Hi,
This computer is running XP Media Edition. I'm not certain it's infected, but I think it may be. It's a Dell Inspiron, and it's had it's share of problems included AntirVurs Pro 10 or whatever it's called that creates fake scans, and pop-ups. I'd just like to know if it's gone, all my scans from the 800 spyware programs I run come back clean, but I still get the feeling nothing is gone because similar problems pop up every month or so.
OTL logfile created on: 11/2/2009 4:53:35 PM - Run 1
OTL by OldTimer - Version 3.1.1.8 Folder = C:\Documents and Settings\Barb Bowman\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.37 Mb Total Physical Memory | 499.68 Mb Available Physical Memory | 48.87% Memory free
2.40 Gb Paging File | 1.59 Gb Available in Paging File | 66.12% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80.66 Gb Total Space | 54.66 Gb Free Space | 67.77% Space Free | Partition Type: NTFS
Drive D: | 25.52 Gb Total Space | 25.45 Gb Free Space | 99.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D1XNCHB1
Current User Name: Barb Bowman
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2009/10/31 20:56:12 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barb Bowman\Desktop\OTL.exe
PRC - [2009/10/28 22:15:17 | 00,788,368 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/10/28 22:15:16 | 01,179,232 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/10/23 14:46:41 | 02,000,112 | ---- | M] (S*PERAntiSpyware.com) -- C:\Program Files\S*PERAntiSpyware\S*PERAntiSpyware.EXE
PRC - [2009/09/17 13:29:04 | 00,645,328 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/09/16 13:48:40 | 00,092,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/09/16 09:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/09/15 09:23:54 | 00,894,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/07/26 15:44:34 | 03,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 13:48:48 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/02/06 16:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/02/06 05:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/01/01 20:45:45 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/26 10:33:42 | 00,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2006/04/06 14:57:54 | 00,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/24 16:30:44 | 00,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/03/08 11:48:02 | 00,761,947 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/02/15 23:33:12 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2006/02/15 23:33:12 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005/12/28 12:04:56 | 00,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2005/12/28 11:56:16 | 00,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005/12/28 11:55:40 | 00,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005/12/28 11:52:32 | 00,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005/12/28 11:47:10 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2005/12/28 11:45:02 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2005/12/28 11:44:24 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2005/08/12 14:43:58 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/08/12 14:43:58 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/07/06 05:14:12 | 00,471,040 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\lxcecoms.exe
PRC - [2005/06/10 10:44:02 | 00,618,496 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
PRC - [2005/06/10 10:44:02 | 00,249,856 | ---- | M] (InstallShield Software Corporation) -- c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2005/06/10 10:44:02 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/12/06 01:05:00 | 00,127,035 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfswctrl.exe
PRC - [2004/08/04 05:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2004/04/11 20:15:14 | 00,290,816 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\Media Experience\PCMService.exe
PRC - [2003/10/29 02:06:00 | 00,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
========== Win32 Services (SafeList) ========== SRV - [2009/10/28 22:15:16 | 01,179,232 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
SRV - [2009/09/16 13:48:40 | 00,092,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
SRV - [2009/09/16 10:23:32 | 00,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe
SRV - [2009/09/16 09:22:08 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
SRV - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
SRV - [2009/09/15 09:23:54 | 00,894,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe
SRV - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
SRV - [2009/07/08 19:22:22 | 00,068,112 | ---- | M] (McAfee) -- C:\Program Files\McAfee\MBK\MBackMonitor.exe
SRV - [2009/07/08 13:48:48 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\MskSrver.exe
SRV - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
SRV - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
SRV - [2009/01/01 20:45:45 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
SRV - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
SRV - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
SRV - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
SRV - [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
SRV - [2007/07/27 09:41:38 | 00,026,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spupdsvc.exe
SRV - [2007/03/07 14:47:46 | 00,076,848 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
SRV - [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
SRV - [2006/06/26 10:33:56 | 00,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
SRV - [2006/06/26 10:33:42 | 00,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
SRV - [2006/04/06 14:57:54 | 00,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
