OTL.txt:
OTL logfile created on: 3/9/2010 10:43:08 PM - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\Viktor Vutov\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
494.00 Mb Total Physical Memory | 158.00 Mb Available Physical Memory | 32.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.95 Gb Total Space | 2.68 Gb Free Space | 9.59% Space Free | Partition Type: NTFS
Drive D: | 46.58 Gb Total Space | 35.02 Gb Free Space | 75.17% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VUTOV-S-TOSHIBA
Current User Name: Viktor Vutov
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/03/09 22:39:38 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Viktor Vutov\My Documents\Downloads\OTL.exe
PRC - [2010/02/24 13:12:27 | 001,709,296 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\casc.exe
PRC - [2010/02/24 12:42:31 | 000,251,120 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
PRC - [2010/02/24 12:42:28 | 001,058,032 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe
PRC - [2010/02/24 12:42:27 | 000,206,064 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
PRC - [2009/11/20 21:09:16 | 000,212,992 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
PRC - [2009/10/23 12:52:45 | 000,464,312 | ---- | M] (CallingID Ltd.) -- C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Light\CAGlobalLight.exe
PRC - [2009/08/04 11:42:18 | 000,887,288 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
PRC - [2009/07/31 17:30:14 | 000,150,008 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
PRC - [2009/07/27 16:40:44 | 000,227,832 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
PRC - [2009/07/13 11:39:14 | 000,760,664 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/11/29 17:55:44 | 000,569,405 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe
PRC - [2004/11/29 17:50:00 | 000,254,007 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
PRC - [2004/07/12 20:06:00 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe
PRC - [2004/06/16 23:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2003/01/15 16:24:14 | 000,102,400 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\Toshiba\Power Management\CePMTray.exe
PRC - [2003/01/14 23:52:26 | 000,561,152 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\Toshiba\E-KEY\CeEKey.exe
PRC - [2002/10/17 12:21:38 | 000,159,744 | ---- | M] (TOSHIBA Corporation) -- C:\TOSHIBA\ivp\ISM\pinger.exe
PRC - [2002/10/04 20:24:18 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2002/08/20 18:29:26 | 000,040,960 | R--- | M] (Easy Systems Japan Ltd.) -- C:\WINDOWS\system32\ezSP_Px.exe
========== Modules (SafeList) ==========
MOD - [2010/03/09 22:39:38 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Viktor Vutov\My Documents\Downloads\OTL.exe
MOD - [2010/01/27 15:25:22 | 000,083,184 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-8.0.0.261\QOEHook.dll
MOD - [2009/10/23 12:53:03 | 001,447,352 | ---- | M] (CallingID Ltd.) -- C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\CIDLinkAdvisor.dll
MOD - [2009/07/01 11:55:58 | 000,113,144 | ---- | M] (CA) -- C:\WINDOWS\system32\UmxSbxExw.dll
MOD - [2009/04/01 10:45:50 | 000,272,888 | ---- | M] (CA) -- C:\WINDOWS\system32\UmxSbxw.dll
MOD - [2008/04/14 00:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/11/29 17:56:52 | 000,053,248 | ---- | M] () -- C:\Program Files\IOGEAR\Bluetooth Software\BTKeyInd.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/02/24 12:42:31 | 000,251,120 | ---- | M] (CA, Inc.) [On_Demand | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2010/02/24 12:42:27 | 000,206,064 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2009/11/20 21:09:16 | 000,212,992 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe -- (CAISafe)
SRV - [2009/08/04 11:42:18 | 000,887,288 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe -- (UmxAgent)
SRV - [2009/07/31 17:30:14 | 000,150,008 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe -- (UmxFwHlp)
SRV - [2009/07/27 16:40:44 | 000,227,832 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe -- (UmxPol)
SRV - [2009/07/13 11:39:14 | 000,760,664 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe -- (UmxCfg)
SRV - [2005/03/30 14:46:56 | 000,411,920 | ---- | M] (Eastman Kodak Company) [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2004/11/29 17:50:00 | 000,254,007 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2004/07/12 20:06:00 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2004/06/16 23:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2002/10/04 20:24:18 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
========== Driver Services (SafeList) ==========
DRV - [2009/09/30 17:51:00 | 000,239,608 | ---- | M] (CA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2009/09/30 17:51:00 | 000,078,840 | ---- | M] (CA) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/09/30 17:51:00 | 000,060,920 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2009/09/02 18:29:58 | 000,053,240 | ---- | M] (CA) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2009/08/27 11:14:48 | 000,143,352 | ---- | M] (CA) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\KmxAMRT.sys -- (KmxAMRT)
DRV - [2009/08/14 12:43:50 | 000,145,912 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2009/06/08 11:02:04 | 000,115,704 | ---- | M] (CA) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2009/06/08 11:02:02 | 000,108,024 | ---- | M] (CA) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\kmxstart.sys -- (KmxStart)
DRV - [2009/03/27 16:27:04 | 000,598,656 | ---- | M] (Computer Associates International, Inc.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/11/16 12:02:52 | 000,006,896 | ---- | M] (Compal Electronic Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hkdrv.sys -- (EPOWER)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/02/25 09:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/08/19 12:38:26 | 000,021,616 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Viktor Vutov\Desktop\Everest\Everest UE 4.10.1119-reg\kerneld.wnt -- (EverestDriver)
DRV - [2006/08/21 16:40:46 | 000,244,864 | R--- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvm323.sys -- (ZSMC326) Vimicro USB2.0 PC Camera(VC0323)
DRV - [2006/08/08 11:25:40 | 000,476,672 | R--- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter323.sys -- (vmfilter323)
DRV - [2006/02/07 08:14:30 | 000,034,671 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nipplpt.sys -- (nipplpt2)
