:07:18 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/15 21:05:21 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/13 13:07:14 | 00,686,080 | ---- | C] () -- C:\WINDOWS\System32\nsy40.dll
[2009/04/11 14:11:41 | 00,000,776 | -H-- | C] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\.picasa.ini
[2009/04/06 09:38:49 | 00,001,034 | ---- | C] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\magicJack.lnk
[2009/03/30 14:46:22 | 00,000,169 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/03/10 08:18:33 | 00,000,079 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/01/14 12:23:42 | 01,294,336 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2A6.dll
[2009/01/14 12:23:42 | 01,228,800 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M5.dll
[2009/01/14 12:23:42 | 01,105,920 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P6.dll
[2009/01/14 12:23:41 | 01,261,568 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M6.dll
[2009/01/14 12:23:40 | 01,052,672 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P5.dll
[2009/01/14 12:22:43 | 00,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini
[2009/01/14 12:22:35 | 01,093,632 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2PX.dll
[2009/01/14 12:22:35 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2.dll
[2009/01/14 12:22:34 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL
[2009/01/14 12:22:33 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL
[2009/01/14 12:22:33 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\EnrouteStitch.dll
[2009/01/14 12:22:32 | 00,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL
[2008/10/13 11:08:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2008/09/19 15:37:05 | 00,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[2008/09/18 13:43:49 | 00,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2008/09/18 13:43:48 | 00,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008/09/18 13:43:01 | 00,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2008/09/18 13:43:00 | 00,000,225 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2008/09/18 13:40:57 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2008/09/16 15:19:19 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2007/10/22 20:28:22 | 01,260,072 | ---- | C] () -- C:\WINDOWS\System32\libtiff-3.dll
[2007/09/27 10:51:02 | 00,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 00,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 00,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/07/20 19:57:00 | 00,000,102 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2007/06/28 23:17:30 | 00,000,640 | ---- | C] () -- C:\WINDOWS\FoldingBooklet.ini
[2006/06/15 07:29:02 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2006/06/15 07:22:40 | 00,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/06/15 07:19:08 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2005/04/27 14:38:00 | 00,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2005/04/27 14:37:49 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2005/02/08 17:02:01 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/02/08 12:20:35 | 00,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/02/02 12:56:12 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/12/28 03:19:51 | 00,000,438 | ---- | C] () -- C:\WINDOWS\DELLSTAT.INI
[2004/12/22 13:53:54 | 00,000,562 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2004/12/17 06:50:54 | 00,000,227 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2003/11/17 16:15:02 | 00,000,174 | ---- | C] () -- C:\WINDOWS\System32\mcini.ini
[2003/10/30 02:28:44 | 00,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2003/10/30 02:17:46 | 00,000,890 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/10/30 02:02:28 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/10/30 02:02:02 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/10/30 01:48:26 | 00,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/02/17 19:00:42 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbavs.dll
[2003/02/17 19:00:36 | 00,000,177 | ---- | C] () -- C:\WINDOWS\System32\dlbacoin.ini
[2003/02/05 13:11:12 | 00,000,126 | ---- | C] () -- C:\WINDOWS\System32\DLBAPLC.INI
========== Files - Modified Within 30 Days ==========
