OTL logfile created on: 1/30/2010 1:48:52 AM - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Daniel\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 491.00 Mb Available Physical Memory | 48.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 233.76 Gb Total Space | 30.94 Gb Free Space | 13.24% Space Free | Partition Type: NTFS
Drive D: | 19.13 Gb Total Space | 18.73 Gb Free Space | 97.90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 101.60 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
Drive I: | 931.51 Gb Total Space | 131.73 Gb Free Space | 14.14% Space Free | Partition Type: NTFS
Computer Name: KIBLERD
Current User Name: Daniel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/01/27 13:32:22 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Desktop\OTL.exe
PRC - [2010/01/09 10:38:39 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/01/06 10:10:15 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/24 17:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 17:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 17:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 17:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 17:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/11/13 10:13:09 | 00,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2009/08/20 12:34:04 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/08/20 12:25:58 | 02,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2009/05/21 10:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/04/30 23:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/10/28 16:42:30 | 00,156,968 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2008/10/28 16:42:12 | 00,181,544 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/07 11:40:26 | 00,910,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/05/07 11:40:22 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007/05/07 11:40:06 | 00,149,040 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/11/06 15:12:26 | 00,233,472 | ---- | M] () -- C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk.Services.exe
PRC - [2006/03/19 20:48:55 | 00,052,736 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2005/09/30 19:22:50 | 00,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005/08/11 15:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2002/08/14 06:03:00 | 00,135,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
PRC - [2002/08/14 06:00:00 | 00,172,065 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Speed Disk\NOPDB.EXE
PRC - [2002/03/19 17:30:00 | 00,045,632 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe
PRC - [2002/01/16 14:15:14 | 00,081,920 | ---- | M] (Matrox Graphics Inc.) -- C:\WINDOWS\system32\mgabg.exe
PRC - [2001/09/06 17:10:12 | 00,094,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe
========== Modules (SafeList) ========== MOD - [2010/01/27 13:32:22 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Desktop\OTL.exe
========== Win32 Services (SafeList) ========== SRV - [2009/11/24 17:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 17:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 17:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 17:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/08/20 12:34:04 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/05/21 10:34:05 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/04/30 23:30:18 | 00,168,004 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2009/01/06 13:06:24 | 00,536,872 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/10/28 16:42:30 | 00,156,968 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2007/05/07 11:40:22 | 00,271,920 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007/05/07 11:37:12 | 00,779,824 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2007/02/05 18:44:12 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2006/11/06 15:12:26 | 00,233,472 | ---- | M] () [Auto | Running] -- C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk.Services.exe -- (Matrox Centering Service)
SRV - [2006/03/19 20:48:55 | 00,052,736 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2006/02/12 12:25:17 | 00,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2005/09/30 19:22:50 | 00,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005/06/13 21:08:32 | 00,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2002/08/14 06:03:00 | 00,135,168 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -- (NProtectService)
SRV - [2002/08/14 06:00:00 | 00,172,065 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Speed Disk\NOPDB.EXE -- (Speed Disk service)
SRV - [2002/01/16 14:15:14 | 00,081,920 | ---- | M] (Matrox Graphics Inc.) [Auto | Running] -- C:\WINDOWS\system32\mgabg.exe -- (MGABGEXE)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
http://us.rd.yahoo.c...rch/search.htmlIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Prev SearchAssistant =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/24 22:12:15 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/24 22:12:15 | 00,000,000 | ---D | M]
[2008/09/05 23:08:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Mozilla\Extensions
[2010/01/30 01:38:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\r9mvs76z.default\extensions