SRV - [2006/02/15 23:33:12 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
SRV - [2005/12/28 12:04:56 | 00,262,217 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
SRV - [2005/12/28 11:47:10 | 00,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
SRV - [2005/12/28 11:45:02 | 00,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
SRV - [2005/12/28 11:44:24 | 00,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
SRV - [2005/07/06 05:14:12 | 00,471,040 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxcecoms.exe
SRV - [2004/07/15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
========== Driver Services (SafeList) ========== DRV - [2009/09/23 07:55:23 | 00,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys
DRV - [2009/09/16 09:22:48 | 00,214,664 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys
DRV - [2009/09/16 09:22:48 | 00,079,816 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys
DRV - [2009/09/16 09:22:48 | 00,040,552 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfesmfk.sys
DRV - [2009/09/16 09:22:48 | 00,035,272 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys
DRV - [2009/09/16 09:22:14 | 00,034,248 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdk.sys
DRV - [2009/08/05 15:06:30 | 00,007,408 | R--- | M] ( s*peradblocker.com and S*PERAntiSpyware.com) -- C:\Program Files\S*PERAntiSpyware\SASENUM.SYS
DRV - [2009/08/05 15:06:28 | 00,074,480 | ---- | M] (s*peradblocker.com and S*PERAntiSpyware.com) -- C:\Program Files\S*PERAntiSpyware\SASKUTIL.SYS
DRV - [2009/08/05 15:06:28 | 00,009,968 | ---- | M] (s*peradblocker.com and S*PERAntiSpyware.com) -- C:\Program Files\S*PERAntiSpyware\sasdifsv.sys
DRV - [2009/07/13 19:17:44 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys
DRV - [2009/04/09 13:23:02 | 00,120,136 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\Mpfp.sys
DRV - [2009/01/05 00:24:46 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\system32\drivers\gmer.sys
DRV - [2008/11/07 14:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys
DRV - [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
DRV - [2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys
DRV - [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys
DRV - [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys
DRV - [2008/04/13 11:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys
DRV - [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys
DRV - [2007/02/25 11:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\drivers\dsunidrv.sys
DRV - [2006/10/05 15:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
DRV - [2006/07/27 16:52:28 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\system32\drivers\asctrm.sys
DRV - [2006/07/27 16:43:18 | 00,021,275 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\system32\drivers\AegisP.sys
DRV - [2006/06/26 10:33:40 | 00,023,472 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys
DRV - [2006/06/26 10:33:36 | 01,952,816 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys
DRV - [2006/06/26 10:33:28 | 01,587,632 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\Lvckap.sys
DRV - [2006/06/22 17:29:46 | 00,038,960 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys
DRV - [2006/06/22 17:29:28 | 00,720,176 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LV302AV.SYS
DRV - [2006/06/22 17:29:27 | 00,012,080 | R--- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lv302af.sys
DRV - [2006/03/24 16:34:30 | 01,156,648 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys
DRV - [2006/03/08 11:35:10 | 00,191,872 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys
DRV - [2006/02/15 23:39:00 | 01,421,312 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys
DRV - [2005/12/28 13:22:08 | 00,013,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\s24trans.sys
DRV - [2005/12/04 09:55:30 | 01,428,096 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\drivers\w39n51.sys
DRV - [2005/10/14 08:40:18 | 00,307,968 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rixdptsk.sys
DRV - [2005/10/14 08:40:18 | 00,051,328 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rimsptsk.sys
DRV - [2005/10/14 08:40:18 | 00,028,544 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rimmptsk.sys
DRV - [2005/08/12 17:50:46 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
DRV - [2005/08/05 09:32:16 | 00,045,312 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys
DRV - [2005/07/21 20:02:12 | 01,035,008 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys
DRV - [2005/07/21 20:01:08 | 00,201,600 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys
DRV - [2005/07/21 20:01:00 | 00,717,952 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys
DRV - [2004/12/06 01:05:00 | 00,100,603 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudfa.sys
DRV - [2004/12/06 01:05:00 | 00,098,714 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnudf.sys
DRV - [2004/12/06 01:05:00 | 00,086,586 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnifs.sys
DRV - [2004/12/06 01:05:00 | 00,034,843 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsncofs.sys
DRV - [2004/12/06 01:05:00 | 00,025,883 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnboio.sys
DRV - [2004/12/06 01:05:00 | 00,015,227 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnopio.sys
DRV - [2004/12/06 01:05:00 | 00,006,363 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsnpool.sys
DRV - [2004/12/06 01:05:00 | 00,004,123 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndrct.sys
DRV - [2004/12/06 01:05:00 | 00,002,239 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\dla\tfsndres.sys
DRV - [2004/12/01 03:22:00 | 00,087,488 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvmcdb.sys
DRV - [2004/11/23 02:56:00 | 00,040,480 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\drvnddm.sys
