Thank you for helping Carolyn! I very much appreciate it!
I uninstalled both AVG free and Spybot S&D. I left Malwarebyte's and PC Tools Mechanic. If you need me to remove anymore please let me know!
Here are my logs:
Malwarebytes' Anti-Malware 1.44
Database version: 3618
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18372
1/23/2010 6:43:33 AM
mbam-log-2010-01-23 (06-43-33).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 242311
Time elapsed: 1 hour(s), 54 minute(s), 47 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logfile created on: 1/23/2010 2:13:52 PM - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Documents and Settings\Cindy\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 373.00 Mb Available Physical Memory | 37.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 34.19 Gb Free Space | 45.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 148.34 Gb Total Space | 97.10 Gb Free Space | 65.45% Space Free | Partition Type: NTFS
Drive F: | 149.75 Gb Total Space | 26.23 Gb Free Space | 17.52% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MCMARTIN-90C945
Current User Name: Cindy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2010/01/22 22:48:00 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cindy\Desktop\OTL.exe
PRC - [2009/12/09 17:22:33 | 00,921,072 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Cindy\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/11/25 15:42:58 | 03,176,408 | ---- | M] (PC Tools) -- C:\Program Files\Registry Mechanic\RegMech.exe
PRC - [2009/11/25 15:42:18 | 00,583,640 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:04 | 10,358,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe
PRC - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/03/19 16:11:24 | 01,138,688 | ---- | M] (Last.fm) -- C:\Program Files\Last.fm\LastFM.exe
PRC - [2009/02/17 18:30:33 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/04/13 18:12:36 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe
PRC - [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/05 17:20:42 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/02/05 17:18:48 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/08/21 19:57:14 | 00,487,424 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2007/01/04 15:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/12/08 19:06:52 | 00,290,889 | ---- | M] (Trend Micro Incorporated.) -- C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe
PRC - [2006/12/08 19:06:52 | 00,262,215 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe
PRC - [2006/12/08 19:06:48 | 00,823,362 | ---- | M] (Trend Micro Incorporated.) -- C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
PRC - [2006/09/04 20:54:44 | 00,880,722 | ---- | M] (Trend Micro Incorporated.) -- C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe
========== Modules (SafeList) ========== MOD - [2010/01/22 22:48:00 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cindy\Desktop\OTL.exe
MOD - [2008/02/05 17:20:30 | 00,109,080 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (XobniService)
SRV - File not found [On_Demand | Stopped] -- -- (WLSetupSvc)
SRV - File not found [Disabled | Stopped] -- -- (usnjsvc)
SRV - File not found [Disabled | Stopped] -- -- (SQLAgent$SONY_MEDIAMGR)
SRV - File not found [On_Demand | Stopped] -- -- (MSSQL$SONY_MEDIAMGR)
SRV - [2009/11/25 15:42:18 | 00,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/06/23 21:12:10 | 00,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe -- (aspnet_state)
SRV - [2009/03/25 23:00:20 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/02/17 18:30:33 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c991601fdf2358) Google Update Service (gupdate1c991601fdf2358)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/07/21 16:53:54 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/04/13 18:12:36 | 00,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/13 18:12:27 | 00,117,248 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\mqtgsvc.exe -- (MSMQTriggers)
SRV - [2008/04/13 18:12:27 | 00,004,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\mqsvc.exe -- (MSMQ)
SRV - [2008/02/05 17:22:36 | 00,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/02/05 17:20:42 | 00,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/02/05 17:18:48 | 00,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/08/21 20:05:00 | 00,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2007/08/21 19:57:14 | 00,487,424 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2007/01/20 22:18:16 | 00,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2007/01/04 15:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/14 01:21:20 | 00,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 01:02:08 | 00,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 00:46:16 | 00,057,344 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/12/08 19:06:52 | 00,585,792 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe -- (TmPfw)
SRV - [2006/12/08 19:06:52 | 00,290,889 | ---- | M] (Trend Micro Incorporated.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe -- (Tmntsrv)
SRV - [2006/12/08 19:06:52 | 00,262,215 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe -- (tmproxy)
SRV - [2006/11/02 20:40:12 | 00,174,656 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/09/04 20:54:44 | 00,880,722 | ---- | M] (Trend Micro Incorporated.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe -- (PcCtlCom)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/10 05:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)
========== Driver Services (SafeList) ========== DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/11/30 17:43:49 | 00,067,424 | ---- | M] (CyberDefender Corp.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDAVFS.sys -- (CDAVFS)
DRV - [2008/07/18 18:08:38 | 00,205,328 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (Tmfilter)
DRV - [2008/07/18 18:08:32 | 00,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (Tmpreflt)
DRV - [2008/07/18 17:51:32 | 01,195,448 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\VsapiNT.sys -- (Vsapint)