[2009/11/01 17:44:41 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\r9mvs76z.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/11/29 18:23:50 | 00,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\r9mvs76z.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2007/01/31 02:09:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Mozilla\Firefox\Profiles\zcl4yihh.default\extensions
[2010/01/30 01:38:52 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2004/11/12 21:36:20 | 00,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll
[2008/09/03 18:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2005/12/05 22:31:00 | 00,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
[2006/11/22 18:33:25 | 00,147,456 | ---- | M] (PopCap Games) -- C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
[2008/05/29 16:18:26 | 00,106,128 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npstrlnk.dll
[2010/01/13 16:46:00 | 00,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
O1 HOSTS File: ([2009/12/04 01:08:12 | 00,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Camfrog Toolbar) - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar.dll (Camshare LC)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll (Google Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Camfrog Toolbar) - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar.dll (Camshare LC)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE File not found
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [PrinTray] C:\WINDOWS\System32\Spool\Drivers\w32x86\3\printray.exe File not found
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Daniel\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm ()
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm ()
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Daniel\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: avsystemcare.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: onerateld.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: safetydownload.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: trustedantivirus.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: virusschlacht.com ([]* in Trusted sites)
O15 - HKLM\..Trusted Domains: 33 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: avsystemcare.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: onerateld.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: safetydownload.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: trustedantivirus.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: virusschlacht.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.187.150 74.84.119.153
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: wisomobuk - {67bb0af4-c4bd-4749-9f8b-cbb6308565e9} - C:\WINDOWS\System32\volizita.dll File not found
O22 - SharedTaskScheduler: {67bb0af4-c4bd-4749-9f8b-cbb6308565e9} - gahurihor - C:\WINDOWS\System32\volizita.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Daniel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Daniel\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\rqRHbBQI) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/12 21:33:27 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/09/03 09:47:14 | 00,000,037 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/01/09 23:51:35 | 00,000,067 | ---- | M] () - I:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/06/12 21:32:47 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16891891626803200)
========== Files/Folders - Created Within 14 Days ========== [2100/02/08 15:03:54 | 00,053,248 | ---- | C] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe
[2010/01/29 19:52:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Local Settings\Application Data\lukdbw
[2010/01/27 13:42:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Desktop\Contract Samples
[2010/01/27 13:32:21 | 00,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Desktop\OTL.exe
[2010/01/26 22:49:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Local Settings\Application Data\hawqmx
[2010/01/24 23:54:10 | 00,439,808 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Desktop\TFC.exe
[2010/01/24 23:04:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Daniel\Desktop\SmitfraudFix
[2010/01/24 22:44:42 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010/01/24 22:12:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/03/30 22:26:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/03/30 22:22:32 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/03/30 22:22:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/03/30 22:22:31 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/02/02 10:30:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2008/05/09 19:16:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Matrox
[2007/09/08 22:18:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVG7
[2007/02/17 18:09:15 | 00,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2002/03/08 16:57:12 | 00,018,024 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\LXARScan.sys
========== Files - Modified Within 14 Days ========== [2010/01/30 01:19:54 | 08,126,464 | -H-- | M] () -- C:\Documents and Settings\Daniel\NTUSER.DAT
[2010/01/30 00:35:52 | 00,037,376 | ---- | M] () -- C:\Documents and Settings\Daniel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/30 00:00:00 | 00,000,312 | ---- | M] () -- C:\WINDOWS\tasks\ohimlwho.job
