Gladiator Security Forum > HELP i have a few problems

Full Version: HELP i have a few problems

Gladiator Security Forum > Malware Help Forum > HELP! Think you are Infected?

tripod

May 4 2009, 06:08 PM

Hi my internet speed has reduced alot the past few weeks but its sometimes for only part of the day. this could be just my schools network as i have had trouble in the past with it but i wanted to check here first. secondly i have had problems with installing Windows updates they always fail. i started having this problem when i tryed updating net framework to the latest and it failed to update. also internet explorer 8 failed to install but i use Firefox so this isn't a huge deal. here is all the logs i will post them as separate because my internet fails half the time like stated above.

oh and thanks for the help!

tripod

May 4 2009, 06:09 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:51:37 PM, on 5/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVGLS\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVGLS\avgnsx.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVGLS\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVGLS\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVGLS\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.16.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVGLS\AVGTOO~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVGLS\avgtray.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.16.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.16.0\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1222180391420
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVGLS\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG LinkScanner® WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVGLS\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Update Service (gupdate1c980e3b156fa6e) (gupdate1c980e3b156fa6e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 11584 bytes

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.36
Database version: 2074
Windows 5.1.2600 Service Pack 3

5/4/2009 2:01:45 PM
mbam-log-2009-05-04 (14-01-45).txt

Scan type: Quick Scan
Objects scanned: 79442
Time elapsed: 6 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

tripod

May 4 2009, 06:24 PM

Results of screen317's Security Check version 0.98.3
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
``````````````````````````````
Windows Firewall Disabled!
McAfeeSecurityCenter
``````````````````````````````
Anti-malware/Other Utilities Check:
``````````````````````````````
SpywareBlaster 4.1
Spybot - Search & Destroy
Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner (remove only)
Java™ 6 Update 13
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgnsx.exe
Spybot SDHelper is disabled!
McAfee VIRUSS~1 mcshield.exe
McAfee VIRUSS~1 mcsysmon.exe
``````````````````````````````
DNS Vulnerability Check:
``````````````````````````````
GREAT! (Very random)

Scan took 26 seconds.
`````````End of Log```````````

LoPhatPhuud

May 5 2009, 03:45 PM

You missed OTLIstIt!

Please download OTListIt by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTListIt2.exe

Close all open windows on the Task Bar. Click the icon (for Vista, right click the icon and Run as Administrator) to start the program.
In the lower right corner of the Top Panel, checkmark 'LOP Check'; and checkmark 'Purity Check'.
Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
It will produce two logs for you, one will pop up called OTListIt.txt, the other will be saved on your desktop and called Extras.txt.
Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
Exit OTListIt2 by clicking the X at top right.

Copy/paste the following into your post (in order):
the contents of OTListIt.txt
the contents of Extras.txt