DRV - [2008/06/19 15:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/06/05 16:05:15 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/05/08 08:02:52 | 00,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/04/13 12:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 12:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 12:39:44 | 00,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/04/13 10:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/05 20:21:48 | 00,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/02/05 20:21:37 | 04,658,456 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam S5500(UVC)
DRV - [2008/02/05 20:21:25 | 00,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/02/05 20:20:40 | 00,628,760 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/02/05 17:20:08 | 00,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/02/05 17:18:12 | 00,689,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2008/01/04 15:58:46 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/12/14 17:07:22 | 00,003,768 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MusCVideo32.sys -- (MusCVideo32)
DRV - [2007/12/14 17:07:20 | 00,513,152 | ---- | M] (Windows (R) 2000/XP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MusCDriverV32.sys -- (MusCDriverV32)
DRV - [2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/09/25 05:10:18 | 00,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2007/08/21 20:07:39 | 02,417,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/12/08 19:06:55 | 01,884,585 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\tm_cfw.sys -- (tm_cfw)
DRV - [2006/12/08 19:06:55 | 00,038,528 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\tmtdi.sys -- (tmtdi)
DRV - [2006/11/10 12:51:46 | 00,505,984 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2006/11/02 06:00:08 | 00,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (winusb)
DRV - [2006/05/24 23:53:06 | 00,003,712 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2006/05/10 08:56:54 | 00,027,264 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2006/05/10 08:56:50 | 00,071,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2006/05/10 08:56:26 | 00,036,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2005/12/22 10:34:00 | 00,072,032 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TPkd.sys -- (TPkd)
DRV - [2005/11/18 12:02:50 | 00,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/11/18 12:02:10 | 00,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/11/07 05:20:00 | 00,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/11/07 05:20:00 | 00,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/11/07 05:20:00 | 00,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/11/07 05:20:00 | 00,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/11/07 05:20:00 | 00,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/11/07 05:20:00 | 00,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/11/07 05:20:00 | 00,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/12 03:30:00 | 00,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/08/12 05:20:00 | 00,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/06/14 17:40:08 | 00,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2005/02/23 13:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/12/13 15:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\cercsr6.sys -- (cercsr6)
DRV - [2004/10/14 16:30:46 | 00,155,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)
DRV - [2004/08/10 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/06/15 22:52:40 | 00,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 22:15:34 | 00,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 22:14:42 | 01,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 22:13:38 | 00,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2002/08/20 13:00:00 | 00,016,509 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2001/08/22 08:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 13:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 12:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page =
http://www.google.com/ IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/IE - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 24 21 A8 50 3A 93 CA 01 [binary data]
IE - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\S-1-5-21-854245398-1214440339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\S-1-5-21-854245398-1214440339-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems:
support@ancestry.com:1.0.0.1
FF - prefs.js..extensions.enabledItems: {336dc353-5272-420c-84e7-ba1f3c9c2aeb}:1.300.273
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.3
FF - prefs.js..extensions.enabledItems: {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC}:4.0
FF - prefs.js..extensions.enabledItems:
moveplayer@movenetworks.com:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..keyword.URL: "http://search.freecause.com/search?fr=freecause&ourmark=3&type=60459&p="
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla FirefoxA\components [2010/01/12 00:37:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla FirefoxA\plugins [2010/01/16 15:00:43 | 00,000,000 | ---D | M]
[2009/02/07 23:11:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Extensions
[2009/02/07 23:11:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/01/23 08:43:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Firefox\Profiles\w80lv25l.default\extensions
[2009/09/16 20:33:11 | 00,000,000 | ---D | M] (Causes) -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Firefox\Profiles\w80lv25l.default\extensions\{336dc353-5272-420c-84e7-ba1f3c9c2aeb}
[2009/01/15 11:40:17 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Firefox\Profiles\w80lv25l.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/04/28 18:14:57 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Firefox\Profiles\w80lv25l.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/12/14 09:13:49 | 00,000,000 | ---D | M] (Freeze Toolbar) -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Firefox\Profiles\w80lv25l.default\extensions\{CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC}