[2010/01/29 23:56:12 | 00,045,413 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/01/29 23:56:01 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/29 23:55:24 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/29 23:55:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/29 23:52:46 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Daniel\ntuser.ini
[2010/01/29 14:25:45 | 00,001,194 | ---- | M] () -- C:\Documents and Settings\Daniel\default.pls
[2010/01/29 14:25:45 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/28 16:00:00 | 00,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\{3817CF87-E96D-49DB-AB97-4C9B539FF8CF}_KIBLERC_ckibler.job
[2010/01/27 13:32:22 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Desktop\OTL.exe
[2010/01/27 13:29:45 | 00,284,915 | ---- | M] () -- C:\Documents and Settings\Daniel\Desktop\gmer.zip
[2010/01/27 13:22:48 | 00,000,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/27 11:17:01 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\yemozovo
[2010/01/27 09:00:00 | 00,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\{71E9434B-3BDF-459E-BFD0-7C325A6DA309}_KIBLERC_ckibler.job
[2010/01/27 07:10:00 | 00,000,414 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Office Outlook 2003.job
[2010/01/26 23:47:50 | 00,436,932 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/26 23:47:50 | 00,069,032 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/26 23:47:49 | 00,515,210 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/25 00:21:44 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 23:54:12 | 00,439,808 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daniel\Desktop\TFC.exe
[2010/01/24 23:53:55 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 23:09:20 | 00,000,752 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/01/24 23:09:20 | 00,000,253 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/24 23:09:20 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2010/01/24 23:06:34 | 00,003,268 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/01/24 22:57:11 | 01,872,472 | ---- | M] () -- C:\Documents and Settings\Daniel\Desktop\SmitfraudFix.exe
[2010/01/24 22:23:30 | 00,000,001 | ---- | M] () -- C:\s
[2010/01/24 02:33:36 | 00,000,422 | ---- | M] () -- C:\WINDOWS\tasks\Driver Robot.job
[2010/01/24 02:33:17 | 00,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Robot.lnk
[2010/01/18 10:30:15 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
========== Files Created - No Company Name ========== [2100/02/23 14:35:34 | 00,000,768 | ---- | C] () -- C:\Program Files\x73_lut.dat
[2100/02/08 15:53:34 | 00,001,437 | ---- | C] () -- C:\Program Files\gtx73.ini
[2099/01/01 12:00:00 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\yemozovo
[2010/01/27 13:29:38 | 00,284,915 | ---- | C] () -- C:\Documents and Settings\Daniel\Desktop\gmer.zip
[2010/01/27 13:22:48 | 00,000,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/24 23:53:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010/01/24 23:33:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010/01/24 22:57:07 | 01,872,472 | ---- | C] () -- C:\Documents and Settings\Daniel\Desktop\SmitfraudFix.exe
[2010/01/24 22:23:30 | 00,000,001 | ---- | C] () -- C:\s
[2009/11/05 14:27:21 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/09/27 23:38:01 | 00,465,888 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/09/26 19:00:57 | 00,000,029 | ---- | C] () -- C:\Documents and Settings\Daniel\Application Data\default.rss
[2009/09/26 19:00:56 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Daniel\Application Data\downloads.m3u
[2009/09/26 18:53:58 | 00,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009/06/27 21:15:00 | 00,000,016 | ---- | C] () -- C:\WINDOWS\RealityFusion.ini
[2009/06/27 21:08:19 | 00,000,528 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009/06/27 21:07:01 | 00,098,816 | ---- | C] () -- C:\WINDOWS\System32\LGUICOM.DLL
[2009/06/27 21:07:01 | 00,000,443 | ---- | C] () -- C:\WINDOWS\Cmousecc.ini
[2009/04/30 23:31:06 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/04/30 23:31:06 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/04/30 23:31:06 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/04/30 23:31:06 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/01/03 23:49:53 | 00,000,372 | ---- | C] () -- C:\WINDOWS\GearBox.ini
[2008/12/20 18:11:42 | 01,756,354 | -HS- | C] () -- C:\WINDOWS\System32\byaqjrvk.ini
[2008/12/20 18:07:51 | 00,883,645 | -HS- | C] () -- C:\WINDOWS\System32\IQBbHRqr.ini2
[2008/12/20 18:07:51 | 00,883,645 | -HS- | C] () -- C:\WINDOWS\System32\IQBbHRqr.ini
[2008/02/15 14:08:26 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\f7129022-a000-4847-db07-470265a73c4f
[2007/11/27 12:52:22 | 00,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/11/01 23:53:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2007/08/23 17:30:00 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/02/17 18:09:16 | 00,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2007/02/17 18:09:14 | 00,064,512 | R--- | C] () -- C:\WINDOWS\System32\P17.dll
[2007/01/12 01:11:08 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007/01/12 01:03:38 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007/01/12 01:03:37 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007/01/12 01:03:37 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2006/12/26 20:31:02 | 00,001,325 | ---- | C] () -- C:\WINDOWS\Remove.ini
[2006/12/13 02:40:55 | 00,061,678 | ---- | C] () -- C:\Documents and Settings\Daniel\Application Data\PFP120JPR.{PB