[4 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/05/03 06:58:52 | 00,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/05/02 18:00:05 | 00,000,458 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2009/05/02 15:36:37 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/02 15:36:25 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Rose Hagstrom\Local Settings\DESKTOP.INI
[2009/05/02 15:36:21 | 00,002,048 | ---- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/05/02 15:36:20 | 40,062,5664 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/02 15:35:00 | 00,000,562 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/05/02 15:35:00 | 00,000,227 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI
[2009/05/02 15:35:00 | 00,000,211 | RHS- | M] () -- C:\BOOT.INI
[2009/05/02 15:32:31 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk
[2009/05/02 15:32:20 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/05/02 15:28:57 | 00,001,034 | ---- | M] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\magicJack.lnk
[2009/05/02 15:06:51 | 00,308,160 | ---- | M] (ALWIL Software) -- C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\avast_home_setup.exe
[2009/05/01 09:03:03 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\DESKTOP.INI
[2009/05/01 03:14:55 | 00,536,530 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/01 03:14:55 | 00,466,414 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2009/05/01 03:14:55 | 00,079,630 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2009/05/01 00:13:23 | 01,644,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/29 17:17:52 | 00,040,423 | ---- | M] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\ITW-Original Master Customer List.wpd
[2009/04/29 17:17:52 | 00,007,680 | -HS- | M] () -- C:\WINDOWS\Thumbs.db
[2009/04/29 17:06:59 | 00,037,888 | -HS- | M] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\Thumbs.db
[2009/04/28 08:34:21 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/04/27 17:47:59 | 00,000,419 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2009/04/27 17:47:59 | 00,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2009/04/27 08:34:46 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/04/27 08:34:22 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/04/26 16:19:57 | 00,001,269 | ---- | M] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\Max Journal Info.rtf
[2009/04/25 14:54:57 | 00,864,256 | ---- | M] (dti) -- C:\WINDOWS\System32\hrlhlqls.exe
[2009/04/25 14:54:27 | 00,385,024 | ---- | M] () -- C:\WINDOWS\djia6624.exe
[2009/04/25 14:52:21 | 00,227,109 | ---- | M] () -- C:\WINDOWS\qbxku3355.exe
[2009/04/25 14:52:21 | 00,223,009 | ---- | M] () -- C:\WINDOWS\lusfp2133.exe
[2009/04/25 14:17:38 | 00,077,824 | -HS- | M] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\Thumbs.db
[2009/04/25 14:09:54 | 00,000,224 | ---- | M] () -- C:\WINDOWS\System32\9B13A86D.plf
[2009/04/13 13:07:14 | 00,686,080 | ---- | M] () -- C:\WINDOWS\System32\nsy40.dll
[2009/04/11 14:16:33 | 00,000,776 | -H-- | M] () -- C:\Documents and Settings\Rose Hagstrom\My Documents\.picasa.ini
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 10:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 7305 bytes -> C:\WINDOWS\WindowsUpdate.log:kxouet
@Alternate Data Stream - 7305 bytes -> C:\WINDOWS\TWUNK_16.EXE:wrahhq
@Alternate Data Stream - 7305 bytes -> C:\WINDOWS\TWUNK_16.EXE:kxdjub
@Alternate Data Stream - 7305 bytes -> C:\WINDOWS\Rhododendron.bmp:qeqxxb
@Alternate Data Stream - 7305 bytes -> C:\WINDOWS\FeatherTexture.bmp:ymfgv
@Alternate Data Stream - 7305 bytes -> C:\WINDOWS\EXPLORER.SCF:gbizk
@Alternate Data Stream - 7305 bytes -> C:\WINDOWS\BOOTSTAT.DAT:nzcgf
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\VMMREG32.DLL:wplsva
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\TWUNK_16.EXE:zglrxc
@Alternate Data Stream - 3567 bytes -> C:\WINDOWS\orun32.isu:teciwt
@Alternate Data Stream - 3547 bytes -> C:\WINDOWS\WINNT.BMP:cyghyd
@Alternate Data Stream - 3547 bytes -> C:\WINDOWS\BOOTSTAT.DAT:eikzng
@Alternate Data Stream - 3347 bytes -> C:\WINDOWS\Sti_Trace.log:ftwuh
@Alternate Data Stream - 3347 bytes -> C:\WINDOWS\River Sumida.bmp:fudge
@Alternate Data Stream - 3347 bytes -> C:\WINDOWS\Rhododendron.bmp:tdkozb
@Alternate Data Stream - 3347 bytes -> C:\WINDOWS\REGLOCS.OLD:ttinw