DRV - [2004/08/04 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys
DRV - [2004/08/03 22:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys
DRV - [2004/07/14 11:29:04 | 00,005,627 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys
DRV - [2004/07/14 11:28:50 | 00,023,545 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\ssrtln.sys
DRV - [2004/03/16 20:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys
DRV - [2004/02/13 09:46:00 | 00,017,153 | ---- | M] (Dell Inc) -- C:\WINDOWS\system32\drivers\omci.sys
DRV - [2001/08/17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys
DRV - [2001/08/17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys
DRV - [2001/08/17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys
DRV - [2001/08/17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys
DRV - [2001/08/17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys
DRV - [2001/08/17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys
DRV - [2001/08/17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys
DRV - [2001/08/17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys
DRV - [2001/08/17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys
DRV - [2001/08/17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
DRV - [2001/08/17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys
DRV - [2001/08/17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys
DRV - [2001/08/17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys
DRV - [2001/08/17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys
DRV - [2001/08/17 13:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys
DRV - [2001/08/17 12:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys
========== Modules (SafeList) ========== MOD - [2009/10/31 20:56:12 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barb Bowman\Desktop\OTL.exe
MOD - [2008/04/13 19:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/13 19:11:53 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2006/06/26 10:33:42 | 00,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL =
http://www.google.com/ig/dell?hl=en&cli ... channel=usIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/hws/sb/dell-usuk/ ... channel=usIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
http://www.google.com/ig/dell?hl=en&cli ... channel=us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/dell?hl=en&cli ... channel=usIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com/hws/sb/dell-usuk/ ... channel=usIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/ig?hl=enIE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Kiwee Live Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
FF - prefs.js..extensions.enabledItems: {ff356687-aa08-463d-a46c-11c451824939}:4.2.4
FF - prefs.js..keyword.URL: "http://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/01/01 20:45:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2009/10/24 17:33:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/02 16:49:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/29 11:43:00 | 00,000,000 | ---D | M]
[2009/06/21 14:01:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions\{ff356687-aa08-463d-a46c-11c451824939}
[2009/08/26 19:32:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/07/26 10:46:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2009/07/26 10:41:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions\{3fb63340-652a-11dd-ad8b-0800200c9a66}
[2009/10/31 20:56:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions
[2009/01/17 16:59:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/01/17 16:59:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Extensions
[2009/01/17 16:59:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Extensions
[2009/01/17 16:59:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/31 20:56:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions
[2009/07/26 10:41:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions\{3fb63340-652a-11dd-ad8b-0800200c9a66}
[2009/07/26 10:46:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2009/08/26 19:32:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/06/21 14:01:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\extensions\{ff356687-aa08-463d-a46c-11c451824939}
[2009/04/02 19:12:28 | 00,002,354 | ---- | M] () -- C:\Documents and Settings\Barb Bowman\Application Data\Mozilla\Firefox\Profiles\q9x4oej3.default\searchplugins\kiwee-live-search.xml
[2009/01/01 20:46:22 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/10/29 11:43:00 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/31 20:56:15 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/31 20:56:15 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/29 11:43:00 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/01 20:46:22 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/10/16 15:08:14 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/10/16 15:08:15 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/07/13 19:16:26 | 01,044,480 | ---- | M] (The OpenSSL Project,
http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2009/01/01 20:45:46 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/07/13 19:15:48 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009/07/13 19:15:58 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2009/10/16 15:08:16 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/10/26 19:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2008/12/30 21:54:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2008/12/30 21:54:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2008/12/30 21:54:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2008/12/30 21:54:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2008/12/30 21:54:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2008/12/30 21:54:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2008/12/30 21:54:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/07/13 19:16:26 | 00,200,704 | ---- | M] (The OpenSSL Project,