DRV - [2005/10/16 05:03:50 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005/06/16 12:41:02 | 000,037,150 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2005/04/11 07:17:42 | 000,173,056 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\odysseyIM4.sys -- (odysseyIM4)
DRV - [2005/03/31 06:00:08 | 000,152,081 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2005/03/31 05:47:56 | 000,070,262 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2005/03/31 05:47:50 | 000,008,022 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
DRV - [2005/03/31 05:47:48 | 000,038,673 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2005/03/31 05:47:42 | 000,061,564 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2004/12/22 20:30:00 | 000,407,360 | ---- | M] (D-Link ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/11/29 23:31:08 | 000,030,125 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2004/11/29 17:36:22 | 000,399,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2004/11/29 17:34:38 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2004/11/29 17:34:32 | 000,222,876 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2004/11/29 17:34:20 | 000,148,040 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2004/11/29 17:33:14 | 001,337,850 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2004/11/29 17:31:46 | 000,044,163 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2004/11/29 17:31:16 | 000,030,299 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2004/11/29 17:30:44 | 000,055,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2004/10/07 08:21:22 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2004/08/22 20:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004/08/22 20:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2004/07/26 01:12:40 | 000,050,048 | R--- | M] (OEM) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\oxser.sys -- (oxser)
DRV - [2004/07/26 01:12:40 | 000,015,872 | R--- | M] (OEM) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\oxmf.sys -- (oxmf)
DRV - [2004/07/26 01:12:40 | 000,004,992 | R--- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\oxmfuf.sys -- (Oxmfuf)
DRV - [2003/10/10 02:23:48 | 000,032,640 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MXOFX.SYS -- (MXOFX) USB Storage Adapter FX (MXO)
DRV - [2003/08/10 06:17:58 | 000,256,568 | R--- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2003/03/25 09:55:04 | 000,027,136 | ---- | M] (Mobile Action Tech. Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MA-620.sys -- (MA-620)
DRV - [2003/03/18 14:05:10 | 000,155,392 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SMCWLAN.sys -- (SMCLN)
DRV - [2003/01/29 21:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002/12/30 12:20:14 | 000,030,775 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wa301a.sys -- ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55})
DRV - [2002/12/19 03:56:34 | 000,005,888 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSIOMngr.sys -- (SrvcSSIOMngr)
DRV - [2002/12/19 03:56:32 | 000,005,888 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EPIOMngr.sys -- (SrvcEPIOMngr)
DRV - [2002/12/19 03:56:32 | 000,005,888 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EKIOMngr.sys -- (SrvcEKIOMngr)
DRV - [2002/11/22 18:21:18 | 001,157,856 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/10/31 17:26:44 | 000,041,216 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (ser2pl)
DRV - [2002/10/07 18:09:58 | 000,019,140 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\Program Files\America Online 8.0a\atwpkt2.sys -- (ATWPKT2)
DRV - [2002/10/04 20:22:16 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/08/28 22:59:26 | 000,154,624 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wlluc48.sys -- (wlluc48)
DRV - [2002/07/18 01:45:48 | 000,004,183 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPIOMngr.sys -- (SrvcTPIOMngr)
DRV - [2002/06/29 00:29:12 | 000,156,672 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wlags48b.sys -- (wlags48b)
DRV - [2002/06/13 19:37:16 | 000,045,568 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/05/15 12:49:54 | 000,063,405 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2002/01/24 22:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)
DRV - [2001/12/11 18:27:58 | 000,314,792 | ---- | M] (Grandtech Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt891x1.sys -- (DCamUSBDXGTech) Trust 350FT PowerC@m Flash (Video Camera)
DRV - [2001/07/05 08:13:14 | 000,018,088 | ---- | M] (Grandtech Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt890x.sys -- (GT890x) Trust 350FT PowerC@m Flash (Still Camera)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-711985713-4290104095-50919101-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-711985713-4290104095-50919101-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-711985713-4290104095-50919101-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-711985713-4290104095-50919101-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-711985713-4290104095-50919101-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/?.home=ytie
IE - HKU\S-1-5-21-711985713-4290104095-50919101-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn9\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-711985713-4290104095-50919101-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-711985713-4290104095-50919101-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-711985713-4290104095-50919101-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mail.yahoo.com"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.10
FF - prefs.js..extensions.enabledItems: {9e1d7c80-43d1-11db-b0de-0800200c9a66}:1.0.2.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100119091315
FF - prefs.js..extensions.enabledItems: {e9259cba-e7ad-4f74-863f-ef9fe935394d}:1.2.0.32
FF - prefs.js..extensions.enabledItems: {8b02914c-4e6b-4410-90e1-1a2b1b69b12d}:1.2.0.32
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.1.0
FF - HKLM\software\mozilla\Firefox\Extensions\\{e9259cba-e7ad-4f74-863f-ef9fe935394d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\Firefox [2010/01/28 23:48:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox [2010/01/28 23:48:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/30 21:49:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/03 02:20:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\Firefox [2010/01/28 23:48:23 | 000,000,000 | ---D | M]
