Thank you Handhfan, I do appreciate the help. Here is what I did:
I ran the TFC program.
Couldn't run the SysRestorePoint because it doesn't work with 64bit.
I ran the Erunt program.
I ran the Malwarebytes (MBAM).
I ran the AVG8.
I updated my system. (35 updates!)
Couldn't run the RootRepeal because it doesn't work with 64bit.
I ran the OTL program
All programs were updated prior to running the scans.
All of the annoying popups tied to the exe's no longer exist!
Here are the log files:
mbam-log-2009-09-28 (10-44-25)Malwarebytes' Anti-Malware 1.41
Database version: 2866
Windows 5.2.3790 Service Pack 2
9/28/2009 10:44:25 AM
mbam-log-2009-09-28 (10-44-25).txt
Scan type: Quick Scan
Objects scanned: 112738
Time elapsed: 2 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logs:OTL logfile created on: 9/28/2009 1:15:45 PM - Run 1
OTL by OldTimer - Version 3.0.16.0 Folder = C:\Documents and Settings\dbruce\Desktop\geekstogo
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 6.0.3790.3959)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.02 Gb Available Physical Memory | 75.47% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 4092 6139 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 68.32 Gb Total Space | 7.27 Gb Free Space | 10.65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive J: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive M: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive N: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive O: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive P: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive Q: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive R: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive S: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive U: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive V: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive Z: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Computer Name: MORTECH16
Current User Name: dbruce
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2008/01/15 03:40:04 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/17 09:27:47 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
PRC - [2009/08/17 09:27:47 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
PRC - [2009/08/17 09:27:47 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
PRC - [2003/06/20 07:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/06/20 07:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/06/20 07:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/06/20 07:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/06/20 07:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/06/20 07:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/06/20 07:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003/06/20 07:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2007/02/02 19:02:44 | 01,327,104 | R--- | M] (Macrovision Corporation) -- C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe
PRC - [2004/08/02 13:29:52 | 00,659,456 | R--- | M] (Macrovision Corporation) -- C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmgrd.exe
PRC - [2007/02/02 19:02:44 | 01,327,104 | R--- | M] (Macrovision Corporation) -- C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe
PRC - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2009/08/17 09:27:58 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe
PRC - [2007/02/02 19:02:45 | 01,396,736 | R--- | M] () -- C:\Program Files (x86)\UGS\UGSLicensing\ugslmd.exe
PRC - [2004/08/02 13:29:53 | 00,806,912 | R--- | M] () -- C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\uglmd.exe
PRC - [2005/11/06 17:48:26 | 00,040,960 | ---- | M] () -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe
PRC - [2009/08/17 09:28:02 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2007/02/18 11:05:22 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cmd.exe
PRC - [2006/04/18 18:56:16 | 00,176,128 | ---- | M] () -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaMonitor\Monitor.exe
PRC - [2006/04/18 18:56:16 | 00,176,128 | ---- | M] () -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaMonitor\Monitor.exe
PRC - [2005/01/15 19:12:56 | 00,045,163 | ---- | M] () -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe
PRC - [2005/01/15 19:12:56 | 00,045,163 | ---- | M] () -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe
PRC - [2005/01/15 19:12:56 | 00,045,163 | ---- | M] () -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe
PRC - [2005/01/15 19:12:56 | 00,045,163 | ---- | M] () -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/28 11:20:00 | 00,415,072 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files (x86)\WinZip\WZQKPICK.EXE
PRC - [2007/10/10 01:28:32 | 00,036,352 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2006/03/21 06:00:04 | 00,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/04/21 00:56:20 | 00,061,526 | ---- | M] ( ) -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe
PRC - [2006/04/21 00:56:20 | 00,061,526 | ---- | M] ( ) -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe
PRC - [2008/01/15 04:22:56 | 00,267,048 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2004/07/28 00:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005/12/10 04:29:52 | 00,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD\DVDLauncher.exe
PRC - [2009/08/17 09:27:50 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgtray.exe
PRC - [2008/01/15 04:22:44 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe
PRC - [2008/01/15 04:22:44 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe
PRC - [2009/09/28 13:02:05 | 01,998,576 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/09/14 11:30:49 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/09/28 08:17:31 | 00,518,144 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dbruce\Desktop\geekstogo\OTL.exe
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2007/09/27 14:30:48 | 00,141,312 | R--- | M] (Iomega Corp) -- C:\Program Files\Iomega\REV System Software\RevUDF.exe -- (RevUDFService [Auto | Running])
SRV - [2008/01/15 03:40:04 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2007/10/23 22:33:00 | 00,045,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/08/17 09:27:58 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/08/17 09:27:47 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/10/23 22:33:04 | 00,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2007/10/09 15:06:28 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2007/02/17 00:44:20 | 00,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/03/25 13:00:00 | 00,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\iasrecst.dll -- (IASJet [On_Demand | Stopped])
SRV - [2005/11/14 02:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2007/10/10 22:08:40 | 00,921,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/01/15 04:22:44 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2003/06/20 07:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
SRV - [2006/04/18 18:56:16 | 00,176,128 | ---- | M] () -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaMonitor\Monitor.exe -- (MegaMonitorSrv [Auto | Running])