[2006/12/13 02:40:55 | 00,012,358 | ---- | C] () -- C:\Documents and Settings\Daniel\Application Data\PFP120JCM.{PB
[2006/11/19 21:15:42 | 00,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2006/11/15 03:22:44 | 00,037,376 | ---- | C] () -- C:\Documents and Settings\Daniel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/12 16:23:00 | 00,000,043 | ---- | C] () -- C:\WINDOWS\YAHELITE_IGNORE.INI
[2006/11/08 05:38:30 | 00,000,061 | ---- | C] () -- C:\WINDOWS\YAHELITE_BUDDY.INI
[2006/11/06 10:39:38 | 00,000,012 | ---- | C] () -- C:\WINDOWS\YAHVOX_ignore.ini
[2006/11/06 08:48:06 | 00,000,275 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/11/06 08:47:21 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2006/11/06 08:44:27 | 00,006,516 | ---- | C] () -- C:\WINDOWS\YAHELITE.INI
[2006/09/10 20:01:04 | 00,208,997 | ---- | C] () -- C:\WINDOWS\System32\MyCfHook.dll
[2006/07/28 20:48:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/04/22 17:00:10 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006/04/14 16:09:49 | 00,001,056 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/19 20:48:57 | 00,202,752 | ---- | C] () -- C:\WINDOWS\CDAC14BA.DLL
[2006/03/19 20:48:51 | 00,011,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\CdaC15BA.SYS
[2006/03/19 20:48:39 | 00,001,930 | ---- | C] () -- C:\WINDOWS\PLTWIN02.INI
[2006/03/09 20:35:56 | 00,209,007 | ---- | C] () -- C:\WINDOWS\System32\SlickMix.dll
[2006/02/25 18:25:17 | 00,000,000 | ---- | C] () -- C:\WINDOWS\the.ini
[2006/02/13 07:05:00 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/02/13 07:05:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/08/25 21:11:38 | 00,000,431 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2005/08/17 17:41:53 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
[2005/07/25 18:37:05 | 00,000,284 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/07/23 17:33:31 | 00,061,952 | ---- | C] () -- C:\WINDOWS\System32\rmmerge2.DLL
[2005/07/23 17:33:31 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\rmevents.DLL
[2005/07/23 17:24:01 | 00,003,614 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/07/23 16:45:08 | 00,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2005/07/06 19:26:56 | 00,005,627 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2005/06/20 20:33:53 | 00,000,066 | ---- | C] () -- C:\WINDOWS\ESPR200.ini
[2005/06/15 21:49:52 | 00,000,563 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2005/06/13 21:39:34 | 00,000,023 | ---- | C] () -- C:\WINDOWS\EPS820.ini
[2005/06/13 06:45:44 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/03/08 00:17:08 | 00,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/12/06 15:18:16 | 00,139,280 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/29 17:42:30 | 00,000,643 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2001/07/20 10:48:06 | 00,008,116 | ---- | C] () -- C:\Program Files\OSLO3071b2.USB
[2000/12/05 14:56:34 | 00,114,688 | ---- | C] () -- C:\Program Files\lxarscan.dll
[2000/01/11 12:50:48 | 00,000,047 | ---- | C] () -- C:\Program Files\ACMonitor_X73.ini
[1999/08/10 17:02:20 | 00,116,736 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[1999/08/10 17:02:16 | 00,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1998/10/11 00:07:38 | 00,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
========== LOP Check ========== [2007/02/10 10:25:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2009/03/30 22:25:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7
[2005/06/21 06:03:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2008/10/22 02:21:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/03/30 22:25:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2008/11/14 17:36:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/01/03 23:49:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Line 6
[2006/12/09 02:47:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Matrox Graphics Inc
[2008/09/17 12:14:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2007/09/08 17:12:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2006/11/22 18:33:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2008/10/22 01:09:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2005/09/21 06:24:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/01/09 23:51:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2009/07/11 20:09:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2005/09/21 06:25:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2005/06/15 21:49:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2009/10/15 23:05:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/01/27 02:24:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2007/02/10 15:42:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Ableton
[2006/12/01 22:01:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Atari
[2009/02/02 23:20:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\AVG7
[2010/01/27 10:16:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\BitTorrent
[2009/06/26 12:52:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Blitware
[2010/01/18 02:12:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Camfrog
[2007/10/22 01:28:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\CamTrack
[2010/01/30 01:56:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\DNA