[2008/08/31 10:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Viktor Vutov\Application Data\Mozilla\Extensions
[2010/03/09 20:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Viktor Vutov\Application Data\Mozilla\Firefox\Profiles\orwwglau.default\extensions
[2010/01/30 21:58:12 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Viktor Vutov\Application Data\Mozilla\Firefox\Profiles\orwwglau.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/02/05 10:45:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Viktor Vutov\Application Data\Mozilla\Firefox\Profiles\orwwglau.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/01/30 10:25:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Viktor Vutov\Application Data\Mozilla\Firefox\Profiles\orwwglau.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/19 12:48:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Viktor Vutov\Application Data\Mozilla\Firefox\Profiles\orwwglau.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/09/21 19:48:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Viktor Vutov\Application Data\Mozilla\Firefox\Profiles\orwwglau.default\extensions\{9e1d7c80-43d1-11db-b0de-0800200c9a66}
[2008/12/04 21:22:51 | 000,001,522 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\Application Data\Mozilla\Firefox\Profiles\orwwglau.default\searchplugins\-bg.xml
[2010/03/09 21:49:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2006/04/05 22:57:52 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ThreeShips IE Helper) - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll (ThreeShips enterprises b.v.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (CA Toolbar Helper) - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O3 - HKLM\..\Toolbar: (CA Toolbar) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn9\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-711985713-4290104095-50919101-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-711985713-4290104095-50919101-1005\..\Toolbar\WebBrowser: (CA Toolbar) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O3 - HKU\S-1-5-21-711985713-4290104095-50919101-1005\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-711985713-4290104095-50919101-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn9\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\Toshiba\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [CeEPOWER] C:\Program Files\Toshiba\Power Management\CePMTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BTTray.lnk = C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe File not found
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\BTTray.lnk = C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-711985713-4290104095-50919101-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Yahoo! Search - C:\Program Files\Yahoo!\Common [2008/08/16 22:38:52 | 000,000,000 | ---D | M]
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Yahoo! &Dictionary - C:\Program Files\Yahoo!\Common [2008/08/16 22:38:52 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &Maps - C:\Program Files\Yahoo!\Common [2008/08/16 22:38:52 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! &SMS - C:\Program Files\Yahoo!\Common [2008/08/16 22:38:52 | 000,000,000 | ---D | M]
O9 - Extra Button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - Reg Error: Key error. File not found
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O12 - Plugin for: .UVR - C:\Program Files\Internet Explorer\PLUGINS\NPUPano.dll (Ulead Systems, Inc.)
O15 - HKU\S-1-5-21-711985713-4290104095-50919101-1005\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKU\S-1-5-21-711985713-4290104095-50919101-1005\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKU\S-1-5-21-711985713-4290104095-50919101-1005\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\callingid {086D03BA-57AC-4C8E-A33D-0BAABF742411} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDToolbar.dll (CallingID Ltd.)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (Broadcom Corporation.)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\OdysseyClient: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: C:\Documents and Settings\Viktor Vutov\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Viktor Vutov\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\CIDLinkAdvisor.dll (CallingID Ltd.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/28 14:11:12 | 000,000,002 | -HS- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2006/01/28 14:11:26 | 000,000,037 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{468164d0-e4a7-11de-b3c6-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{468164d0-e4a7-11de-b3c6-00038a000015}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/01/16 07:54:45 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (8946227899006976)
========== Files/Folders - Created Within 30 Days ==========
[2010/03/08 14:26:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/08 14:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/03/04 00:54:38 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/03/02 21:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Viktor Vutov\Desktop\SysProt
[2010/03/02 00:30:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Viktor Vutov\Application Data\Malwarebytes
[2010/03/02 00:30:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/02 00:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/02 00:30:20 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/02 00:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/02 00:06:59 | 000,177,928 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Viktor Vutov\Desktop\TDSSKiller.exe
[2010/03/02 00:01:09 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Viktor Vutov\Desktop\TFC.exe
[2010/03/01 13:40:17 | 000,577,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
[2010/03/01 13:40:14 | 010,528,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe
[2010/03/01 13:40:13 | 018,804,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl
[2010/03/01 13:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2010/03/01 01:09:18 | 000,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Viktor Vutov\Desktop\RootRepeal.exe
[2010/02/28 21:44:14 | 000,000,000 | ---D | C] -- C:\rsit
[2010/02/26 19:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Viktor Vutov\Desktop\Interviews