SRV - [2005/11/06 17:48:26 | 00,040,960 | ---- | M] () -- C:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe -- (MSMFramework [Auto | Running])
SRV - [2007/02/18 11:05:42 | 00,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2003/07/28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008/01/21 10:15:24 | 00,079,360 | ---- | M] (SolidWorks) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service [On_Demand | Stopped])
SRV - [2007/02/02 19:02:44 | 01,327,104 | R--- | M] (Macrovision Corporation) -- C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe -- (UGS License Server (ugslmd) [Auto | Running])
SRV - [2004/08/02 13:29:52 | 00,659,456 | R--- | M] (Macrovision Corporation) -- C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmgrd.exe -- (Unigraphics License Server (uglmd) [Auto | Running])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft...p...&ar=msnhomeIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...amp;ar=iesearchIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell.comIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Answers.com"
FF - prefs.js..browser.startup.homepage: "
http://www.google.com/firefox"FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.83
FF - prefs.js..extensions.enabledItems: {34dea790-6450-11db-bd13-0800200c9a66}:2.0.3
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: avg@igeared:2.507.024.001
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG8\Firefox [2009/06/29 08:18:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/08/18 09:54:42 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/14 11:30:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/09/14 11:30:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2008/03/04 08:45:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.14\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2009/01/08 08:58:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2008/03/26 10:04:47 | 00,000,000 | ---D | M]
[2008/09/16 14:58:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\mozilla\Extensions
[2008/09/16 14:58:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/28 08:32:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\mozilla\Firefox\Profiles\qghy6n5i.default\extensions
[2008/05/28 08:41:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\mozilla\Firefox\Profiles\qghy6n5i.default\extensions\{34dea790-6450-11db-bd13-0800200c9a66}
[2008/06/26 07:12:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\mozilla\Firefox\Profiles\qghy6n5i.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2007/07/31 13:27:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\mozilla\Firefox\Profiles\qghy6n5i.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2008/07/14 07:23:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\mozilla\Firefox\Profiles\qghy6n5i.default\extensions\
[email protected][2009/09/21 09:05:37 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/09/14 11:30:53 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/04/19 08:38:10 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2007/07/19 07:49:49 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007/10/19 07:29:44 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008/03/21 07:53:22 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2009/09/14 11:30:48 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/09/14 11:30:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2008/02/22 10:14:18 | 00,034,384 | ---- | M] (WebEx) -- C:\Program Files (x86)\mozilla firefox\plugins\atgpcdec.dll
[2008/02/22 10:14:21 | 00,093,848 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\atgpcext.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2008/02/22 10:14:16 | 00,051,792 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll
[2007/12/11 21:14:46 | 00,155,648 | ---- | M] (Solidworks Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npEModelPlugin.dll
[2009/09/14 11:30:50 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2008/03/04 08:45:58 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2008/03/04 08:45:58 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2008/03/04 08:45:58 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2008/03/04 08:45:58 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2008/03/04 08:45:58 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2008/03/04 08:45:58 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2008/03/04 08:45:58 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2007/04/16 13:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npViewpoint.dll
[2009/03/09 07:49:18 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2009/03/09 07:49:18 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2009/06/29 08:18:54 | 00,001,489 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg_igeared.xml
[2009/03/09 07:49:18 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2009/03/09 07:49:18 | 00,002,343 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2009/03/09 07:49:18 | 00,001,706 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009/03/09 07:49:19 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2009/03/09 07:49:19 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml
Hosts file not found
O2:
64bit: - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SysNative\DLA\DLASHX_W.DLL File not found
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SysWow64\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4:
64bit: - HKLM..\Run: [DLA] C:\WINDOWS\SysNative\DLA\DLACTRLW.EXE File not found
O4:
64bit: - HKLM..\Run: [Iomega ImIconXP] C:\Program Files\Iomega\REV System Software\imiconxp.exe (Iomega Corporation)
O4:
64bit: - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\SysNative\NvCpl.DLL File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files (x86)\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Popup] C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe ( )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKCU..\Run: [MsgCenterExe] C:\Program Files (x86)\Common Files\Real\Update_OB\RealOneMessageCenter.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Start 3DxWare.lnk = C:\Program Files (x86)\3Dconnexion\3Dconnexion 3DxWare (x64)\3DxSrv.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files (x86)\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8:
64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9:
64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:
64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SysNative\mswsock.dll File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SysNative\winrnr.dll File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SysNative\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SysNative\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SysNative\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SysNative\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SysNative\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SysNative\mswsock.dll File not found
O15:
64bit: - ..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: nas_server ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E}
http://components.me...MetaStream3.cab (Reg Error: Key error.)