http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
[2009/10/16 12:58:44 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/10/16 12:58:44 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/10/16 12:58:44 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/10/16 12:58:44 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/10/16 12:58:44 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/10/16 12:58:44 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/10/16 12:58:44 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LXCECATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.DLL ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\Media Experience\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\Barb Bowman\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: CabBuilder
http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.92.226.40 24.92.226.41
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\S*PERAntiSpyware\SASWINLO.DLL - C:\Program Files\S*PERAntiSpyware\SASWINLO.DLL (S*PERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: soyatehik - {eb7b13eb-f69f-4942-bf7b-4ce2fecefe2f} - C:\WINDOWS\System32\vowuzehu.dll File not found
O22 - SharedTaskScheduler: {eb7b13eb-f69f-4942-bf7b-4ce2fecefe2f} - jugezatag - C:\WINDOWS\System32\vowuzehu.dll File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\S*PERAntiSpyware\SASSEH.DLL (s*peradblocker.com)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\iifdbBrP) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5f5a0e36-c241-11de-afef-0015c5a69b2d}\Shell\AutoRun\command - "" = wd_windows_tools\WDSetup.exe
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ========== [2009/11/02 16:51:32 | 00,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Barb Bowman\Desktop\ATF-Cleaner.exe
[2009/10/31 20:56:11 | 00,528,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Barb Bowman\Desktop\OTL.exe
[2009/10/31 11:10:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/10/30 10:26:27 | 00,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/10/30 10:25:26 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009/10/30 10:23:09 | 00,000,000 | ---D | C] -- C:\b0b603f289eb8924c4
[2009/10/30 10:23:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/10/30 10:23:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/10/30 10:22:15 | 00,000,000 | ---D | C] -- C:\8c6b1c80fe699d31943d9b3773
[2009/10/29 22:12:12 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/29 22:12:08 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/29 22:12:07 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/29 22:09:21 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Barb Bowman\Desktop\mbam-setup.exe
[2009/10/29 10:42:46 | 25,198,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/10/28 23:23:43 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Barb Bowman\Recent
[2009/10/28 23:00:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2009/10/28 22:58:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/10/28 22:56:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/10/28 22:16:17 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009/10/28 22:16:06 | 00,093,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009/10/28 22:11:41 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/10/28 22:10:56 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/10/28 22:10:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009/10/28 21:59:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/10/23 12:40:42 | 00,000,000 | ---D | C] -- C:\Program Files\ebsnic
[2009/10/22 18:26:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Barb Bowman\Application Data\DivX
[2009/10/15 15:52:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\Temp
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\Barb Bowman\My Documents\*.tmp files -> C:\Documents and Settings\Barb Bowman\My Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2009/11/02 16:51:54 | 04,194,304 | -H-- | M] () -- C:\Documents and Settings\Barb Bowman\NTUSER.DAT
[2009/11/02 16:51:46 | 00,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Barb Bowman\Desktop\ATF-Cleaner.exe
[2009/11/02 15:01:28 | 00,141,312 | ---- | M] () -- C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/02 14:23:44 | 00,016,063 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/10/31 22:16:31 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/31 20:56:12 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Barb Bowman\Desktop\OTL.exe
[2009/10/31 11:13:06 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/30 17:00:00 | 00,000,328 | ---- | M] () -- C:\WINDOWS\tasks\drrfophh.job
[2009/10/30 16:04:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/30 16:04:00 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/30 16:03:57 | 10,721,03424 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/30 16:02:42 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Barb Bowman\ntuser.ini
[2009/10/30 12:46:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/30 11:52:26 | 00,000,782 | ---- | M] () -- C:\Documents and Settings\Barb Bowman\Desktop\Windows Media Player.lnk
[2009/10/30 11:52:07 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/30 11:52:06 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/10/30 11:52:06 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/10/30 11:45:35 | 00,000,508 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/30 10:24:12 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/10/30 10:23:07 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/10/29 22:12:16 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/29 22:11:51 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Barb Bowman\Desktop\mbam-setup.exe