[2010/02/21 15:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/02/05 22:32:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/28 20:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2008/09/09 06:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\CallingID
[2005/10/30 02:00:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2005/10/25 23:56:48 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2005/10/25 23:56:48 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2004/11/03 11:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[18 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/03/09 21:42:54 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/09 21:41:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/09 21:41:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/09 21:41:26 | 518,508,544 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/09 21:40:23 | 001,027,853 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2010/03/09 21:40:23 | 000,976,300 | ---- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2010/03/09 21:40:23 | 000,008,621 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2010/03/09 21:40:23 | 000,000,403 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2010/03/09 21:40:23 | 000,000,403 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2010/03/09 21:40:23 | 000,000,403 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2010/03/09 21:40:23 | 000,000,289 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2010/03/09 21:40:23 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2010/03/09 21:40:23 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2010/03/09 21:40:23 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2010/03/09 21:40:23 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2010/03/09 21:40:23 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2010/03/09 21:40:23 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2010/03/09 21:40:23 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2010/03/09 21:40:23 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2010/03/09 21:40:23 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2010/03/09 21:40:23 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2010/03/09 21:39:27 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Viktor Vutov\ntuser.ini
[2010/03/09 21:39:26 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\NTUSER.DAT
[2010/03/08 19:37:20 | 000,002,175 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/08 13:11:42 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/07 10:42:21 | 000,002,838 | ---- | M] () -- C:\WINDOWS\machine.ver
[2010/03/05 00:29:15 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\Desktop\HijackThis.lnk
[2010/03/02 22:01:57 | 000,077,312 | ---- | M] () -- C:\mbr.exe
[2010/03/02 00:01:08 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Viktor Vutov\Desktop\TFC.exe
[2010/03/01 13:11:36 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\Desktop\4BM.doc
[2010/03/01 01:16:16 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\Desktop\settings.dat
[2010/03/01 00:40:24 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\My Documents\Application to CPM Data Analyst.bmp
[2010/03/01 00:07:13 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\My Documents\adp1.adp
[2010/02/27 22:54:54 | 000,005,612 | ---- | M] () -- C:\WINDOWS\DNAPrinters.ini
[2010/02/27 22:06:28 | 000,000,608 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/02/27 21:53:33 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/02/27 13:29:40 | 000,177,928 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Viktor Vutov\Desktop\TDSSKiller.exe
[2010/02/24 12:56:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/24 12:40:26 | 000,000,965 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/21 15:35:03 | 000,054,272 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/20 16:44:50 | 000,064,982 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\Desktop\aaaaa.jpg
[2010/02/19 00:24:10 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\Desktop\CV Victor Vutov SmlN.doc
[2010/02/18 17:55:12 | 024,580,096 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2010/02/18 17:55:06 | 017,976,320 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2010/02/18 17:07:49 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/02/18 12:25:49 | 065,990,800 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\Desktop\Adrenalinka.Avi
[2010/02/15 13:01:16 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Viktor Vutov\Desktop\CV Victor Vutov SmlNT.doc
========== Files Created - No Company Name ==========
[2010/03/03 02:20:02 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/03/02 22:02:01 | 000,077,312 | ---- | C] () -- C:\mbr.exe
[2010/03/01 13:40:17 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/03/01 13:40:14 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2010/03/01 13:37:45 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/03/01 13:11:33 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Desktop\4BM.doc
[2010/03/01 01:16:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Desktop\settings.dat
[2010/03/01 00:40:24 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\My Documents\Application to CPM Data Analyst.bmp
[2010/03/01 00:07:12 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\My Documents\adp1.adp
[2010/02/21 15:08:51 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Desktop\HijackThis.lnk
[2010/02/20 16:44:45 | 000,064,982 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Desktop\aaaaa.jpg
[2010/02/19 00:24:09 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Desktop\CV Victor Vutov SmlN.doc
[2010/02/18 12:20:59 | 065,990,800 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Desktop\Adrenalinka.Porno.Avi
[2010/02/15 12:58:05 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Desktop\CV Victor Vutov SmlNT.doc
[2010/01/02 13:24:15 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/11/26 23:06:46 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008/10/21 12:33:55 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Application Data\$_hpcst$.hpc
[2008/09/04 14:35:22 | 000,005,612 | ---- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2008/08/02 10:44:02 | 000,000,598 | ---- | C] () -- C:\WINDOWS\FashionCam21.ini
[2008/08/02 10:44:02 | 000,000,025 | ---- | C] () -- C:\WINDOWS\AVIMaker.INI
[2008/08/02 10:44:01 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\gtcodec.dll