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} Reg Error: Value error. (MetaStreamCtl Class)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94}
http://www.pcpitstop...p/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {12545791-AC9A-44B2-8964-0DA216C4A4E5}
http://www.partserve...3d/cnsweb3d.cab (Cnsweb3d Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8}
http://h50203.www5.h...SWebManager.CAB (Hewlett-Packard Printer Diagnostics)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 168.192.1.26 206.141.193.55
O18:
64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SysNative\msvidctl.dll File not found
O18:
64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysNative\itss.dll File not found
O18:
64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SysNative\inetcomm.dll File not found
O18:
64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysNative\itss.dll File not found
O18:
64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SysNative\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SysNative\msvidctl.dll File not found
O18:
64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysNative\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SysNative\wiascr.dll File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18:
64bit: - Protocol\Filter: - application/octet-stream - File not found
O18:
64bit: - Protocol\Filter: - application/x-complus - File not found
O18:
64bit: - Protocol\Filter: - application/x-msdownload - File not found
O18:
64bit: - Protocol\Filter: - Class Install Handler - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Filter: - deflate - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Filter: - gzip - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Filter: - lzdhtml - C:\WINDOWS\SysNative\urlmon.dll File not found
O18:
64bit: - Protocol\Filter: - text/xml - Reg Error: Key error. File not found
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\system32\danuzihi.dll) - C:\WINDOWS\SysWow64\danuzihi.dll File not found
O20 - AppInit_DLLs: (bumuyide.dll) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\bumuyide.dll) - C:\WINDOWS\SysWOW64\bumuyide.dll File not found
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - C:\WINDOWS\SysNative\logonui.exe File not found
O20:
64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20:
64bit: - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - File not found
O20:
64bit: - Winlogon\Notify\avgwlx64: DllName - Reg Error: Value error. - File not found
O20:
64bit: - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20:
64bit: - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20:
64bit: - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20:
64bit: - Winlogon\Notify\dimsntfy: DllName - dimsntfy.dll - File not found
O20:
64bit: - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20:
64bit: - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20:
64bit: - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20:
64bit: - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20:
64bit: - Winlogon\Notify\termsrv: DllName - Reg Error: Value error. - File not found
O20:
64bit: - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\avgwlx64: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O21:
64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysNative\stobject.dll File not found
O21:
64bit: - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\SysNative\upnpui.dll File not found
O21:
64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\SysNative\WPDShServiceObj.dll File not found
O21 - SSODL: bogokipog - {bddd0cdc-4a4d-4b8e-bd66-b429f44960eb} - CLSID or File not found.
O21 - SSODL: jiyoginay - {36246d92-7d85-4ca7-beb8-691250108114} - CLSID or File not found.
O21 - SSODL: kokizugup - {72c34eac-0a2a-4e6b-82bd-17bf1027a880} - CLSID or File not found.
O21 - SSODL: siluganez - {4ca72124-9e9f-48c6-b6a2-4629b04bae05} - CLSID or File not found.
O21 - SSODL: zufuniyaj - {d8f6957f-ea32-4b2d-80b1-d164cb041784} - CLSID or File not found.