[2009/04/02 18:40:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Firefox\Profiles\w80lv25l.default\extensions\moveplayer@movenetworks.com
[2009/07/28 16:53:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Firefox\Profiles\w80lv25l.default\extensions\support@ancestry.com
[2008/05/25 16:59:21 | 00,001,901 | ---- | M] () -- C:\Documents and Settings\Cindy\Application Data\Mozilla\Firefox\Profiles\w80lv25l.default\searchplugins\aimsearch.xml
O1 HOSTS File: ([2010/01/09 17:13:36 | 00,363,060 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
http://www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
http://www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
http://www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
http://www.1000gratisproben.comO1 - Hosts: 127.0.0.1
http://www.1001namen.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
http://www.100888290cs.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
http://www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1
http://www.10sek.comO1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
http://www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 127.0.0.1
http://www.123haustiereundmehr.comO1 - Hosts: 127.0.0.1
http://www.123simsen.comO1 - Hosts: 127.0.0.1 123simsen.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 12514 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003..\Run: [Google Update] C:\Documents and Settings\Cindy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe (PC Tools)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present
O9 - Extra Button: PopupPopper Control Panel - {3E94F358-9537-4BBA-8D12-D7F8A0136973} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-854245398-1214440339-1801674531-1003\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
http://by101fd.bay101.hotmail.msn.com/r ... nPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 8947606953 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftup ... 5637086015 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429}
http://www.sibelius.com/download/softwa ... Plugin.cab (ScorchPlugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.159.193.40 68.115.71.53
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Cindy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cindy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/08 16:25:51 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/01/22 22:47:59 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cindy\Desktop\OTL.exe
[2010/01/22 11:16:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Cindy\My Documents\My Received Podcasts
[2010/01/22 11:16:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Cindy\Application Data\iPodder
[2010/01/22 11:15:54 | 00,000,000 | ---D | C] -- C:\Program Files\Juice
[2010/01/21 16:30:46 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/01/21 16:30:46 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/01/21 16:27:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/01/21 16:27:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/16 16:11:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Cindy\Application Data\My Games
[2010/01/16 15:46:48 | 00,000,000 | ---D | C] -- C:\Program Files\Firaxis Games
[2010/01/15 21:55:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Cindy\Recent
[2010/01/12 22:01:04 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/01/11 21:25:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Napster
[2010/01/11 21:25:49 | 00,000,000 | ---D | C] -- C:\Program Files\Napster
[2010/01/07 21:40:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Cindy\Application Data\MSNInstaller
[2010/01/07 21:01:57 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/01/07 20:53:11 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/02/18 08:28:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/02/17 18:30:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/05/30 13:37:10 | 01,694,728 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2008/05/30 13:35:56 | 00,097,288 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[2008/05/30 13:34:50 | 00,528,392 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[45 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/01/23 14:20:00 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/01/23 13:26:00 | 00,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1214440339-1801674531-1003UA.job
[2010/01/23 09:25:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/01/23 03:25:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/01/23 01:47:00 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5b909d3adea.job
[2010/01/22 23:15:26 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/22 22:48:00 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cindy\Desktop\OTL.exe
[2010/01/22 21:25:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/01/22 21:25:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/01/22 15:26:01 | 00,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1214440339-1801674531-1003Core.job
[2010/01/22 15:25:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/01/22 11:15:59 | 00,000,658 | ---- | M] () -- C:\Documents and Settings\Cindy\Desktop\Juice.lnk
[2010/01/22 11:06:05 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/22 11:02:28 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/22 11:02:26 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/22 11:02:19 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010/01/22 11:02:17 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010/01/22 11:01:33 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Cindy\ntuser.ini
[2010/01/22 11:01:32 | 15,204,352 | ---- | M] () -- C:\Documents and Settings\Cindy\NTUSER.DAT
[2010/01/22 09:23:57 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\Cindy\Desktop\Microsoft Office Word 2003.lnk
[2010/01/21 15:22:42 | 00,002,294 | ---- | M] () -- C:\Documents and Settings\Cindy\Desktop\Google Chrome.lnk