[2009/10/29 21:21:27 | 00,003,250 | ---- | M] () -- C:\Documents and Settings\Barb Bowman\Application Data\wklnhst.dat
[2009/10/29 17:18:18 | 00,843,167 | ---- | M] () -- C:\Documents and Settings\Barb Bowman\Desktop\SecurityCheck.exe
[2009/10/29 11:43:03 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/28 23:00:26 | 00,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[2009/10/28 22:17:18 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\melajezo
[2009/10/28 22:16:00 | 00,093,360 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2009/10/28 22:15:58 | 00,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/28 21:00:36 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/28 21:00:36 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2009/10/28 18:19:03 | 00,025,600 | ---- | M] () -- C:\Documents and Settings\Barb Bowman\My Documents\Cubist - Cover Letter 2.doc
[2009/10/26 22:45:59 | 00,039,424 | ---- | M] () -- C:\Documents and Settings\Barb Bowman\Desktop\ALT 3-2.doc
[2009/10/23 12:41:10 | 00,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/15 00:22:01 | 00,000,358 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/10/07 08:38:46 | 00,064,312 | ---- | M] () -- C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/07 08:37:08 | 00,243,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\Barb Bowman\My Documents\*.tmp files -> C:\Documents and Settings\Barb Bowman\My Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2009/10/30 10:23:07 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/10/30 10:23:05 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/10/29 22:12:16 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/29 17:18:14 | 00,843,167 | ---- | C] () -- C:\Documents and Settings\Barb Bowman\Desktop\SecurityCheck.exe
[2009/10/28 23:46:07 | 00,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/10/28 23:00:25 | 00,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Acrobat.com.lnk
[2009/10/28 22:17:09 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/28 18:19:02 | 00,025,600 | ---- | C] () -- C:\Documents and Settings\Barb Bowman\My Documents\Cubist - Cover Letter 2.doc
[2009/10/26 21:55:46 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\Barb Bowman\Desktop\ALT 3-2.doc
[2009/02/12 21:33:40 | 00,141,312 | ---- | C] () -- C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/05 00:24:48 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2009/01/05 00:24:46 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/10/09 21:12:43 | 00,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2008/10/09 21:12:43 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2007/12/26 12:17:46 | 00,057,432 | ---- | C] () -- C:\Documents and Settings\Barb Bowman\Application Data\GDIPFONTCACHEV1.DAT
[2006/12/29 17:04:31 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2006/12/29 17:04:31 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2006/12/29 17:01:08 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcevs.dll
[2006/11/07 21:20:27 | 00,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/10/31 20:20:34 | 00,022,334 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/10/30 18:21:55 | 00,056,416 | ---- | C] () -- C:\Program Files\IN
[2006/09/19 19:04:41 | 00,002,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/08/24 17:42:19 | 00,003,250 | ---- | C] () -- C:\Documents and Settings\Barb Bowman\Application Data\wklnhst.dat
[2006/08/04 19:55:32 | 00,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/08/04 19:55:32 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\87B3F6FBE7.sys
[2006/08/04 19:55:02 | 00,064,312 | ---- | C] () -- C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/08/04 19:01:38 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Barb Bowman\Application Data\desktop.ini
[2006/08/04 19:01:37 | 04,816,196 | -H-- | C] () -- C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\IconCache.db
[2006/08/04 19:01:37 | 00,000,137 | ---- | C] () -- C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\fusioncache.dat
[2006/07/27 17:11:47 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/07/27 17:00:26 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/07/27 16:56:02 | 00,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/07/27 16:53:12 | 00,000,250 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/07/27 16:46:33 | 00,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/07/27 16:18:55 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/07/27 16:17:13 | 00,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/06/26 10:33:40 | 00,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2005/04/09 10:04:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 13:12:05 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:41 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/08/10 12:51:28 | 00,000,508 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/10 12:51:26 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
========== LOP Check ========== [2009/08/09 16:50:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2006/07/27 16:48:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/01/26 12:47:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2006/12/22 02:31:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
[2006/12/29 17:03:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FaxCtr
[2006/07/27 16:43:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2004/08/10 13:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2008/01/26 12:48:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2008/12/30 21:56:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/10/28 22:12:00 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/08/26 19:27:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Any Video Converter