O28:
64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/04/01 22:46:44 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/02/19 06:32:59 | 00,000,000 | ---D | M] - I:\AUTOROTO -- [ NTFS ]
O33 - MountPoints2\{c2288a2c-0238-11dd-a895-00188b0326c5}\Shell - "" = AutoRun
O33 - MountPoints2\{c2288a2c-0238-11dd-a895-00188b0326c5}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c2288a2c-0238-11dd-a895-00188b0326c5}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
NetSvcs:
64bit: Ias - Service key not found. File not found
NetSvcs:
64bit: Iprip - Service key not found. File not found
NetSvcs:
64bit: Irmon - Service key not found. File not found
NetSvcs:
64bit: NWCWorkstation - Service key not found. File not found
NetSvcs:
64bit: Nwsapagent - Service key not found. File not found
NetSvcs:
64bit: WmdmPmSp - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
========== Files/Folders - Created Within 14 Days ========== [2009/09/28 12:39:51 | 03,622,704 | ---- | C] () -- C:\Documents and Settings\dbruce\Desktop\avg_scan.rtf
[2009/09/28 08:53:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/09/28 08:51:54 | 00,000,641 | ---- | C] () -- C:\Documents and Settings\dbruce\Desktop\NTREGOPT.lnk
[2009/09/28 08:51:53 | 00,000,622 | ---- | C] () -- C:\Documents and Settings\dbruce\Desktop\ERUNT.lnk
[2009/09/28 08:51:51 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2009/09/28 08:45:17 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2009/09/28 08:45:13 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/09/28 08:45:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2009/09/28 08:44:58 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/09/28 08:44:58 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2009/09/28 08:39:45 | 00,000,970 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/09/28 08:39:31 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2009/09/28 08:39:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 6.0
[2009/09/28 08:14:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\dbruce\Desktop\geekstogo
[2009/09/21 16:26:05 | 00,472,064 | ---- | C] ( ) -- \\Nas_server\Users\Dbruce\RootRepeal.exe
[2009/09/21 16:13:56 | 00,096,978 | ---- | C] (Business Information Solutions) -- \\Nas_server\Users\Dbruce\VirtumundoBeGone.exe
[2009/09/21 16:11:27 | 00,096,978 | ---- | C] (Business Information Solutions) -- C:\Documents and Settings\dbruce\Desktop\VirtumundoBeGone.exe
[2009/09/21 16:05:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\dbruce\Local Settings\Application Data\Downloaded Installations
[2009/09/21 16:05:20 | 11,748,680 | ---- | C] (ParetoLogic ) -- C:\Documents and Settings\dbruce\Desktop\Pareto_AV_Setup_RW.exe
[2009/09/21 15:52:04 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/09/21 14:53:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\dbruce\Desktop\hyjackthis new
[2009/09/21 13:41:10 | 00,001,941 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Start 3DxWare.lnk
[2009/09/21 13:41:10 | 00,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2009/09/21 13:21:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/09/21 13:19:54 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/09/21 13:17:26 | 03,317,563 | ---- | C] () -- C:\Documents and Settings\dbruce\Desktop\ComboFix.exe
[2009/09/21 12:47:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\dbruce\Local Settings\Application Data\AVG Security Toolbar
[2009/09/21 12:10:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\dbruce\Application Data\Malwarebytes
[2009/09/21 08:42:50 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysWow64\drivers\mbamswissarmy.sys
[2009/09/21 08:42:49 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/09/21 08:42:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/09/15 12:07:47 | 00,000,000 | ---D | C] -- \\Nas_server\Users\Dbruce\first download
[2009/09/15 12:07:39 | 00,000,000 | ---D | C] -- \\Nas_server\Users\Dbruce\New Folder
========== Files - Modified Within 14 Days ========== [2009/09/28 12:55:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/09/28 12:55:15 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/09/28 12:52:21 | 00,000,970 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/09/28 12:39:51 | 03,622,704 | ---- | M] () -- C:\Documents and Settings\dbruce\Desktop\avg_scan.rtf
[2009/09/28 08:51:54 | 00,000,641 | ---- | M] () -- C:\Documents and Settings\dbruce\Desktop\NTREGOPT.lnk
[2009/09/28 08:51:53 | 00,000,622 | ---- | M] () -- C:\Documents and Settings\dbruce\Desktop\ERUNT.lnk
[2009/09/28 08:48:22 | 00,097,640 | ---- | M] () -- C:\Documents and Settings\dbruce\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/09/28 08:42:35 | 00,468,346 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2009/09/26 15:59:02 | 00,000,296 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/09/21 16:26:05 | 00,472,064 | ---- | M] ( ) -- \\Nas_server\Users\Dbruce\RootRepeal.exe
[2009/09/21 16:13:56 | 00,096,978 | ---- | M] (Business Information Solutions) -- C:\Documents and Settings\dbruce\Desktop\VirtumundoBeGone.exe
[2009/09/21 16:13:56 | 00,096,978 | ---- | M] (Business Information Solutions) -- \\Nas_server\Users\Dbruce\VirtumundoBeGone.exe
[2009/09/21 16:05:38 | 11,748,680 | ---- | M] (ParetoLogic ) -- C:\Documents and Settings\dbruce\Desktop\Pareto_AV_Setup_RW.exe
[2009/09/21 13:40:57 | 00,000,527 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/09/21 13:40:57 | 00,000,150 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/09/21 13:17:26 | 03,317,563 | ---- | M] () -- C:\Documents and Settings\dbruce\Desktop\ComboFix.exe
[2009/09/21 13:04:59 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\SysWow64\vejenufa
[2009/09/15 08:39:42 | 00,171,778 | -H-- | M] () -- C:\Documents and Settings\dbruce\Local Settings\Application Data\IconCache.db
========== LOP Check ========== [2009/09/21 08:42:49 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2007/10/04 14:54:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2009/06/29 08:18:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2008/04/02 14:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