[2008/08/02 10:44:01 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\infcpy.dll
[2008/01/10 08:26:22 | 000,000,006 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2007/12/08 08:11:35 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/09/27 07:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 07:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 07:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/01/20 20:55:22 | 000,003,927 | R--- | C] () -- C:\WINDOWS\System32\MXCDRIVE.DLL
[2007/01/20 20:55:22 | 000,003,927 | -H-- | C] () -- C:\WINDOWS\ARDRIVE.SYS
[2007/01/04 06:22:18 | 000,000,391 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2007/01/01 16:39:09 | 000,002,042 | ---- | C] () -- C:\WINDOWS\Ca536a.ini
[2007/01/01 16:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\MKCoInstaller.dll
[2006/12/19 19:13:01 | 000,000,040 | ---- | C] () -- C:\WINDOWS\pdf2rtf.INI
[2006/04/26 11:15:20 | 000,000,180 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2006/04/26 09:40:26 | 000,000,070 | ---- | C] () -- C:\WINDOWS\init.ini
[2006/04/25 21:24:56 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006/04/25 21:24:52 | 000,568,850 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2006/04/25 21:24:51 | 000,856,064 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/04/25 21:24:51 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/04/25 21:24:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/04/25 21:24:49 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2006/04/25 21:24:49 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2006/03/09 20:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PestPatrol5.INI
[2006/03/05 20:33:23 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\RTELM.dll
[2006/02/05 21:14:43 | 000,002,589 | ---- | C] () -- C:\WINDOWS\photoimpression.ini
[2006/02/05 21:12:52 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2006/01/26 17:36:57 | 000,034,671 | ---- | C] () -- C:\WINDOWS\System32\drivers\nipplpt.sys
[2006/01/24 19:16:10 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\newdll.dll
[2005/12/06 17:22:02 | 000,012,974 | ---- | C] () -- C:\WINDOWS\ASS_150E.INI
[2005/11/10 06:51:40 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2005/11/04 01:55:41 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005/11/04 01:54:21 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/10/19 03:38:27 | 000,054,272 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/10/19 03:37:54 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Viktor Vutov.ini
[2005/10/13 22:17:03 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Viktor Vutov\Local Settings\Application Data\fusioncache.dat
[2005/07/26 09:04:21 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Victor Vutov.ini
[2005/04/04 07:22:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI
[2005/03/05 17:13:45 | 000,000,070 | ---- | C] () -- C:\WINDOWS\mmpoly.ini
[2005/02/05 22:58:02 | 000,004,638 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini
[2005/02/05 22:57:29 | 000,000,478 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2005/01/16 13:57:27 | 000,000,632 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2005/01/16 11:36:53 | 000,005,562 | ---- | C] () -- C:\WINDOWS\RTE.INI
[2004/12/05 10:34:21 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2004/11/29 17:44:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2004/11/29 06:03:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2004/11/26 14:00:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CePMTray.INI
[2004/11/26 13:36:32 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/26 13:11:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2004/11/26 13:08:41 | 000,000,067 | ---- | C] () -- C:\WINDOWS\swupdate.ini
[2004/08/22 21:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2003/07/17 06:51:54 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\AnimWnd.dll
[2003/05/20 01:40:06 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\IrrShape.dll
[2003/02/06 19:08:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/01/27 17:31:22 | 000,008,831 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2003/01/27 17:31:21 | 000,121,905 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2003/01/27 17:31:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2003/01/27 17:31:21 | 000,006,793 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2003/01/16 01:23:50 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\CeEPDefDat.dll
[2003/01/15 18:52:08 | 000,000,608 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2003/01/15 17:47:50 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\CeEPPolicy.dll
[2003/01/14 23:56:10 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\CeEKPolicy.dll
[2003/01/14 18:15:41 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/01/14 18:14:43 | 000,000,665 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/01/14 00:34:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2003/01/13 23:38:59 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
[2002/07/18 01:45:48 | 000,004,183 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPIOMngr.sys
[2002/05/15 20:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 15:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 10:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/10/01 07:36:50 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2001/10/01 07:27:02 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2001/10/01 04:09:04 | 000,000,382 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2001/10/01 04:08:28 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_005607_.tmp.dll
[2001/10/01 04:08:06 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_005639_.tmp.dll
[2001/07/30 15:17:12 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2000/09/08 15:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[2000/04/12 08:28:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2000/04/12 08:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2010/03/02 22:01:57 | 000,077,312 | ---- | M] () -- C:\mbr.exe
< MD5 for: AGP440.SYS >
[2005/10/14 01:31:31 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/08/26 11:00:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2005/10/14 01:31:31 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/08/26 11:00:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/08/26 11:00:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\sp3.cab:AGP440.sys