tripod

May 5 2009, 08:15 PM

OTListIt logfile created on: 5/5/2009 3:52:35 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 55.19% Memory free
3.35 Gb Paging File | 2.74 Gb Available in Paging File | 81.65% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.73 Gb Total Space | 64.35 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LI0DOKP1N
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/04/29 22:27:50 | 00,417,792 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/04/22 21:56:12 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVGLS\avgwdsvc.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [1999/12/12 13:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTsvcCDA.exe
PRC - [2009/04/16 05:47:16 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/07/26 08:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008/07/26 08:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/01/27 20:59:33 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/02/11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/01/08 21:30:26 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/01/09 12:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/01/09 09:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/03/25 11:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe
PRC - [2009/01/09 10:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\MskSrver.exe
PRC - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2009/04/22 21:56:17 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVGLS\avgnsx.exe
PRC - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/01/08 21:30:26 | 00,645,328 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/10/19 08:59:12 | 00,126,976 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2006/12/10 21:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
PRC - [2008/08/14 17:11:48 | 00,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/08/24 08:00:48 | 00,033,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2009/04/02 16:11:02 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/04/16 05:47:16 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/04/22 21:56:16 | 01,936,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVGLS\avgtray.exe
PRC - [2007/01/02 21:40:10 | 00,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2006/12/10 21:51:08 | 00,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2008/11/13 03:01:42 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
PRC - [2008/10/07 20:43:40 | 01,410,296 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2009/01/07 02:09:25 | 00,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/03/30 13:15:47 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
PRC - [2009/03/30 13:15:08 | 00,161,776 | ---- | M] (Google) -- C:\Program Files\Google\Google Updater\GoogleUpdater.exe
PRC - [2009/03/30 13:15:08 | 00,161,776 | ---- | M] (Google) -- C:\Program Files\Google\Google Updater\GoogleUpdater.exe
PRC - [2009/05/04 13:58:41 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTListIt2.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/03/26 15:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/04/22 21:56:12 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVGLS\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/04/17 12:17:52 | 00,079,360 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service [On_Demand | Stopped])
SRV - [1999/12/12 13:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2008/04/29 22:27:50 | 00,417,792 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService [Auto | Running])
SRV - [2009/01/27 20:59:33 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c980e3b156fa6e [Auto | Stopped])
SRV - [2009/03/30 13:15:47 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/01/19 23:52:32 | 00,225,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2007/01/19 23:52:32 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/04/16 05:47:16 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008/07/26 08:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer [Auto | Running])
SRV - [2008/07/26 08:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv [Auto | Running])
SRV - [2009/01/09 14:05:26 | 00,068,112 | ---- | M] (McAfee) -- C:\Program Files\McAfee\MBK\MBackMonitor.exe -- (MBackMonitor [On_Demand | Stopped])
SRV - [2009/02/11 11:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service [Auto | Running])
SRV - [2009/01/08 21:30:26 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
SRV - [2009/01/09 12:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc [Auto | Running])
SRV - [2009/04/01 14:21:30 | 00,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
SRV - [2009/01/09 09:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
SRV - [2009/03/25 11:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
SRV - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
SRV - [2007/08/24 07:59:20 | 00,068,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService [Auto | Running])
SRV - [2009/01/09 10:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service [Auto | Running])
SRV - [2007/08/24 04:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2007/01/04 17:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2008/07/18 13:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2008/07/18 13:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2009/04/22 21:56:44 | 00,251,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/04/22 21:56:43 | 00,108,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2003/06/30 18:11:52 | 00,043,136 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
DRV - [2003/09/22 09:48:06 | 00,130,192 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])