[2008/03/22 08:53:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2009/09/21 10:38:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/11/15 14:26:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2007/06/20 09:31:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2008/01/21 11:33:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/05/13 15:04:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/09/21 12:10:11 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\dbruce\Application Data
[2006/11/07 08:58:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\3Dconnexion
[2007/06/20 09:40:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\Acoustica
[2008/01/07 17:01:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\AD ON Multimedia
[2006/11/13 12:05:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\Autodesk
[2008/06/18 07:07:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\AVGTOOLBAR
[2007/11/21 08:57:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\cadenas
[2007/06/19 15:32:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\Downloaded Installations
[2008/04/02 14:39:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\GlobalSCAPE
[2006/11/27 16:18:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\GSplit
[2007/09/21 14:23:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\gtk-2.0
[2006/11/02 08:20:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\Leadertech
[2006/11/16 13:26:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\My Games
[2007/02/07 13:06:08 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\dbruce\Application Data\SecuROM
[2006/11/11 09:47:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\Thunderbird
[2008/06/24 10:01:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\U3
[2008/01/21 11:33:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\dbruce\Application Data\Viewpoint
[2009/09/26 15:59:02 | 00,000,296 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2005/03/25 13:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/09/28 12:55:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/09/28 12:53:20 | 00,032,556 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %systemroot%\system32\eventlog.dll > < %systemroot%\system32\scecli.dll >[2007/02/18 11:05:48 | 00,188,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\netlogon.dll > < %systemroot%\system32\cngaudit.dll > < %systemroot%\system32\sceclt.dll > < %systemroot%\ntelogon.dll > < %systemroot%\system32\logevent.dll > ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
OTL EXTRASOTL Extras logfile created on: 9/28/2009 1:15:45 PM - Run 1
OTL by OldTimer - Version 3.0.16.0 Folder = C:\Documents and Settings\dbruce\Desktop\geekstogo
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 6.0.3790.3959)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.02 Gb Available Physical Memory | 75.47% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 4092 6139 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 68.32 Gb Total Space | 7.27 Gb Free Space | 10.65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive J: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive M: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive N: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive O: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive P: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive Q: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive R: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive S: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive U: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive V: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive Z: | 434.11 Gb Total Space | 63.60 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Computer Name: MORTECH16
Current User Name: dbruce
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf[@ = inffile] -- C:\WINDOWS\SysNative\NOTEPAD.EXE File not found
.ini[@ = inifile] -- C:\WINDOWS\SysNative\NOTEPAD.EXE File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js[@ = JSFile] -- C:\WINDOWS\SysNative\WScript.exe File not found
.jse[@ = JSEFile] -- C:\WINDOWS\SysNative\WScript.exe File not found
.txt[@ = txtfile] -- C:\WINDOWS\SysNative\NOTEPAD.EXE File not found
.vbe[@ = VBEFile] -- C:\WINDOWS\SysNative\WScript.exe File not found
.vbs[@ = VBSFile] -- C:\WINDOWS\SysNative\WScript.exe File not found
.wsf[@ = WSFFile] -- C:\WINDOWS\SysNative\WScript.exe File not found
.wsh[@ = WSHFile] -- C:\WINDOWS\SysNative\WScript.exe File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.reg [@ = regfile] -- C:\WINDOWS\SysWow64\regedit.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.scr [@ = AutoCADScriptFile] -- C:\WINDOWS\notepad.exe (Microsoft Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 File not found
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 File not found
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 File not found
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 File not found
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 File not found
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 File not found
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 File not found
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l File not found
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" File not found
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 File not found
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 File not found
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 File not found
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 File not found
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" File not found
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 File not found
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 File not found
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\popup.exe" = C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\popup.exe:*:Disabled:popup -- ( )
"C:\Program Files (x86)\UGS\NX 3.0\UGII\ugraf.exe" = C:\Program Files (x86)\UGS\NX 3.0\UGII\ugraf.exe:*:Enabled:NX Component -- (UGS Corp.)