[2008/04/13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\agp440.sys
[2008/04/13 18:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 06:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2002/08/29 12:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2005/10/14 01:31:31 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/08/26 11:00:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002/08/29 12:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp1.cab:atapi.sys
[2005/10/14 01:31:31 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/08/26 11:00:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/08/26 11:00:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\sp3.cab:atapi.sys
[2002/08/29 12:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008/04/13 18:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 18:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\atapi.sys
[2008/04/13 18:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 05:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 00:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 00:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\eventlog.dll
[2008/04/14 00:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 07:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008/04/14 00:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 00:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\netlogon.dll
[2008/04/14 00:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 18:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 18:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 07:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004/08/04 07:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 00:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 00:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\scecli.dll
[2008/04/14 00:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2001/10/01 00:20:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2001/10/01 00:20:11 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2001/10/01 00:20:11 | 000,397,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
========== Alternate Data Streams ==========
@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Extras.txt:
OTL Extras logfile created on: 3/9/2010 10:43:08 PM - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\Viktor Vutov\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
494.00 Mb Total Physical Memory | 158.00 Mb Available Physical Memory | 32.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.95 Gb Total Space | 2.68 Gb Free Space | 9.59% Space Free | Partition Type: NTFS
Drive D: | 46.58 Gb Total Space | 35.02 Gb Free Space | 75.17% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VUTOV-S-TOSHIBA
Current User Name: Viktor Vutov
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-711985713-4290104095-50919101-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\CA Personal Firewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiMalware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"24124:TCP" = 24124:TCP:*:Disabled:BitComet 24124 TCP
"24124:UDP" = 24124:UDP:*:Disabled:BitComet 24124 UDP
"20718:TCP" = 20718:TCP:*:Disabled:BitComet 20718 TCP
"20718:UDP" = 20718:UDP:*:Disabled:BitComet 20718 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"24074:TCP" = 24074:TCP:*:Disabled:BitComet 24074 TCP
"24074:UDP" = 24074:UDP:*:Disabled:BitComet 24074 UDP
"12806:TCP" = 12806:TCP:*:Enabled:BitComet 12806 TCP
"12806:UDP" = 12806:UDP:*:Enabled:BitComet 12806 UDP
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Disabled:Windows Media Player Network Sharing Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Program Files\IOGEAR\Bluetooth Software\BTStackServer.exe" = C:\Program Files\IOGEAR\Bluetooth Software\BTStackServer.exe:*:Disabled:Bluetooth Stack COM Server -- (Broadcom Corporation.)
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares -- File not found
"C:\Program Files\ICQLite\ICQLite.exe" = C:\Program Files\ICQLite\ICQLite.exe:*:Disabled:ICQ Lite -- File not found
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Disabled:ICQ6 -- (ICQ, Inc.)
"C:\Program Files\Networx-BG\Helper\winvnc.exe" = C:\Program Files\Networx-BG\Helper\winvnc.exe:192.168.11.0/255.255.255.0:Disabled:Networx-BG Helper VNC -- File not found
"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" = C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Disabled:VoipBuster -- File not found
"C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" = C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe:*:Disabled:VoipStunt -- (VoipStunt)
"C:\Documents and Settings\Viktor Vutov\My Documents\Downloads\issdm_ca_en.exe" = C:\Documents and Settings\Viktor Vutov\My Documents\Downloads\issdm_ca_en.exe:*:Enabled:issdm_ca_en -- (CA)
"C:\Program Files\CA\CA Internet Security Suite\ccupdate\ccupdate.exe" = C:\Program Files\CA\CA Internet Security Suite\ccupdate\ccupdate.exe:*:Enabled:ccupdate -- (CA, Inc.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- File not found
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01A3E75B-54C0-407F-8B95-B77705C7DCC4}" = AMRT
"{02FF72DD-F3C1-45A2-B52A-9E596EF8A5D7}" = MapSource - City Select Europe v7
"{10B3936F-0E93-4431-8E7B-3FEA5DAC88C3}" = Garmin Communicator Plugin
"{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds
"{12408EED-3F86-4DDD-AE7D-78167031DFDF}" = TouchPad On/Off Utility
"{1367D815-EC9F-4e2f-9FB9-E40A075AD19B}" = DNAMigrator
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{19054939-DBF1-4ED9-B9EB-EF5EA725908F}" = TOSHIBA Hotkey Utility
"{1B9B7BA2-0C7A-4759-BACD-FADADE9E6694}" = Vimicro USB2.0 PC Camera (VC0323)
"{21BCE515-D5A3-11D4-8E33-0010B53EC668}" = Ulead Photo Express 4.0 My Custom Edition
"{231F68F4-70E4-41A6-BEDA-7E7934169B54}" = Maxtor OneTouch
"{2681A52E-FCFA-4982-A030-7B652BDD346C}" = CA Personal Firewall
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2EEEC858-21F8-419B-8FE2-820621BFFCD7}" = GetDataBack for FAT
"{2FD94FBC-07AE-475C-B522-BFE899B9048E}" = Garmin WebUpdater
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36A9D3F8-3FCF-4FBA-A8AD-3C1CE56C8AF4}" = Philips Device Manager
"{38151262-FAF8-4778-9AAB-33E90B60D8E9}" = CA Anti-Virus Plus
"{38441BE7-79B0-42B8-8297-833704F949FE}" = HLPIndex
"{395131D0-71C3-4411-8DDD-84E7A4EC8754}" = Intellisync® for Yahoo!