[2010/01/21 08:39:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/01/19 11:58:43 | 00,458,506 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/19 11:58:43 | 00,077,374 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/18 18:59:15 | 01,320,020 | ---- | M] () -- C:\Documents and Settings\Cindy\Desktop\Julie's Dance Attack.mp3
[2010/01/16 15:46:55 | 00,000,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Launch Sid Meier's Civilization 4.lnk
[2010/01/16 15:00:44 | 00,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/01/15 23:23:12 | 00,001,744 | ---- | M] () -- C:\Documents and Settings\Cindy\Desktop\HijackThis.lnk
[2010/01/13 20:32:55 | 00,111,104 | ---- | M] () -- C:\Documents and Settings\Cindy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/12 22:49:13 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/12 03:52:04 | 00,000,284 | ---- | M] () -- C:\Documents and Settings\Cindy\Desktop\Shortcut to Expansion (E).lnk
[2010/01/10 09:27:18 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[2010/01/09 17:13:36 | 00,363,060 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/07 20:54:07 | 00,001,614 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[45 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/01/22 11:15:55 | 00,000,658 | ---- | C] () -- C:\Documents and Settings\Cindy\Desktop\Juice.lnk
[2010/01/21 15:22:42 | 00,002,294 | ---- | C] () -- C:\Documents and Settings\Cindy\Desktop\Google Chrome.lnk
[2010/01/21 15:21:59 | 00,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1214440339-1801674531-1003UA.job
[2010/01/21 15:21:58 | 00,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1214440339-1801674531-1003Core.job
[2010/01/18 11:14:03 | 01,320,020 | ---- | C] () -- C:\Documents and Settings\Cindy\Desktop\Julie's Dance Attack.mp3
[2010/01/16 15:46:55 | 00,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Launch Sid Meier's Civilization 4.lnk
[2010/01/16 15:00:44 | 00,001,739 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/01/15 23:23:12 | 00,001,744 | ---- | C] () -- C:\Documents and Settings\Cindy\Desktop\HijackThis.lnk
[2010/01/15 21:26:39 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/01/15 21:26:38 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010/01/15 21:26:38 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010/01/15 21:26:38 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/01/15 21:26:37 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010/01/12 03:52:04 | 00,000,284 | ---- | C] () -- C:\Documents and Settings\Cindy\Desktop\Shortcut to Expansion (E).lnk
[2010/01/09 22:24:33 | 00,001,692 | ---- | C] () -- C:\Documents and Settings\Cindy\Desktop\Palm Desktop.lnk
[2010/01/07 21:04:07 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/01/07 20:54:07 | 00,001,614 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/12/14 09:14:52 | 00,000,032 | ---- | C] () -- C:\Documents and Settings\Cindy\Local Settings\Application Data\xobni_installer_updater.log
[2009/08/09 12:06:07 | 00,000,058 | ---- | C] () -- C:\WINDOWS\System32\msadio.dll
[2009/01/06 17:53:10 | 00,000,026 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2008/12/21 22:51:00 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/12/21 22:50:59 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/11/30 17:44:41 | 00,000,064 | ---- | C] () -- C:\WINDOWS\av_affiliate.ini
[2008/11/30 17:44:39 | 00,000,064 | ---- | C] () -- C:\WINDOWS\as_affiliate.ini
[2008/11/28 12:28:39 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/11/28 12:28:38 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008/11/28 12:28:35 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/11/28 12:28:35 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/11/28 12:28:33 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/11/28 12:28:33 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/11/06 10:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 10:34:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 10:33:02 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/10/26 13:00:50 | 00,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/10/20 20:42:06 | 00,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.INI
[2008/09/07 21:07:33 | 00,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/07/23 10:50:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/06/05 16:05:14 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/05/30 13:38:30 | 01,158,739 | ---- | C] () -- C:\Program Files\BDANT.cab
[2008/05/30 13:38:30 | 01,130,465 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2008/05/30 13:38:30 | 01,118,469 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2008/05/30 13:38:30 | 01,087,968 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2008/05/30 13:38:30 | 01,082,704 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2008/05/30 13:38:30 | 01,082,210 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2008/05/30 13:38:28 | 01,080,892 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2008/05/30 13:38:26 | 01,068,173 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2008/05/30 13:38:26 | 01,016,473 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2008/05/30 13:38:26 | 00,978,396 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2008/05/30 13:38:26 | 00,919,678 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2008/05/30 13:38:26 | 00,867,848 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab
[2008/05/30 13:38:26 | 00,855,534 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2008/05/30 13:38:24 | 00,871,076 | ---- | C] () -- C:\Program Files\Jun2008_d3dx10_38_x64.cab
[2008/05/30 13:38:24 | 00,853,167 | ---- | C] () -- C:\Program Files\Jun2008_d3dx10_38_x86.cab
[2008/05/30 13:38:24 | 00,848,132 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2008/05/30 13:38:24 | 00,807,132 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab
[2008/05/30 13:38:24 | 00,702,292 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2008/05/30 13:38:22 | 00,821,508 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2008/05/30 13:38:22 | 00,800,115 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2008/05/30 13:38:22 | 00,701,860 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2008/05/30 13:38:20 | 00,701,720 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2008/05/30 13:38:18 | 00,272,876 | ---- | C] () -- C:\Program Files\Jun2008_XAudio_x64.cab