"C:\Documents and Settings\dbruce\Local Settings\Temp\_ISTMP1.DIR\_INS5576._MP" = C:\Documents and Settings\dbruce\Local Settings\Temp\_ISTMP1.DIR\_INS5576._MP:*:Enabled:InstallShield Engine -- File not found
"C:\Program Files (x86)\Hawking PrintServer Utilities\PortSetup.exe" = C:\Program Files (x86)\Hawking PrintServer Utilities\PortSetup.exe:*:Enabled:calldll -- File not found
"C:\Program Files (x86)\Hawking PrintServer Utilities\WinUtil\PSAdmin.exe" = C:\Program Files (x86)\Hawking PrintServer Utilities\WinUtil\PSAdmin.exe:*:Enabled:PSAdmin -- File not found
"C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe" = C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4 -- File not found
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files (x86)\3Dconnexion\3Dconnexion Getting Started\3DxTrainer.exe" = C:\Program Files (x86)\3Dconnexion\3Dconnexion Getting Started\3DxTrainer.exe:*:Enabled:3Dconnexion Getting Started -- ( )
"C:\Program Files\Alwil Software\Avast4\ashAvast.exe" = C:\Program Files\Alwil Software\Avast4\ashAvast.exe:*:Enabled:avast! Antivirus -- File not found
"C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" = C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE:*:Enabled:SUPERAntiSpyware Free Edition -- (SUPERAntiSpyware.com)
"C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe" = C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe:*:Enabled:SpywareBlaster -- ()
"\\Nas_server\Product\data\data\gm\gmlaunch\5\gmlaunch5.0.bat" = \\Nas_server\Product\data\data\gm\gmlaunch\5\gmlaunch5.0.bat:LocalSubNet:Enabled:gmlaunch5.0.bat
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" = C:\Program Files (x86)\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files (x86)\iTunes\iTunes.exe" = C:\Program Files (x86)\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files (x86)\Grisoft\AVG7\avginet.exe" = C:\Program Files (x86)\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files (x86)\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files (x86)\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files (x86)\Grisoft\AVG7\avgcc.exe" = C:\Program Files (x86)\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files (x86)\UGS\NX 3.0\UGII\ugflexlm_options.exe" = C:\Program Files (x86)\UGS\NX 3.0\UGII\ugflexlm_options.exe:168.192.1.14/255.255.255.255:Enabled:License Options -- ()
"C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmtools.exe" = C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmtools.exe:168.192.1.14/255.255.255.255:Enabled:LMTOOLS -- (Macrovision Corporation)
"C:\Program Files (x86)\Cerberus\Cerberus.exe" = C:\Program Files (x86)\Cerberus\Cerberus.exe:*:Enabled:Cerberus FTP Server -- File not found
"C:\Program Files (x86)\AVG\AVG8\avgupd.exe" = C:\Program Files (x86)\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG\AVG8\avgemc.exe" = C:\Program Files (x86)\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService -- (Apple, Inc.)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\popup.exe" = C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\popup.exe:*:Disabled:popup -- ( )
"C:\Program Files (x86)\UGS\NX 3.0\UGII\ugraf.exe" = C:\Program Files (x86)\UGS\NX 3.0\UGII\ugraf.exe:*:Enabled:NX Component -- (UGS Corp.)
"C:\Documents and Settings\dbruce\Local Settings\Temp\_ISTMP1.DIR\_INS5576._MP" = C:\Documents and Settings\dbruce\Local Settings\Temp\_ISTMP1.DIR\_INS5576._MP:*:Enabled:InstallShield Engine -- File not found
"C:\Program Files (x86)\Hawking PrintServer Utilities\PortSetup.exe" = C:\Program Files (x86)\Hawking PrintServer Utilities\PortSetup.exe:*:Enabled:calldll -- File not found
"C:\Program Files (x86)\Hawking PrintServer Utilities\WinUtil\PSAdmin.exe" = C:\Program Files (x86)\Hawking PrintServer Utilities\WinUtil\PSAdmin.exe:*:Enabled:PSAdmin -- File not found
"C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe" = C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4 -- File not found
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files (x86)\3Dconnexion\3Dconnexion Getting Started\3DxTrainer.exe" = C:\Program Files (x86)\3Dconnexion\3Dconnexion Getting Started\3DxTrainer.exe:*:Enabled:3Dconnexion Getting Started -- ( )
"C:\Program Files\Alwil Software\Avast4\ashAvast.exe" = C:\Program Files\Alwil Software\Avast4\ashAvast.exe:*:Enabled:avast! Antivirus -- File not found
"C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" = C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE:*:Enabled:SUPERAntiSpyware Free Edition -- (SUPERAntiSpyware.com)
"C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe" = C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe:*:Enabled:SpywareBlaster -- ()