"{39B1915D-3CBA-42F8-8A58-2AB5587BF863}" = Microsoft Office PowerPoint 2003 Template Creation Wizard
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}" = TOSHIBA Console
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = IOGEAR Bluetooth Software
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{46463780-40FD-4929-BDE6-C32BEE15107E}" = TOSHIBA Power Management Utility
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}" = ESSSONIC
"{52A5F706-2FCC-4C14-9E9A-345C2DCB25E9}" = D-Link AirPlus Xtreme G Adapter
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{5E3CFCA6-C95A-47CB-A822-7FA80D423AF2}" = MapSource
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{60fa7bf1-3044-4718-9857-21eb48df6789}" = Microsoft Visual C++ 2005 Redistributable
"{6259F28B-6C4A-4259-8A1D-F44794DF73E2}" = Garmin StreetPilot i2/i3 North America
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78FAC9DA-E0A7-45BA-B9E1-181CB57C6D1C}" = MapSource - European City Navigator v6
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{82D48731-8BC6-44A2-8D41-B5FF33541378}" = 350FT PowerC@m Flash
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}" = ESSCT
"{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8}" = HLPSFO
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90AC0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 2
"{90AD0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint 2003 Template Pack 3
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{96DA37C3-4B48-41ED-8500-9C1F1E3933A2}" = Garmin City Navigator Europe 2008
"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = Realtek Fast Ethernet Adapter Driver
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9964DA70-CA9D-48BD-93E6-19F121143958}" = Helper
"{996EC44B-38E1-4898-8E47-3EE3D15F2712}" = Garmin WebUpdater
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9D0FB354-3D85-483A-A899-99FB3084942D}" = Garmin MapSource
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5676-5A64-E98530000001}" = Extended Language Support Fonts Package
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B8D57AEB-841A-415F-9331-13DDF09BD3F2}" = Nokia PC Suite 5.1
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC9EA2BC-BCFA-4DEA-8F5F-1E1032567673}" = Pocket Controller-Professional
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}" = WinZip 11.2
"{CDB98E2F-7B2A-42C2-B718-F1F6B31586DF}" = CA Website Inspector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}" = MSN Messenger 7.5
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1973749-F5E7-40EB-B528-F2B78685B9FF}" = essvcpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4A2957D-5113-4722-A0A3-E7D0BF85D5D4}" = Three Ships Browser Plugin
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DDC146FA-73E0-4FA1-A353-841EA14BF600}" = Drag'n Drop CD+DVD
"{DE69C175-DFFB-4502-A1AB-E13F7852F1C7}" = EZ Connect Wireless AP Utility
"{F61F2821-694C-475F-99AB-6AF2EFDF40FD}" = Quicken 2003 New User Edition
"{F6C405D2-C50D-4D10-B89E-73A233A14D74}" = Toshiba Registration
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F90DA605-4E92-11D4-A319-00104BCAB4AB}" =
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}" = ESSEMAIL
"AddressBook" =
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"America Online us" = America Online
"AolCoach" = AOL Coach Version 1.0(Build:20020823.1)
"ArcSoft PhotoImpression 2000" = ArcSoft PhotoImpression 2000
"AvantGo Client" =
"BG OFFRoadMap" = BG OFFRoadMap 4.60
"BG Road Maps_is1" = BG Road Maps 2.12
"Branding" =
"cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
"Connection Manager" =
"DirectAnimation" =
"DirectDrawEx" =
"DXM_Runtime" =
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX210_SX410_TX210_TX410 User’s Guide" = Epson Stylus SX210_SX410_TX210_TX410 Manual
"EPSON SX210 Series" = EPSON SX210 Series Printer Uninstall
"ERUNT_is1" = ERUNT 1.1j
"eTrust Suite Personal" = CA Internet Security Suite
"FlexType 2K" = FlexType 2K
"Fontcore" =
"Glary Registry Repair_is1" = Glary Registry Repair 3.0
"HijackThis" = HijackThis 2.0.2
"ICW" =
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IE40" =
"IE4Data" =
"IE5BAKEX" =
"ie8" = Windows Internet Explorer 8
"IEData" =
"InstallShield Uninstall Information" =
"InstallShield_{02FF72DD-F3C1-45A2-B52A-9E596EF8A5D7}" = MapSource - City Select Europe v7
"InstallShield_{12408EED-3F86-4DDD-AE7D-78167031DFDF}" = TouchPad On/Off Utility
"InstallShield_{19054939-DBF1-4ED9-B9EB-EF5EA725908F}" = TOSHIBA Hotkey Utility
"InstallShield_{231F68F4-70E4-41A6-BEDA-7E7934169B54}" = Maxtor OneTouch
"InstallShield_{46463780-40FD-4929-BDE6-C32BEE15107E}" = TOSHIBA Power Management Utility
"InstallShield_{78FAC9DA-E0A7-45BA-B9E1-181CB57C6D1C}" = MapSource - European City Navigator v6
"InstallShield_{B8D57AEB-841A-415F-9331-13DDF09BD3F2}" = Nokia PC Suite 5.1
"InstallShield_{F61F2821-694C-475F-99AB-6AF2EFDF40FD}" = Quicken 2003 New User Edition