[2008/05/30 13:38:16 | 00,699,113 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2008/05/30 13:38:16 | 00,254,442 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2008/05/30 13:38:14 | 00,272,272 | ---- | C] () -- C:\Program Files\Jun2008_XAudio_x86.cab
[2008/05/30 13:38:14 | 00,229,498 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2008/05/30 13:38:14 | 00,216,055 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2008/05/30 13:38:12 | 00,201,344 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2008/05/30 13:38:12 | 00,200,370 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2008/05/30 13:38:12 | 00,200,010 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2008/05/30 13:38:12 | 00,197,923 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2008/05/30 13:38:10 | 00,186,151 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2008/05/30 13:38:10 | 00,185,609 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2008/05/30 13:38:08 | 00,199,014 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2008/05/30 13:38:08 | 00,194,968 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2008/05/30 13:38:06 | 00,195,723 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2008/05/30 13:38:06 | 00,184,033 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2008/05/30 13:38:04 | 00,182,381 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2008/05/30 13:38:04 | 00,181,607 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2008/05/30 13:38:04 | 00,156,157 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2008/05/30 13:38:04 | 00,151,512 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2008/05/30 13:38:04 | 00,151,231 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2008/05/30 13:38:02 | 00,156,260 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2008/05/30 13:38:00 | 00,154,473 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2008/05/30 13:38:00 | 00,136,351 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2008/05/30 13:37:58 | 00,148,847 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2008/05/30 13:37:58 | 00,135,657 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2008/05/30 13:37:56 | 00,141,265 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2008/05/30 13:37:56 | 00,140,483 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2008/05/30 13:37:56 | 00,136,919 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2008/05/30 13:37:54 | 00,056,550 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2008/05/30 13:37:52 | 00,125,584 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2008/05/30 13:37:52 | 00,124,302 | ---- | C] () -- C:\Program Files\Jun2008_XACT_x64.cab
[2008/05/30 13:37:52 | 00,100,065 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2008/05/30 13:37:52 | 00,058,402 | ---- | C] () -- C:\Program Files\Jun2008_X3DAudio_x64.cab
[2008/05/30 13:37:52 | 00,049,306 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2008/05/30 13:37:50 | 00,058,306 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2008/05/30 13:37:50 | 00,025,153 | ---- | C] () -- C:\Program Files\Jun2008_X3DAudio_x86.cab
[2008/05/30 13:37:48 | 00,097,916 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2008/05/30 13:37:48 | 00,049,258 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2008/05/30 13:37:48 | 00,048,607 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2008/05/30 13:37:46 | 00,090,390 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2008/05/30 13:37:46 | 00,090,349 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2008/05/30 13:37:46 | 00,047,700 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2008/05/30 13:37:44 | 00,049,392 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2008/05/30 13:37:42 | 00,096,982 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2008/05/30 13:37:42 | 00,096,376 | ---- | C] () -- C:\Program Files\Jun2008_XACT_x86.cab
[2008/05/30 13:37:42 | 00,089,285 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2008/05/30 13:37:42 | 00,025,115 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2008/05/30 13:37:42 | 00,021,744 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2008/05/30 13:36:04 | 13,267,416 | ---- | C] () -- C:\Program Files\dxnt.cab
[2008/05/30 13:36:02 | 04,165,878 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2008/05/30 13:36:02 | 01,805,306 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab
[2008/05/30 13:36:00 | 01,803,408 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2008/05/30 13:35:56 | 01,795,856 | ---- | C] () -- C:\Program Files\Jun2008_d3dx9_38_x64.cab
[2008/05/30 13:35:56 | 01,773,110 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2008/05/30 13:35:56 | 01,712,608 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab
[2008/05/30 13:35:56 | 01,711,400 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2008/05/30 13:35:56 | 01,611,022 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2008/05/30 13:35:56 | 01,610,606 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2008/05/30 13:35:56 | 01,610,534 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2008/05/30 13:35:56 | 01,609,287 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2008/05/30 13:35:56 | 01,577,624 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2008/05/30 13:35:56 | 01,574,402 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2008/05/30 13:35:56 | 01,467,126 | ---- | C] () -- C:\Program Files\Jun2008_d3dx9_38_x86.cab