"\\Nas_server\Product\data\data\gm\gmlaunch\5\gmlaunch5.0.bat" = \\Nas_server\Product\data\data\gm\gmlaunch\5\gmlaunch5.0.bat:LocalSubNet:Enabled:gmlaunch5.0.bat
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" = C:\Program Files (x86)\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files (x86)\iTunes\iTunes.exe" = C:\Program Files (x86)\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files (x86)\Grisoft\AVG7\avginet.exe" = C:\Program Files (x86)\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files (x86)\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files (x86)\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files (x86)\Grisoft\AVG7\avgcc.exe" = C:\Program Files (x86)\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files (x86)\UGS\NX 3.0\UGII\ugflexlm_options.exe" = C:\Program Files (x86)\UGS\NX 3.0\UGII\ugflexlm_options.exe:168.192.1.14/255.255.255.255:Enabled:License Options -- ()
"C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmtools.exe" = C:\Program Files (x86)\UGS\License Servers\UGNXFLEXlm\lmtools.exe:168.192.1.14/255.255.255.255:Enabled:LMTOOLS -- (Macrovision Corporation)
"C:\Program Files (x86)\Cerberus\Cerberus.exe" = C:\Program Files (x86)\Cerberus\Cerberus.exe:*:Enabled:Cerberus FTP Server -- File not found
"C:\Program Files (x86)\AVG\AVG8\avgupd.exe" = C:\Program Files (x86)\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG\AVG8\avgemc.exe" = C:\Program Files (x86)\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService -- (Apple, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009ACF99-8488-448E-BA19-C623E4349AE9}" = Apple Mobile Device Support
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{23170F69-40C1-2702-0457-000001000000}" = 7-Zip 4.57 (x64 edition)
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Advanced Control Suite
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{4E765B16-84C0-40FD-A33D-D58CC7C75603}" = UGS NX 5.0
"{54F7D2E4-12CA-4756-A612-E1500232BCDF}" = UGS NX 5.0 CAST
"{6448F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{8580C805-7CFC-49D0-8176-6CA359079CF3}" = 3Dconnexion 3DxWare (x64)
"{9CC5470D-6C5A-4835-8CDE-CD590FB26329}" = UGS NX 5.0 Documentation
"{AF84BB4B-14DC-4C6E-BCD4-70D1F5EB5930}" = iTunes
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{E457C028-5FD5-46ED-954D-3538093B500E}" = Iomega REV System Software (64-bit)
"CutePDF Writer Installation" = CutePDF Writer 2.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows x64
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows x64 Service Pack" = Windows XP Service Pack 2
"WMFDist11-64" = Windows Media Format 11 runtime
"wmp11-64" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{07D2750B-D757-434F-B3F5-13F95475C179}" = UGS JT2Go
"{178739AE-5C84-49C5-968C-DFFE7C0B2F83}" = NX 3 CAST
"{1F40F8F1-B4BC-4A5B-B1A6-363FBDD30F0C}" = eDrawings 2008
"{26B7B8C8-33A8-4345-9C1D-5EBA1BBDE766}" = 3Dconnexion Plug-In for NX
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{38C3632A-D9A9-42A9-8620-AE726BFCAD3D}" = DWGgateway
"{440701AA-4602-409C-8CC3-5BB9D2F11A91}" = NX 3 FLEXlm
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{549DD7F5-D445-4569-ACAF-822DC75F5EBF}" = Dell SAS RAID Storage Manager v1.16-00
"{5783F2D7-0201-0409-0000-0060B0CE6BBA}" = AutoCAD 2004
"{5783F2D7-0211-0409-0000-0060B0CE6BBA}" = AutoCAD Express Tools Volumes 1-9
"{5ACD451F-AE53-4375-9AF5-3CF0801362DA}" = UGSLicensing
"{63A68338-16A3-4763-8478-A45F91A61E7A}" = Orca
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AA85944-9D17-4265-9BA2-472A7AA8617B}" = 3Dconnexion Getting Started
"{6D03554B-F848-4358-B0F2-9FFB6E173765}" = Kubotek Spectrum 5.5.1
"{6EDD3BE7-23E8-5D46-57AB-44A9FC256D01}" = Sid Meier's Civilization IV
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7563C9ED-2A3A-4B61-A337-636C88B59B75}" = NX 3.0 Documentation
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9D180A76-C05F-4064-94B1-069E6EEEA5EF}" = NX 3
"{9F8C8C2C-3926-45D3-B247-3F478A1D0D9F}" = NX 3 Translators
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B62D2A85-847F-4748-9B12-5DA6CE8EC8BA}" = ATI RADEON 9700 Moebius Strip Screen Saver v1.1
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B3}" = WinZip 11.0
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}" = WinZip 11.2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CF110019-D640-4252-9DD7-99C7CB684E9F}" = ATI RADEON 9700 Bacteria Screen Saver v1.1
"{F2924009-B2A9-4413-AF7C-E0B72A870626}" = eDrawings 2007
"Acoustica CD/DVD Label Maker" = Acoustica CD/DVD Label Maker
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"Autodesk Express Viewer" = Autodesk Express Viewer
"AVG8Uninstall" = AVG Free 8.5
"CCleaner" = CCleaner (remove only)
"ERUNT_is1" = ERUNT 1.1j