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 1.53
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Interactive Training" =
"Microsoft NetShow Player 2.0" =
"Mobile Application Link" =
"MobileOptionPack" =
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI30a-KB884016" =
"MSI30-Beta1" =
"MSI30-Beta2" =
"MSI30-KB884016" =
"MSI30-RC1" =
"MSI30-RC2" =
"MSI31-Beta" =
"MSI31-RC1" =
"MsJavaVM" =
"MSN Music Assistant" = MSN Music Assistant
"MXOFX" = USB Storage Adapter FX (MXO)
"NetMeeting" =
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Novell iPrint Client" = Novell iPrint Client v04.16.00
"OutlookExpress" =
"PCHealth" =
"QuickTime" = QuickTime
"RealJukebox 1.0" =
"RealPlayer 6.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 5.2
"SA Dictionary 2005 T2" = SA Dictionary 2005 T2
"SAGEM My Pictures And Sounds" = My Pictures And Sounds 7.13
"SchedulingAgent" =
"Skype™ for Pocket PC_is1" = Skype™ for Pocket PC 2.2
"Toshiba Access" = Toshiba Access
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TOSHIBA Software Upgrades" = TOSHIBA Software Upgrades
"TOSHIBA System Stability Program" = TOSHIBA System Stability Program
"Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
"Ulead COOL 360 1.0" = Ulead COOL 360 1.0
"VLC media player" = VideoLAN VLC media player 0.8.4a
"VoipStunt_is1" = VoipStunt
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip Self-Extractor" = WinZip Self-Extractor
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar for Internet Explorer
"Yahoo! Customizations" = Yahoo! extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3/5/2010 4:44:06 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1000
Description = Faulting application viktor vutov.exe, version 2.0.0.2, faulting module
viktor vutov.exe, version 2.0.0.2, fault address 0x001429c6.
Error - 3/5/2010 12:25:39 PM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1000
Description = Faulting application ccevtmgr.exe, version 6.0.0.272, faulting module
ntdll.dll, version 5.1.2600.5755, fault address 0x00011782.
Error - 3/5/2010 12:26:05 PM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1001
Description = Fault bucket 1726664821.
Error - 3/8/2010 10:42:52 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1000
Description = Faulting application rsit.exe, version 3.2.12.1, faulting module rsit.exe,
version 3.2.12.1, fault address 0x0010df1e.
Error - 3/8/2010 10:42:52 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1000
Description = Faulting application rsit.exe, version 3.2.12.1, faulting module rsit.exe,
version 3.2.12.1, fault address 0x0010df1e.
Error - 3/8/2010 10:43:06 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1000
Description = Faulting application rsit.exe, version 3.2.12.1, faulting module rsit.exe,
version 3.2.12.1, fault address 0x0010df1e.
Error - 3/8/2010 10:49:27 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1000
Description = Faulting application rsit.exe, version 3.2.12.1, faulting module rsit.exe,
version 3.2.12.1, fault address 0x0010df1e.
Error - 3/8/2010 10:49:49 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1001
Description = Fault bucket 1748493470.
Error - 3/8/2010 10:50:31 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1000
Description = Faulting application rsit.exe, version 3.2.12.1, faulting module rsit.exe,
version 3.2.12.1, fault address 0x0010df1e.
Error - 3/8/2010 11:02:07 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Application Error | ID = 1000
Description = Faulting application rsit.exe, version 3.2.12.1, faulting module rsit.exe,
version 3.2.12.1, fault address 0x0010df1e.
[ System Events ]
Error - 3/8/2010 10:29:33 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7034
Description = The CA Common Scheduler Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 3/8/2010 10:29:33 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7034
Description = The ConfigFree Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/8/2010 10:29:38 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7034
Description = The WAN Miniport (ATW) Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 3/8/2010 10:29:42 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7034
Description = The CaCCProvSP service terminated unexpectedly. It has done this
1 time(s).
Error - 3/8/2010 10:32:40 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2
Error - 3/8/2010 10:46:00 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2
Error - 3/8/2010 3:33:00 PM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2
Error - 3/9/2010 4:51:02 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2
Error - 3/9/2010 6:51:36 AM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2
Error - 3/9/2010 5:42:30 PM | Computer Name = VUTOV-S-TOSHIBA | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2
< End of report >