[2008/05/30 13:35:56 | 01,446,530 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2008/05/30 13:35:56 | 01,416,150 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2008/05/30 13:35:56 | 01,401,078 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2008/05/30 13:35:56 | 01,361,224 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2008/05/30 13:35:56 | 01,339,250 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2008/05/30 13:35:54 | 01,366,044 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2008/05/30 13:35:54 | 01,353,790 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2008/05/30 13:35:54 | 01,350,602 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2008/05/30 13:35:54 | 01,250,747 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2008/05/01 18:07:54 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\Cindy\Local Settings\Application Data\fusioncache.dat
[2008/04/14 21:24:26 | 00,000,038 | ---- | C] () -- C:\WINDOWS\System32\dtirc.dll
[2008/03/30 21:27:57 | 00,000,024 | ---- | C] () -- C:\WINDOWS\System32\sysogg.dll
[2008/02/05 17:20:08 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/01/15 08:31:51 | 00,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2008/01/04 19:16:11 | 00,000,121 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008/01/04 19:15:30 | 00,000,206 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2007/12/11 18:19:43 | 00,111,104 | ---- | C] () -- C:\Documents and Settings\Cindy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/01 20:47:09 | 00,009,770 | ---- | C] () -- C:\WINDOWS\MediaShout 3.ini
[2007/11/13 22:24:52 | 00,001,285 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/05/02 18:53:46 | 00,150,016 | ---- | C] () -- C:\WINDOWS\System32\bwmedia.dll
[2007/04/15 13:09:29 | 00,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2007/03/22 21:29:03 | 00,000,250 | ---- | C] () -- C:\WINDOWS\phedit.ini
[2007/03/17 15:31:06 | 00,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2007/03/17 15:31:06 | 00,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2007/03/17 15:30:32 | 00,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2007/03/17 15:30:32 | 00,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2007/03/17 15:30:29 | 00,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2007/02/25 19:56:55 | 00,217,088 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2007/02/06 16:59:12 | 00,001,024 | ---- | C] () -- C:\Documents and Settings\Cindy\Application Data\WavCodec.wff
[2007/02/04 11:42:35 | 00,002,919 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/22 15:15:32 | 00,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/01/20 21:00:17 | 00,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/01/20 21:00:17 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\808A268AF2.sys
[2007/01/07 08:01:47 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/08 17:48:49 | 00,000,600 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/09/21 08:30:24 | 00,268,242 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-parse.dll
[2006/09/21 08:30:12 | 02,287,458 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-enc.dll
[2006/09/21 08:28:42 | 00,030,693 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-int.dll
[2006/06/01 08:39:30 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\LDECMPG22.dll
[2006/06/01 08:39:20 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\LENCMPG22.dll
[2006/06/01 08:38:36 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\LENCMPG2KRN2.dll
[2006/05/31 09:52:54 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\LDECMPG2KRN2.dll
[2006/05/28 16:31:26 | 00,405,504 | ---- | C] () -- C:\WINDOWS\System32\LEncMPG4Krn.dll
[2006/05/23 06:35:22 | 01,814,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15_n.dll
[2005/11/28 18:11:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/11/17 11:57:30 | 00,258,560 | ---- | C] () -- C:\WINDOWS\System32\MusicTagsAX.dll
[2004/10/05 16:37:20 | 00,258,048 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2004/08/10 05:00:00 | 00,026,156 | ---- | C] () -- C:\WINDOWS\System32\aanjda.dll
[2004/08/09 22:11:42 | 00,185,856 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/02/01 13:21:56 | 00,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2003/08/07 13:01:50 | 00,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2003/07/30 21:29:08 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/01/18 20:56:54 | 00,217,088 | ---- | C] () -- C:\WINDOWS\System32\mp3enc.dll
[1998/03/22 12:50:02 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECF54A0E
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 1/23/2010 2:13:52 PM - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Documents and Settings\Cindy\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18372)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,022.00 Mb Total Physical Memory | 373.00 Mb Available Physical Memory | 37.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 34.19 Gb Free Space | 45.89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 148.34 Gb Total Space | 97.10 Gb Free Space | 65.45% Space Free | Partition Type: NTFS
Drive F: | 149.75 Gb Total Space | 26.23 Gb Free Space | 17.52% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MCMARTIN-90C945
Current User Name: Cindy
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla FirefoxA\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-854245398-1214440339-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla FirefoxA\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- Reg Error: Value error.
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"enablefirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- File not found
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
"C:\Program Files\Last.fm\LastFM.exe" = C:\Program Files\Last.fm\LastFM.exe:*:Enabled:Last.fm -- (Last.fm)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- File not found
"E:\Program Files\Microsoft Games\Rise of Nations\thrones.exe" = E:\Program Files\Microsoft Games\Rise of Nations\thrones.exe:*:Enabled:Rise of Nations -- File not found
"C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe" = C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe:*:Enabled:Tmntsrv -- (Trend Micro Incorporated.)
"C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe" = C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe:*:Enabled:aawservice -- File not found
"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" = C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService -- (Apple Inc.)