[2007/05/06 11:00:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\FlashGet
[2007/02/25 17:51:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Line 6
[2007/01/07 14:20:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\MtStudio
[2009/07/11 19:58:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Publish Providers
[2008/10/22 01:16:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\RTPlayer
[2007/02/16 03:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\SoftActivity
[2009/07/11 20:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Sony
[2009/07/11 19:21:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Sony Setup
[2009/12/08 12:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Daniel\Application Data\Tunebite
[2010/01/24 02:33:36 | 00,000,422 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
[2010/01/30 00:00:00 | 00,000,312 | ---- | M] () -- C:\WINDOWS\Tasks\ohimlwho.job
[2010/01/28 16:00:00 | 00,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\{3817CF87-E96D-49DB-AB97-4C9B539FF8CF}_KIBLERC_ckibler.job
[2010/01/27 09:00:00 | 00,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\{71E9434B-3BDF-459E-BFD0-7C325A6DA309}_KIBLERC_ckibler.job
[2009/12/18 16:00:00 | 00,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\{F98B8329-756D-40D4-9FA3-B7169EA91077}_KIBLERC_ckibler.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2005/10/31 09:56:00 | 00,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
< MD5 for: AGP440.SYS >[2004/08/04 00:05:44 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/07 12:59:57 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 00:05:44 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/09/07 12:59:57 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 22:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >[2004/08/04 00:05:44 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/07 12:59:57 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 00:05:44 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/09/07 12:59:57 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004/08/03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/03 23:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/03 23:56:46 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >[2004/08/03 23:56:46 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: VIAMRAID.SYS >[2007/07/17 12:35:20 | 00,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\VRAIDDrv\2K\viamraid.sys
[2007/07/17 12:35:20 | 00,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\VRAIDDrv\drvdisk\x86\NT5\viamraid.sys
[2007/07/17 12:35:20 | 00,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\VRAIDDrv\SRV2003\x86\viamraid.sys
[2007/07/17 12:35:20 | 00,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\VRAIDDrv\XP\x86\viamraid.sys
[2007/07/12 18:35:36 | 00,118,184 | ---- | M] (VIA Technologies inc,.ltd) MD5=7352A2B1CA928AD8A95F75A1D868A0B5 -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\VRAIDDrv\drvdisk\x86\NT4\viamraid.sys
[2007/07/12 18:35:36 | 00,118,184 | ---- | M] (VIA Technologies inc,.ltd) MD5=7352A2B1CA928AD8A95F75A1D868A0B5 -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\VRAIDDrv\NT4\viamraid.sys
[2007/07/13 13:05:28 | 00,120,832 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=9E897F955AB8F912E4C1C9ADAF35762C -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\VRAIDDrv\drvdisk\VISTA\x86\viamraid.sys
[2007/07/13 13:05:28 | 00,120,832 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=9E897F955AB8F912E4C1C9ADAF35762C -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\VRAIDDrv\VISTA\x86\viamraid.sys
< MD5 for: VIPRT.SYS >[2007/12/07 10:12:38 | 00,052,736 | ---- | M] (VIA Technologies, Inc.) MD5=5556A2A71BB486FA9E0D9DAEAD553324 -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\SATAIDE\VISTA\ViPrt.sys
[2007/12/07 10:10:10 | 00,052,736 | ---- | M] (VIA Technologies, Inc.) MD5=884D400F106C5206602185D9B8E34FE4 -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\SATAIDE\SRV2003\ViPrt.sys
[2007/12/07 10:10:10 | 00,052,736 | ---- | M] (VIA Technologies, Inc.) MD5=884D400F106C5206602185D9B8E34FE4 -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\SATAIDE\W2K\ViPrt.sys
[2007/12/07 10:10:10 | 00,052,736 | ---- | M] (VIA Technologies, Inc.) MD5=884D400F106C5206602185D9B8E34FE4 -- C:\Documents and Settings\Daniel\Application Data\Blitware\DriverRobot\downloads\6847e6412cecebd6b107d74212fee22c\VIA_HyperionPro_V515A\SATAIDE\WXP\ViPrt.sys
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
OTL Extras logfile created on: 1/30/2010 1:48:52 AM - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Daniel\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,023.00 Mb Total Physical Memory | 491.00 Mb Available Physical Memory | 48.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 233.76 Gb Total Space | 30.94 Gb Free Space | 13.24% Space Free | Partition Type: NTFS
Drive D: | 19.13 Gb Total Space | 18.73 Gb Free Space | 97.90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 101.60 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
Drive I: | 931.51 Gb Total Space | 131.73 Gb Free Space | 14.14% Space Free | Partition Type: NTFS
Computer Name: KIBLERD
Current User Name: Daniel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.js [@ = JSFile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
jsfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJI PHOTO FILM CO.,LTD.)