DRV - [2008/07/26 11:26:54 | 00,023,832 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys -- (FilterService [On_Demand | Stopped])
DRV - [2008/04/13 15:45:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/12/06 02:02:28 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])
DRV - [2006/12/06 02:02:28 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])
DRV - [2006/12/06 02:02:29 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\system32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])
DRV - [2005/06/22 01:12:34 | 00,807,998 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2008/07/26 08:25:02 | 00,025,624 | ---- | M] () -- C:\WINDOWS\system32\Drivers\LVPr2Mon.sys -- (LVPr2Mon [On_Demand | Running])
DRV - [2008/07/26 11:25:46 | 00,627,864 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\lvrs.sys -- (LVRS [On_Demand | Running])
DRV - [2008/07/26 11:26:20 | 00,041,752 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
DRV - [2008/07/26 11:26:42 | 04,658,584 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\DRIVERS\lvuvc.sys -- (LVUVC [On_Demand | Running])
DRV - [2008/01/14 06:06:32 | 00,021,632 | ---- | M] (ManyCam LLC.) -- C:\WINDOWS\system32\DRIVERS\ManyCam.sys -- (ManyCam [On_Demand | Running])
DRV - [2009/03/25 11:06:28 | 00,079,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
DRV - [2009/03/25 11:06:28 | 00,035,272 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk [On_Demand | Running])
DRV - [2009/03/25 11:06:28 | 00,214,024 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk [System | Running])
DRV - [2009/03/25 11:05:54 | 00,034,216 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
DRV - [2009/03/25 11:06:30 | 00,040,552 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
DRV - [2008/10/23 14:08:54 | 00,120,136 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\Drivers\Mpfp.sys -- (MPFP [System | Running])
DRV - [2003/09/22 09:47:38 | 00,178,672 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\DRIVERS\ctoss2k.sys -- (ossrv [On_Demand | Running])
DRV - [2003/09/22 13:43:06 | 01,330,048 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\P16X.sys -- (P16X [On_Demand | Running])
DRV - [2003/03/05 13:19:28 | 00,015,840 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\PfModNT.sys -- (PfModNT [Auto | Running])
DRV - [2001/08/18 08:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008/04/13 12:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/02/11 22:50:56 | 01,670,016 | R--- | M] (Creative) -- C:\WINDOWS\system32\drivers\skfilt.sys -- (skfilt [On_Demand | Stopped])
DRV - [2008/04/13 14:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {d95e614b-c28e-43af-a326-ca590e18abd6}:1.5
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {1d5287d1-8a92-0001-1f31-1cec198018d8}:2.0.20090320
FF - prefs.js..extensions.enabledItems: capturefoxmovie@advancity.net:0.3.5.081007b
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.84
FF - prefs.js..extensions.enabledItems: {8be51513-0433-45c1-9203-7b45019df871}:1.0.3
FF - prefs.js..extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.3
FF - prefs.js..extensions.enabledItems: {daf44bf7-a45e-4450-979c-91cf07434c3d}:1.5.3
FF - prefs.js..extensions.enabledItems: {27a03cf3-856f-46b8-91cb-7289f58c7e6e}:1.314
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.3.3
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.11
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.1.8.6
FF - prefs.js..extensions.enabledItems: fontfinder@bendodson.com:0.5d
FF - prefs.js..extensions.enabledItems: firefox@ghostery.com:1.3.9
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.16.0
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W
FF - prefs.js..extensions.enabledItems: {F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}:1.3.2
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.2
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:6.2.1.4
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.3.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {49f3fc85-dcfe-4e42-9301-226ebe658509}:0.6.3
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.2.6
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.0
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.5.5
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.1
FF - prefs.js..extensions.enabledItems: ServerSpy@jacquet.eu.org:0.1.6
FF - prefs.js..extensions.enabledItems: sqlime@security.compass:0.4.3
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.1
FF - prefs.js..extensions.enabledItems: ubiquity@labs.mozilla.com:0.1.8
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20090325
FF - prefs.js..extensions.enabledItems: yslow@yahoo-inc.com:2.0.0b3
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\PROGRAM FILES\MCAFEE\SITEADVISOR [2009/04/27 18:25:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/01/07 02:09:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/04/16 05:47:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVGLS\FIREFOX [2009/04/22 21:56:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\PROGRAM FILES\AVG\AVGLS\TOOLBARFF [2009/04/22 21:56:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX\ [2009/04/25 00:13:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/29 10:44:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 10:44:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5b4\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX 3.5 BETA 4\COMPONENTS [2009/04/29 23:47:33 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5b4\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX 3.5 BETA 4\PLUGINS [2009/04/29 23:47:30 | 00,000,000 | ---D | M]