"C:\ComboFix\fdsv.cfexe" = C:\ComboFix\fdsv.cfexe:*:Enabled:fdsv -- File not found
"C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe" = C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe:*:Enabled:COCIManager -- (Logitech Inc.)
"C:\Documents and Settings\Cindy\Desktop\uTorrent.exe" = C:\Documents and Settings\Cindy\Desktop\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Deusty\Mojo\Mojo.exe" = C:\Program Files\Deusty\Mojo\Mojo.exe:*:Enabled:Mojo -- (Deusty)
"C:\Program Files\RadioRipper\RadioRipper.exe" = C:\Program Files\RadioRipper\RadioRipper.exe:*:Enabled:RadioRipper -- File not found
"C:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe" = C:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe:*:Enabled:LaunchPad -- ()
"E:\Program Files\SwgClient_r.exe" = E:\Program Files\SwgClient_r.exe:*:Enabled:SwgClient_r -- File not found
"E:\Program Files\Steam\SteamApps\macamania\half-life 2 deathmatch\hl2.exe" = E:\Program Files\Steam\SteamApps\macamania\half-life 2 deathmatch\hl2.exe:*:Disabled:hl2 -- File not found
"C:\Program Files\Mozilla Firefox\abcd.exe" = C:\Program Files\Mozilla Firefox\abcd.exe:*:Enabled:Firefox -- File not found
"C:\Program Files\Mozilla FirefoxA\firefox.exe" = C:\Program Files\Mozilla FirefoxA\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- File not found
"C:\Program Files\Nakido\nakido.exe" = C:\Program Files\Nakido\nakido.exe:*:Enabled:Nakido -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"E:\Program Files\Rise of Nations\rise.exe" = E:\Program Files\Rise of Nations\rise.exe:*:Enabled:Rise of Nations -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 -- (Firaxis Games)
"C:\Documents and Settings\Cindy\Desktop\Skype.exe" = C:\Documents and Settings\Cindy\Desktop\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{066A1255-1299-4EBA-B9B3-FA7FB14F92E4}" = CIF USB Camera
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data@
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{186A63A2-4256-43C6-8061-95EF77A5CDB6}" = Sid Meier's Civilization 4
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{24A55F97-AA44-4EDB-BEA1-CD51441B2AD4}" = Mojo
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{372B920-F5A3-46A4-AC02-94F421A039C7}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3D83F6A1-A01B-4677-925C-DBBDB6478FA1}" = MediaShout 3
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{52D56C42-8C69-4882-A661-39695537C9CF}" = DellConnect
"{6444D9D9-CD6C-4464-B970-55C606C944DC}" = Logitech QuickCam
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6CFB4CA5-782E-4606-A9FE-C39F301CF9DA}" = InterLok Driver Kit
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7698EDA5-A90F-4205-99CB-8FF6F9048ED9}" = Trend Micro PC-cillin Internet Security 12
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C21B002-1B63-4973-9E0D-884929032D7B}" = MediaShout3 Update 626
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92B43A6F-E328-495A-ACFA-FC47C1B7215D}" = Digidesign Shared Plug-Ins 7.0
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9B52B30C-F65C-4244-ABCE-215E46E27AF0}" = Palm Desktop
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA63780B-DDB7-417b-8A13-E5AFBE08E807}" =
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC5352DA-F4F2-4A59-A1BF-41546342746B}" = CyberDefender Early Detection Center
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}" = Dual-Core Optimizer
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C589B6DE-F7BF-4E22-8524-53E115EF6AB4}" = Sony Media Manager 2.0
"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}" = Blaze Media Pro
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF2606C7-63AF-40F4-8919-F2EC654ACC91}" = Napster for Windows Media Player
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}" = KhalSetup
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"AVS Video Tools 5_is1" = AVS Video Tools 5.6
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"Collab" = Collab
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"esClient" = Echospin Delivery Wizard
"ExpressBurn" = Express Burn
"ExpressRip" = Express Rip
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.8.0
"GalleryPlayer Images" = GalleryPlayer Images
"GoldWave v5.25" = GoldWave v5.25
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist 8.0.0.514
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8 Release Candidate 1
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"IrfanView" = IrfanView (remove only)
"Juice" = Juice 2.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full)
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LastFM_is1" = Last.fm 1.5.4.24567
"lvdrivers_11.70" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Ogg Converter" = Ogg Converter
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"PC_Drummer_Trial_500" = PC Drummer Trial Edition 5.06
"PopupPopper" = Bayden PopupPopper (remove only)
"PROSet" = Intel(R) PRO Network Connections Drivers
"RealPlayer 12.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 9.0
"Security Task Manager" = Security Task Manager 1.7g
"Sibelius Scorch Plugin" = Sibelius Scorch Plugin
"Steam App 211" = Source SDK
"Steam App 215" = Source SDK Base
"ViewpointMediaPlayer" = Viewpoint Media Player
"WavePad" = WavePad Uninstall
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WETCable" = Windows Easy Transfer
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinFlyer32.dll" = WinFlyer
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-854245398-1214440339-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.0.0.320
"Timesendshow" = CiD Help
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 1/22/2010 11:16:23 AM | Computer Name = MCMARTIN-90C945 | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 9.0.2.25, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 1/22/2010 11:19:16 AM | Computer Name = MCMARTIN-90C945 | Source = MSMQ | ID = 2020
Description = The administration queue cannot be initialized. Please verify that
the admin_queue$ queue exists in the Private Queues container under Message Queuing
in Computer Management. If this queue is absent, you must uninstall and reinstall
Message Queuing.