Directory [FinePixPrint] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" /p "%1" (FUJI PHOTO FILM CO.,LTD.)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- Reg Error: Key error.
Folder [explore] -- Reg Error: Key error.
Drive [find] -- Reg Error: Key error.
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe" = C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe:*:Enabled:Dreamweaver 8 -- (Macromedia, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\Soulseek\slsk.exe" = C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer -- (LimeWire)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Disabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\Napster\napster.exe" = C:\Program Files\Napster\napster.exe:*:Enabled:Napster -- (Napster)
"C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe" = C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe:*:Enabled:Camfrog Client Module -- (Camshare LC)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime Essentials -- (Nero AG)
"C:\Program Files\Semagic\LiveJournalU.exe" = C:\Program Files\Semagic\LiveJournalU.exe:*:Enabled:Semagic -- (Alexey Semenov)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- File not found
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- File not found
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{031C88EF-4EA5-4A9D-A77D-857A914CAFA5}" = ScanSoft RealSpeak
"{0657913A-18BA-414B-A84D-0302BA3A44AD}" = Tunebite
"{07473686-FC3A-4825-9CA9-97D269145F62}" = Motorola Phone Tools
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{0DDFF679-AEDE-4BD3-8B56-0180A96BD1A7}" = OmniPage Pro 12.0
"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A36CF15-DF66-4756-9482-A9ABF3DDACE6}_is1" = Driver Robot
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{219CB444-F2B6-4A17-8A76-BB7847F3DB26}" = Sony DVD Architect 4.0
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.4.2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 14
"{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}" = TurboTax ItsDeductible 2005
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{32A72502-BC2C-4C39-ACEA-BC3D463F0697}" = EN
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43A9F944-0398-425E-9E22-201F65FE0CCA}" = QuickCam
"{43C3D832-AC96-463A-2003-1B8D1BFA2523}" = Norton SystemWorks 2003
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = MouseWare 9.60
"{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}" = PixiePack Codec Pack
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8881DA26-43D2-418A-97DE-BB744FBD8BFC}" = Kermit
"{88F54CE8-2A4C-4DC8-93C6-25F57A4F2CDF}" = Matrox PowerDesk-SE
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{934E9442-D305-4ACF-AD87-A6C11D677CB9}" = ImageMixer VCD2 for FinePix
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E78C42C-4FF9-4F41-BBC4-BF872606E79D}_is1" = Driver Robot 1.1.0.13
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A918DE8A-98C8-0950-0000-000000380093}" = Motorola W385 USB - Handset Manager V9.5
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B8EF780F-126C-4CF0-AAB2-1B68BF06BA1C}" = Motorola Driver Installation 3.7.0
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D00353E1-9A80-11D8-A6E6-0000E24CCC1B}" = Digital Camera
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{E11BD6A7-5046-4D25-ABCB-386A54F71033}" = Nero 7 Essentials
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EF2AA69F-67E4-4721-89F9-04F4A177F9C5}" = Motorola Phone Tools
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"7-Zip" = 7-Zip 4.57
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2
"Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AtomTime Pro_is1" = AtomTime Pro 3.1d
"avast!" = avast! Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Battle.net" = Battle.net
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Camfrog 5.3" = Camfrog Video Chat 5.3
"CamfrogBar" = Camfrog IE Toolbar 1.0.29
"CamTrack_is1" = CamTrack
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CdaC13Ba" = SafeCast Shared Components
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"CSCLIB" = Canon Camera Support Core Library
"Diablo" = Diablo
"Diablo II" = Diablo II
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab Decrypter_is1" = DVDFab Decrypter 2.9.7.7