@Alternate Data Stream - 3347 bytes -> C:\WINDOWS\DESKTOP.INI:takoc
@Alternate Data Stream - 3347 bytes -> C:\WINDOWS\DELLSTAT.INI:wiwlb
@Alternate Data Stream - 11592 bytes -> C:\WINDOWS\WIASERVC.LOG:rxvocq
@Alternate Data Stream - 11592 bytes -> C:\WINDOWS\VB.INI:lnaahf
@Alternate Data Stream - 11592 bytes -> C:\WINDOWS\TWUNK_32.EXE:xsxizu
@Alternate Data Stream - 11592 bytes -> C:\WINDOWS\TASKMAN.EXE:oeizap
@Alternate Data Stream - 11592 bytes -> C:\WINDOWS\TASKMAN.EXE:lqxplw
@Alternate Data Stream - 11592 bytes -> C:\WINDOWS\REGLOCS.OLD:ymysdz
@Alternate Data Stream - 11592 bytes -> C:\WINDOWS\orun32.isu:thayjz
@Alternate Data Stream - 11592 bytes -> C:\WINDOWS\ODBCINST.INI:idzqay
@Alternate Data Stream - 11592 bytes -> C:\WINDOWS\DELL.BMP:ckhetu
@Alternate Data Stream - 11591 bytes -> C:\WINDOWS\VBADDIN.INI:sqfyo
@Alternate Data Stream - 11591 bytes -> C:\WINDOWS\Soap Bubbles.bmp:grqmc
@Alternate Data Stream - 11591 bytes -> C:\WINDOWS\corelpf.lrs:ihzwg
@Alternate Data Stream - 11591 bytes -> C:\WINDOWS\CONTROL.INI:lplsf
@Alternate Data Stream - 11591 bytes -> C:\WINDOWS\BOOTSTAT.DAT:ilzdc
< End of report >
"Extras"
OTListIt Extras logfile created on: 5/3/2009 7:34:23 AM - Run 3
OTListIt2 by OldTimer - Version 2.0.15.1 Folder = C:\Documents and Settings\Rose Hagstrom\My Documents\Desktop\Geek Tools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
382.00 Mb Total Physical Memory | 174.56 Mb Available Physical Memory | 45.70% Memory free
731.36 Mb Paging File | 336.65 Mb Available in Paging File | 46.03% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 22.78 Gb Free Space | 61.19% Space Free | Partition Type: NTFS
Drive D: | 300.46 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 41.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 1.64 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 17.59 Mb Total Space | 17.26 Mb Free Space | 98.08% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ITWPROSERVICES
Current User Name: Rose Hagstrom
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\WS_FTP Pro\wsftppro.exe:*:Enabled:WS_FTP Pro Application (Ipswitch, Inc. 81 Hartwell Ave. Lexington MA)
C:\Program Files\Common Files\AOL\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer File not found
C:\Program Files\Common Files\AOL\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service File not found
C:\Program Files\Common Files\AOL\1221670493\ee\aolsoftware.exe:*:Enabled:AOL Shared Components File not found
C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL File not found
C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed File not found
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader File not found
C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information File not found
C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe:*:Enabled:Dreamweaver 8 (Macromedia, Inc.)
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe:*:Enabled:BrMfcWnd File not found
C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe:*:Enabled:BrMfcMon File not found
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe:*:Enabled:BrMfimon File not found
C:\Program Files\Brother\Brmfl06a\FAXRX.exe:*:Enabled:FAXRX File not found
C:\Program Files\Brother\Brmfl06a\AddrBook.exe:*:Enabled:AddrBook File not found
C:\Program Files\Brother\Brmfl06a\Para_USB\brqikmon.exe:*:Enabled:brqikmon File not found
C:\Program Files\Brother\Brmfl06a\BrScUtil.exe:*:Enabled:Scanner Utility File not found
C:\Program Files\Brother\ControlCenter3\BrCtrCen.exe:*:Enabled:BrCtrCen File not found
C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe:*:Enabled:BrccMCtl File not found
C:\Program Files\ScanSoft\PaperPort\PaprPort.exe:*:Enabled:PaprPort File not found
C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer (Microsoft Corporation)
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)
C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox (Mozilla Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Computer, Inc.)
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\massive_mhost\mhost.exe:LocalSubNet:Enabled:Mhost ()
C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call (Microsoft Corporation)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger (Microsoft Corporation)
C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary (Sun Microsystems, Inc.)