"FreeCommander_is1" = FreeCommander 2007.10a
"Gadwin PrintScreen" = Gadwin PrintScreen
"HijackThis" = HijackThis 2.0.2
"IrfanView" = IrfanView (remove only)
"KeyNote_is1" = KeyNote 1.6.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.14)" = Mozilla Firefox (3.0.14)
"Mozilla Sunbird (0.3)" = Mozilla Sunbird (0.3)
"Mozilla Thunderbird (2.0.0.14)" = Mozilla Thunderbird (2.0.0.14)
"oggcodecs" = oggcodecs 0.71.0946
"Plot2k_is1" = Plot2k 1.0.5
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SpywareBlaster_is1" = SpywareBlaster 4.2
"SwordSearcher_4_InnoSetup_is1" = SwordSearcher 4.5 Deluxe Edition
"ViewpointMediaPlayer" = Viewpoint Media Player
"Winamp" = Winamp
"WinGTK-2_is1" = GTK+ 2.10.6-1 runtime environment
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 6/8/2009 8:03:21 AM | Computer Name = MORTECH16 | Source = Application Hang | ID = 1002
Description = Hanging application ugraf.exe, version 3.0.5.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 6/8/2009 8:07:27 AM | Computer Name = MORTECH16 | Source = Application Hang | ID = 1002
Description = Hanging application ugraf.exe, version 3.0.5.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 6/12/2009 11:37:31 AM | Computer Name = MORTECH16 | Source = Application Hang | ID = 1002
Description = Hanging application ugraf.exe, version 3.0.5.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 6/15/2009 9:12:10 AM | Computer Name = MORTECH16 | Source = Application Hang | ID = 1002
Description = Hanging application ugraf.exe, version 3.0.5.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 9/3/2009 12:23:46 PM | Computer Name = MORTECH16 | Source = Application Hang | ID = 1002
Description = Hanging application ugraf.exe, version 5.0.4.1, hang module hungapp,
version 0.0.0.0, hang address 0x0000000000000000.
Error - 9/8/2009 12:08:45 PM | Computer Name = MORTECH16 | Source = Application Hang | ID = 1002
Description = Hanging application ugraf.exe, version 5.0.4.1, hang module hungapp,
version 0.0.0.0, hang address 0x0000000000000000.
Error - 9/10/2009 10:12:26 AM | Computer Name = MORTECH16 | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3498, faulting module
xul.dll, version 1.9.0.3498, fault address 0x0013d9e3.
Error - 9/18/2009 11:38:47 PM | Computer Name = MORTECH16 | Source = Application Error | ID = 1000
Description = Faulting application yegemiso.exe, version 0.0.0.0, faulting module
yegemiso.exe, version 0.0.0.0, fault address 0x000efa1c.
Error - 9/21/2009 8:20:40 AM | Computer Name = MORTECH16 | Source = Application Hang | ID = 1002
Description = Hanging application spywareblaster.exe, version 4.2.0.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 9/21/2009 8:21:10 AM | Computer Name = MORTECH16 | Source = Application Hang | ID = 1002
Description = Hanging application spywareblaster.exe, version 4.2.0.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 9/28/2009 1:01:22 PM | Computer Name = MORTECH16 | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS has been blocked
from loading due to incompatibility with this system. Please contact your software
vendor
for a compatible version of the driver.
Error - 9/28/2009 1:01:22 PM | Computer Name = MORTECH16 | Source = Service Control Manager | ID = 7000
Description = The SASENUM service failed to start due to the following error: %%1275
Error - 9/28/2009 1:01:55 PM | Computer Name = MORTECH16 | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 9/28/2009 1:01:55 PM | Computer Name = MORTECH16 | Source = Service Control Manager | ID = 7000
Description = The SASDIFSV service failed to start due to the following error: %%1275
Error - 9/28/2009 1:02:58 PM | Computer Name = MORTECH16 | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 9/28/2009 1:02:58 PM | Computer Name = MORTECH16 | Source = Service Control Manager | ID = 7000
Description = The SASKUTIL service failed to start due to the following error: %%1275
Error - 9/28/2009 1:02:58 PM | Computer Name = MORTECH16 | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 9/28/2009 1:02:59 PM | Computer Name = MORTECH16 | Source = Service Control Manager | ID = 7000
Description = The SASDIFSV service failed to start due to the following error: %%1275
Error - 9/28/2009 1:06:34 PM | Computer Name = MORTECH16 | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS has been blocked
from loading due to incompatibility with this system. Please contact your software
vendor
for a compatible version of the driver.
Error - 9/28/2009 1:06:35 PM | Computer Name = MORTECH16 | Source = Service Control Manager | ID = 7000
Description = The SASENUM service failed to start due to the following error: %%1275
< End of report >
This topic is locked
Sign In
Create Account