[2006/07/27 17:07:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\ATI
[2006/11/07 21:16:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\CyberLink
[2006/12/29 18:22:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\FaxCtr
[2009/08/02 13:13:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\GetRightToGo
[2006/07/27 16:43:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Intel
[2007/01/04 18:36:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Leadertech
[2009/10/29 21:16:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Move Networks
[2008/04/10 20:01:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Barb Bowman\Application Data\Template
[2009/10/31 22:16:31 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2004/08/04 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/30 17:00:00 | 00,000,328 | ---- | M] () -- C:\WINDOWS\Tasks\drrfophh.job
[2009/10/15 00:22:01 | 00,000,358 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2009/10/30 16:04:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ========== < End of report >
__________________________________________________________________________________________________
OTL Extras logfile created on: 11/2/2009 4:53:35 PM - Run 1
OTL by OldTimer - Version 3.1.1.8 Folder = C:\Documents and Settings\Barb Bowman\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.37 Mb Total Physical Memory | 499.68 Mb Available Physical Memory | 48.87% Memory free
2.40 Gb Paging File | 1.59 Gb Available in Paging File | 66.12% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80.66 Gb Total Space | 54.66 Gb Free Space | 67.77% Space Free | Partition Type: NTFS
Drive D: | 25.52 Gb Total Space | 25.45 Gb Free Space | 99.75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D1XNCHB1
Current User Name: Barb Bowman
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MI1933~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UACDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" = C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Disabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- File not found
"C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Barb Bowman\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- File not found
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)
"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe" = C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe:*:Enabled:ZCfgSvc -- (Intel Corporation)
"C:\Program Files\Windows Live\Contacts\wlcomm.exe" = C:\Program Files\Windows Live\Contacts\wlcomm.exe:*:Enabled:wlcomm -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{06040048-3E21-46D6-9A91-D927BA08F41D}" = Microsoft Encarta Encyclopedia Standard 2006
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0D251F37-10CB-46DF-BFA0-4702218DB0B6}" = ATI Catalyst Control Center
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{17E3A651-12B9-4149-BAE8-E6FB9A5ADC4F}" = Microsoft Works Suite Add-in for Microsoft Word
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3EE9EB18-62AD-4F68-AD11-2DF358CBDCA2}" = RollerCoaster Tycoon
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{5D95AD35-368F-47D5-B63A-A082DDF00116}" = Microsoft Digital Image Standard 2006 Editor
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{691F4068-81BF-49E3-B32E-FE3E16400112}" = Microsoft Digital Image Standard 2006 Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83ED1E80-A1B7-4226-BCF1-AC4A88151A6B}" = Microsoft Streets & Trips 2006
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}" = UMVPLStandalone
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{911B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{B9BD9BF5-F1D1-4904-B348-40D0E9FF0023}" = Scooby-Doo 2 - Monsters Unleashed
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = S*PERAntiSpyware Free Edition
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DE1AF137-C455-494A-A817-EFE44BCCFDEE}" = Works Upgrade
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}" = Logitech QuickCam
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any Video Converter_is1" = Any Video Converter 2.7.6
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Game Console" = Dell Game Console
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007 Trial
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Lexmark 4300 Series" = Lexmark 4300 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2006b" = Microsoft Money 2006
"Mozilla Firefox (3.5.4)" = Mozilla Firefox (3.5.4)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PictureItPrem_v11" = Microsoft Digital Image Standard 2006
"ProInst" = Intel(R) PROSet/Wireless Software
"QcDrv" = Logitech® Camera Driver
"RealPlayer 6.0" = RealPlayer Basic
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2006Setup" = Microsoft Works Suite 2006 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 10/30/2009 3:18:07 PM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 11402
Description = Product: Microsoft Word 2002 -- Error 1402. Setup cannot open the
registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL.
Verify that you have sufficient permissions to access the registry or contact
your computer manufacturer's product support for assistance.
Error - 10/30/2009 3:18:13 PM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Word 2002 - Update '{DA256408-A2E7-41A5-8AD6-62ACB86A0FD7}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support:
http://go.microsoft.com/fwlink/?LinkId=23127 Error - 10/31/2009 12:12:12 PM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 11402
Description = Product: Microsoft Word 2002 -- Error 1402. Setup cannot open the
registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL.