C:\Documents and Settings\Rose Hagstrom\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack (magicJack L.P.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java 6 Update 13
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{64116298-93C5-401D-B06C-39D8E3338508}" = DAO
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9B79DCB0-AAD7-456B-8D07-433C936FA24B}" = DS21Patch
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A22CF42D-023D-4A7B-9033-802F666F6F44}" = MyDeluxeInvoices & Estimates 5.5.0.0
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Apophysis 2.0" = Apophysis 2.0
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"avast!" = avast! Antivirus
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2702" = Conexant SmartHSFi V92 56K DF PCI Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ERUNT_is1" = ERUNT 1.1j
"GoldWave v5.23" = GoldWave v5.23
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Management Programs
"IrfanView" = IrfanView (remove only)
"LimeWire" = LimeWire 4.18.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"massive_prime" = massive_prime 3.0.3
"Mhost" = Mhost 3.0.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MWSnap 3" = MWSnap 3
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"RealPlayer 6.0" = RealOne Player
"Shockwave" = Shockwave
"Textaizer Pro_is1" = Textaizer Pro v3.0
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"Viewpoint Toolbar" = Viewpoint Toolbar
"ViewpointMediaPlayer" = Viewpoint Media Player
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WS_FTP Pro" = Ipswitch WS_FTP Pro
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/24/2008 7:58:47 AM | Computer Name = ITWPROSERVICES | Source = Application Hang | ID = 1002
Description = Hanging application magicJack.exe, version 1.80.451.2, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 10/27/2008 8:29:04 AM | Computer Name = ITWPROSERVICES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ROSE HAGSTROM\RECENT\DESKTOP.INI>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 10/28/2008 12:00:44 AM | Computer Name = ITWPROSERVICES | Source = Application Hang | ID = 1002
Description = Hanging application Picasa3.exe, version 3.0.57.24, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 10/28/2008 11:38:17 PM | Computer Name = ITWPROSERVICES | Source = Application Hang | ID = 1002
Description = Hanging application Picasa3.exe, version 3.0.57.24, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/2/2008 8:48:03 PM | Computer Name = ITWPROSERVICES | Source = Application Hang | ID = 1002
Description = Hanging application gimp-2.6.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/4/2008 10:40:31 PM | Computer Name = ITWPROSERVICES | Source = Application Hang | ID = 1002
Description = Hanging application Picasa3.exe, version 3.0.57.44, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/9/2008 1:19:37 PM | Computer Name = ITWPROSERVICES | Source = Application Hang | ID = 1002
Description = Hanging application gimp-2.6.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/9/2008 1:19:37 PM | Computer Name = ITWPROSERVICES | Source = Application Hang | ID = 1002
Description = Hanging application gimp-2.6.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/9/2008 1:19:37 PM | Computer Name = ITWPROSERVICES | Source = Application Hang | ID = 1002
Description = Hanging application gimp-2.6.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/13/2008 8:56:19 AM | Computer Name = ITWPROSERVICES | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\ROSE HAGSTROM\RECENT\DESKTOP.INI>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)
[ System Events ]
Error - 4/26/2009 9:46:04 AM | Computer Name = ITWPROSERVICES | Source = Service Control Manager | ID = 7034
Description = The Mhost service terminated unexpectedly. It has done this 1 time(s).
Error - 4/26/2009 9:46:30 AM | Computer Name = ITWPROSERVICES | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.
Error - 4/28/2009 3:54:25 PM | Computer Name = ITWPROSERVICES | Source = Service Control Manager | ID = 7034
Description = The Mhost service terminated unexpectedly. It has done this 1 time(s).
Error - 4/29/2009 8:11:43 AM | Computer Name = ITWPROSERVICES | Source = Service Control Manager | ID = 7034
Description = The Mhost service terminated unexpectedly. It has done this 1 time(s).
Error - 4/30/2009 8:41:16 AM | Computer Name = ITWPROSERVICES | Source = Service Control Manager | ID = 7034
Description = The Mhost service terminated unexpectedly. It has done this 1 time(s).
Error - 4/30/2009 10:08:56 PM | Computer Name = ITWPROSERVICES | Source = Service Control Manager | ID = 7034
Description = The Mhost service terminated unexpectedly. It has done this 1 time(s).
Error - 5/1/2009 12:13:05 AM | Computer Name = ITWPROSERVICES | Source = Service Control Manager | ID = 7034
Description = The Mhost service terminated unexpectedly. It has done this 1 time(s).
Error - 5/1/2009 9:04:28 AM | Computer Name = ITWPROSERVICES | Source = Service Control Manager | ID = 7034
Description = The Mhost service terminated unexpectedly. It has done this 1 time(s).
Error - 5/2/2009 3:27:20 PM | Computer Name = ITWPROSERVICES | Source = Service Control Manager | ID = 7034
Description = The Mhost service terminated unexpectedly. It has done this 1 time(s).
Error - 5/2/2009 3:37:33 PM | Computer Name = ITWPROSERVICES | Source = Service Control Manager | ID = 7034
Description = The Mhost service terminated unexpectedly. It has done this 1 time(s).
< End of report >