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"Guitar Pro 4.0" = Guitar Pro 4.0
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{71883667-71F2-48A1-AB72-28D518D8AC4A}" = Seagate Manager Installer
"jv16 PowerTools 2009_is1" = jv16 PowerTools 2009
"Line 6 Uninstaller" = Line 6 Uninstaller
"Live 4.1.5" = Live 4.1.5
"Live 5.2.2" = Live 5.2.2
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Matrox Graphics Uninstaller" = Matrox Graphics Software (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MID Converter 4.0" = MID Converter 4.0
"Midi2Wav Recorder" = Midi2Wav Recorder
"Monkey's Audio_is1" = Monkey's Audio
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MP3 Plug-in" = Sonic Foundry MP3 Plug-In
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MultitrackStudio Lite" = MultitrackStudio Lite
"MultitrackStudio_is1" = MultitrackStudio Lite 4.2
"MWASPI" = MicroStaff WINASPI
"Native Instruments Kore Player" = Native Instruments Kore Player
"Native Instruments Service Center" = Native Instruments Service Center
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Norton CleanSweep" = Norton CleanSweep
"Norton Speed Disk" = Norton Speed Disk 7.0 for Windows NT
"Norton Utilities" = Norton Utilities 2003 for Windows
"NVIDIA Drivers" = NVIDIA Drivers
"PhoTagsExpress" = PhoTags Express
"PhotoStitch" = Canon Utilities PhotoStitch
"PopCap Browser Plugin" = PopCap Browser Plugin
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Semagic" = Semagic (remove only)
"Soulseek" = SoulSeek Client 156c
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Vim 6.3" = Vim 6.3 (self-installing)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WIDI Recognition System 2.7" = WIDI Recognition System 2.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Messenger" = Yahoo! Messenger
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 11/22/2009 7:37:35 PM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe failed, 0000001E.
Error - 12/5/2009 11:39:42 PM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe failed, 0000001E.
Error - 12/27/2009 5:26:39 PM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe failed, 0000001E.
Error - 1/1/2010 7:59:42 PM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe failed, 0000001E.
Error - 1/6/2010 5:24:51 AM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe failed, 0000001E.
Error - 1/24/2010 10:29:52 PM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe failed, 0000001E.
Error - 1/27/2010 9:15:22 AM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\PROGRAM FILES\CANON\ZOOMBROWSER EX\PROGRAM\ZOOMBROWSER.EXE failed, 0000001E.
Error - 1/27/2010 9:15:28 AM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Canon\ZoomBrowser EX\Program\ZOOMBR~1.EXE failed, 0000001E.
Error - 1/27/2010 6:25:07 PM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\PROGRAM FILES\CANON\ZOOMBROWSER EX\PROGRAM\ZOOMBROWSER.EXE failed, 0000001E.
Error - 1/27/2010 6:25:13 PM | Computer Name = KIBLERD | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\Canon\ZoomBrowser EX\Program\ZOOMBR~1.EXE failed, 0000001E.
[ Application Events ]
Error - 1/1/2010 7:59:51 PM | Computer Name = KIBLERD | Source = Application Error | ID = 1000
Description = Faulting application ZoomBrowser.exe, version 5.6.0.27, faulting module
ZoomBrowser.exe, version 5.6.0.27, fault address 0x000010b0.
Error - 1/2/2010 2:06:50 PM | Computer Name = KIBLERD | Source = Application Hang | ID = 1002
Description = Hanging application ShowTime.exe, version 3.2.3.6, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 1/2/2010 2:06:50 PM | Computer Name = KIBLERD | Source = Application Hang | ID = 1002
Description = Hanging application ShowTime.exe, version 3.2.3.6, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 1/6/2010 5:24:55 AM | Computer Name = KIBLERD | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Program Files\Canon\ZoomBrowser
EX\Program\ZoomBrowser.exe for one of the following reasons: there is a problem
with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing. Windows closed the
program Zb Module because of this error. Program: Zb Module File: C:\Program Files\Canon\ZoomBrowser
EX\Program\ZoomBrowser.exe The error value is listed in the Additional Data section.