Verify that you have sufficient permissions to access the registry or contact
your computer manufacturer's product support for assistance.
Error - 10/31/2009 12:12:19 PM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Word 2002 - Update '{DA256408-A2E7-41A5-8AD6-62ACB86A0FD7}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support:
http://go.microsoft.com/fwlink/?LinkId=23127 Error - 11/1/2009 3:01:41 AM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 11402
Description = Product: Microsoft Word 2002 -- Error 1402. Setup cannot open the
registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL.
Verify that you have sufficient permissions to access the registry or contact
your computer manufacturer's product support for assistance.
Error - 11/1/2009 3:01:48 AM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Word 2002 - Update '{DA256408-A2E7-41A5-8AD6-62ACB86A0FD7}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support:
http://go.microsoft.com/fwlink/?LinkId=23127 Error - 11/1/2009 12:35:32 PM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 11402
Description = Product: Microsoft Word 2002 -- Error 1402. Setup cannot open the
registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL.
Verify that you have sufficient permissions to access the registry or contact
your computer manufacturer's product support for assistance.
Error - 11/1/2009 12:35:38 PM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Word 2002 - Update '{DA256408-A2E7-41A5-8AD6-62ACB86A0FD7}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support:
http://go.microsoft.com/fwlink/?LinkId=23127 Error - 11/2/2009 11:09:23 AM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 11402
Description = Product: Microsoft Word 2002 -- Error 1402. Setup cannot open the
registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL.
Verify that you have sufficient permissions to access the registry or contact
your computer manufacturer's product support for assistance.
Error - 11/2/2009 11:09:29 AM | Computer Name = D1XNCHB1 | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft Word 2002 - Update '{DA256408-A2E7-41A5-8AD6-62ACB86A0FD7}'
could not be installed. Error code 1603. Windows Installer can create logs to help
troubleshoot issues with installing software packages. Use the following link for
instructions on turning on logging support:
http://go.microsoft.com/fwlink/?LinkId=23127 [ OSession Events ]
Error - 8/9/2009 8:24:29 PM | Computer Name = D1XNCHB1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 67
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10/30/2009 3:18:18 PM | Computer Name = D1XNCHB1 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Office XP Service Pack 3.
Error - 10/30/2009 5:05:18 PM | Computer Name = D1XNCHB1 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.
Error - 10/30/2009 5:05:18 PM | Computer Name = D1XNCHB1 | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053
Error - 10/31/2009 12:10:10 PM | Computer Name = D1XNCHB1 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.10 on
the Network Card with network address 001302BD0F8B.
Error - 10/31/2009 12:12:24 PM | Computer Name = D1XNCHB1 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Office XP Service Pack 3.
Error - 11/1/2009 3:04:12 AM | Computer Name = D1XNCHB1 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Office XP Service Pack 3.
Error - 11/1/2009 12:33:33 PM | Computer Name = D1XNCHB1 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.10 on
the Network Card with network address 001302BD0F8B.
Error - 11/1/2009 12:38:08 PM | Computer Name = D1XNCHB1 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Office XP Service Pack 3.
Error - 11/1/2009 5:07:35 PM | Computer Name = D1XNCHB1 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.10 on
the Network Card with network address 001302BD0F8B.
Error - 11/2/2009 11:11:41 AM | Computer Name = D1XNCHB1 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Office XP Service Pack 3.
< End of report >
__________________________________________________________
Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
(UAC is disabled!) ``````````````````````````````
Antivirus/Firewall Check: Windows Firewall Enabled!
McAfee SecurityCenter
``````````````````````````````
Anti-malware/Other Utilities Check: Ad-Aware
S*PERAntiSpyware Free Edition
Gmer
HijackThis 2.0.2
CCleaner (remove only)
Java(TM) 6 Update 11
Java 2 Runtime Environment, SE v1.4.2_03
Out of date Java installed! Adobe Flash Player 10
``````````````````````````````
Process Check:
objlist.exe by Laurent Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled! ``````````````````````````````
DNS Vulnerability Check: Unknown. This method cannot test your vulnerability to DNS cache poisoning. `````````End of Log```````````
Login
Register
FAQ
Search