Error - 1/22/2010 11:19:16 AM | Computer Name = MCMARTIN-90C945 | Source = MSMQ | ID = 2052
Description = The ordering queue cannot be initialized. Please verify that the order_queue$
queue exists in the Private Queues container under Message Queuing in Computer
Management. If this queue is absent, you must uninstall and reinstall Message Queuing.
Error - 1/22/2010 1:02:47 PM | Computer Name = MCMARTIN-90C945 | Source = MSMQ | ID = 2020
Description = The administration queue cannot be initialized. Please verify that
the admin_queue$ queue exists in the Private Queues container under Message Queuing
in Computer Management. If this queue is absent, you must uninstall and reinstall
Message Queuing.
Error - 1/22/2010 1:02:47 PM | Computer Name = MCMARTIN-90C945 | Source = MSMQ | ID = 2052
Description = The ordering queue cannot be initialized. Please verify that the order_queue$
queue exists in the Private Queues container under Message Queuing in Computer
Management. If this queue is absent, you must uninstall and reinstall Message Queuing.
Error - 1/22/2010 1:14:30 PM | Computer Name = MCMARTIN-90C945 | Source = MsiInstaller | ID = 1013
Description = Product: Microsoft .NET Framework 2.0 -- Setup cannot continue because
this version of the .NET Framework is incompatible with a previously installed
one. For more information, see
http://support.microsoft.com/support/kb ... 2/5/00.asp Error - 1/23/2010 1:24:24 AM | Computer Name = MCMARTIN-90C945 | Source = Application Hang | ID = 1002
Description = Hanging application WinRAR.exe, version 3.70.5.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 1/23/2010 1:24:53 AM | Computer Name = MCMARTIN-90C945 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3642, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 1/23/2010 1:31:20 AM | Computer Name = MCMARTIN-90C945 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
Error - 1/23/2010 1:31:20 AM | Computer Name = MCMARTIN-90C945 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.
[ System Events ]
Error - 1/20/2010 10:58:14 PM | Computer Name = MCMARTIN-90C945 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type
Error - 1/20/2010 11:37:45 PM | Computer Name = MCMARTIN-90C945 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type
Error - 1/20/2010 11:38:31 PM | Computer Name = MCMARTIN-90C945 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type
Error - 1/21/2010 12:33:46 AM | Computer Name = MCMARTIN-90C945 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type
Error - 1/22/2010 11:13:17 AM | Computer Name = MCMARTIN-90C945 | Source = DCOM | ID = 10010
Description = The server {DC0C2640-1415-4644-875C-6F4D769839BA} did not register
with DCOM within the required timeout.
Error - 1/22/2010 11:18:26 AM | Computer Name = MCMARTIN-90C945 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type
Error - 1/22/2010 11:19:41 AM | Computer Name = MCMARTIN-90C945 | Source = Service Control Manager | ID = 7001
Description = The Message Queuing Triggers service depends on the Message Queuing
service which failed to start because of the following error: %%0
Error - 1/22/2010 11:26:35 AM | Computer Name = MCMARTIN-90C945 | Source = DCOM | ID = 10010
Description = The server {DC0C2640-1415-4644-875C-6F4D769839BA} did not register
with DCOM within the required timeout.
Error - 1/22/2010 1:02:46 PM | Computer Name = MCMARTIN-90C945 | Source = ati2mtag | ID = 45062
Description = CRT invalid display type
Error - 1/22/2010 1:02:51 PM | Computer Name = MCMARTIN-90C945 | Source = Service Control Manager | ID = 7001
Description = The Message Queuing Triggers service depends on the Message Queuing
service which failed to start because of the following error: %%0
< End of report >