User
Action 1. Open the file again. This situation might be a temporary problem that
corrects itself when the program runs again. 2. If the file still cannot be accessed
and - It is on the network, your network administrator should verify that there
is not a problem with the network and that the server can be contacted. - It is on
a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is
fully inserted into the computer. 3. Check and repair the file system by running
CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At
the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists,
restore the file from a backup copy. 5. Determine whether other files on the same
disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact
your administrator or computer hardware vendor for further assistance. Additional
Data Error value: C000009C Disk type: 3
Error - 1/6/2010 5:25:09 AM | Computer Name = KIBLERD | Source = Application Error | ID = 1000
Description = Faulting application ZoomBrowser.exe, version 5.6.0.27, faulting module
ZoomBrowser.exe, version 5.6.0.27, fault address 0x000010b0.
Error - 1/10/2010 11:01:25 PM | Computer Name = KIBLERD | Source = Application Error | ID = 1000
Description = Faulting application illustrator.exe, version 12.0.128.0, faulting
module unknown, version 0.0.0.0, fault address 0x00000065.
Error - 1/10/2010 11:10:40 PM | Computer Name = KIBLERD | Source = Application Hang | ID = 1002
Description = Hanging application winamp.exe, version 5.5.6.2512, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 1/24/2010 4:42:48 AM | Computer Name = KIBLERD | Source = Application Error | ID = 1000
Description = Faulting application illustrator.exe, version 12.0.128.0, faulting
module illustrator.exe, version 12.0.128.0, fault address 0x00446e61.
Error - 1/24/2010 10:29:55 PM | Computer Name = KIBLERD | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Program Files\Canon\ZoomBrowser
EX\Program\ZoomBrowser.exe for one of the following reasons: there is a problem
with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing. Windows closed the
program Zb Module because of this error. Program: Zb Module File: C:\Program Files\Canon\ZoomBrowser
EX\Program\ZoomBrowser.exe The error value is listed in the Additional Data section.
User
Action 1. Open the file again. This situation might be a temporary problem that
corrects itself when the program runs again. 2. If the file still cannot be accessed
and - It is on the network, your network administrator should verify that there
is not a problem with the network and that the server can be contacted. - It is on
a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is
fully inserted into the computer. 3. Check and repair the file system by running
CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At
the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists,
restore the file from a backup copy. 5. Determine whether other files on the same
disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact
your administrator or computer hardware vendor for further assistance. Additional
Data Error value: C000009C Disk type: 3
Error - 1/24/2010 10:30:03 PM | Computer Name = KIBLERD | Source = Application Error | ID = 1000
Description = Faulting application ZoomBrowser.exe, version 5.6.0.27, faulting module
ZoomBrowser.exe, version 5.6.0.27, fault address 0x000010b0.
[ System Events ]
Error - 1/30/2010 1:52:32 AM | Computer Name = KIBLERD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 1/30/2010 1:52:43 AM | Computer Name = KIBLERD | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 1/30/2010 1:55:17 AM | Computer Name = KIBLERD | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 1/30/2010 1:56:17 AM | Computer Name = KIBLERD | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 1/30/2010 1:56:19 AM | Computer Name = KIBLERD | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 1/30/2010 1:56:20 AM | Computer Name = KIBLERD | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 1/30/2010 1:56:22 AM | Computer Name = KIBLERD | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 1/30/2010 1:56:23 AM | Computer Name = KIBLERD | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 1/30/2010 1:56:25 AM | Computer Name = KIBLERD | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 1/30/2010 1:56:28 AM | Computer Name = KIBLERD | Source = Service Control Manager | ID = 7000
Description = The Lexmark X73 MFP Scanner service failed to start due to the following
error: %%1058
< End of report >