[2008/09/23 15:52:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions
[2008/09/23 15:52:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/04 18:58:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions
[2009/03/08 19:38:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/04/06 11:04:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2009/04/17 02:40:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2008/09/25 17:03:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2008/10/03 23:26:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{27a03cf3-856f-46b8-91cb-7289f58c7e6e}
[2009/01/06 23:23:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/04/15 05:47:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{49f3fc85-dcfe-4e42-9301-226ebe658509}
[2008/11/16 21:27:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009/04/30 18:26:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2009/05/04 10:58:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/03/30 14:01:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2009/04/15 05:47:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{8be51513-0433-45c1-9203-7b45019df871}
[2009/03/30 14:02:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/04/15 05:51:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/04/15 20:33:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/03/05 21:13:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{d95e614b-c28e-43af-a326-ca590e18abd6}
[2009/04/01 15:28:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}
[2009/03/30 14:01:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009/04/01 15:28:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}
[2008/10/27 13:48:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/04/01 15:28:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2009/03/05 21:13:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\capturefoxmovie@advancity.net
[2009/02/23 18:00:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\firebug@software.joehewitt.com
[2009/04/01 15:28:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\firefox@ghostery.com
[2009/04/15 05:47:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\fontfinder@bendodson.com
[2009/01/07 03:46:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\moveplayer@movenetworks.com
[2009/04/08 10:10:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\personas@christopher.beard
[2009/04/01 15:28:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\ServerSpy@jacquet.eu.org
[2009/04/22 05:07:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\sqlime@security.compass
[2009/04/08 10:10:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\ubiquity@labs.mozilla.com
[2009/04/08 10:10:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\ubiquity@labs.mozilla.com-trash
[2009/04/30 18:26:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\mozilla\Firefox\Profiles\k0zyf5s1.default\extensions\yslow@yahoo-inc.com
[2009/01/07 13:30:47 | 00,008,743 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\FireFox\Profiles\k0zyf5s1.default\searchplugins\aim-search.xml
[2009/05/04 20:07:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 10:44:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/11/13 03:31:00 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/04/16 05:48:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/29 10:44:47 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 10:44:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/09/29 00:53:15 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/09/29 00:53:15 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/09/29 00:53:15 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/13 19:46:15 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/09/29 00:53:15 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/09/29 00:53:15 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/09/29 00:53:15 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (302791 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 10436 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVGLS\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVGLS\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.16.0\gears.dll (Google Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVGLS\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVGLS\avgtoolbar.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVGLS\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" ()
O4 - HKLM..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide (McAfee, Inc.)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.16.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 55 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1222180391420 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVGLS\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/22 18:38:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{429ad5fa-89a8-11dd-a353-000d56575f17}\Shell\AutoRun\command - "" = G:\WD_Windows_Tools\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[5 C:\WINDOWS\*.tmp files]
[2009/05/04 13:59:06 | 00,532,626 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SecurityCheck.exe
[2009/05/04 13:58:40 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTListIt2.exe
[2009/05/04 13:46:12 | 00,002,674 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20090504_134610.reg
[2009/05/04 13:45:37 | 00,371,562 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20090504_134535.reg
[2009/05/04 12:42:08 | 00,197,200 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ASpring09SyllabusPart2.docx
[2009/05/04 12:40:00 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Owner\Desktop\~$aluating sources page.docx
[2009/05/04 12:39:54 | 00,012,046 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\evaluating sources page.docx
[2009/05/04 12:33:02 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Owner\Desktop\~$glish102syllabusSpring2009(2).doc
[2009/05/04 12:31:33 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Owner\Desktop\~$guing a Position.doc
[2009/05/04 12:31:20 | 00,049,664 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Arguing a Position.doc
[2009/05/04 12:31:16 | 00,040,448 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\English102syllabusSpring2009(2).doc
[2009/05/04 12:31:10 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Evaluating Sources(2).doc
[2009/05/04 12:31:04 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MLA Style Quiz102Spr09(2).doc
[2009/05/04 12:30:58 | 00,010,578 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Touring the(2).docx
[2009/05/04 08:33:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/05/01 14:19:09 | 00,068,096 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PAPER Final.doc
[2009/05/01 14:07:18 | 00,069,120 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PAPER WITH REVIEW!.doc
[2009/05/01 13:55:00 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HijackThis.lnk
[2009/05/01 13:55:00 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/01 13:54:53 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HJTInstall.exe
[2009/04/29 23:47:33 | 00,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 3.5 Beta 4.lnk
[2009/04/29 23:47:28 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 3.5 Beta 4
[2009/04/29 23:45:57 | 07,991,640 | ---- | C] (Mozilla) -- C:\Documents and Settings\Owner\Desktop\Firefox Setup 3.5 Beta 4.exe
[2009/04/29 18:01:30 | 00,018,875 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\China paper eco2.docx
[2009/04/29 12:34:42 | 00,013,067 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\In celebration of the 60th anniversary of the founding of the People.docx
[2009/04/29 10:52:57 | 00,010,578 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Touring the.docx
[2009/04/29 10:52:51 | 00,025,088 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Evaluating Sources.doc
[2009/04/29 10:52:44 | 00,039,424 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\MLA Style Quiz102Spr09.doc
[2009/04/29 10:51:57 | 00,030,720 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PRC Foreign Policy_Key Dates.doc
[2009/04/29 10:51:49 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PRC Domestic Politics_Key Dates.doc
[2009/04/29 10:51:36 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Briefing Book Instructions.doc
[2009/04/29 10:51:29 | 00,044,544 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Briefing Book Intro_Taylor 2009.doc
[2009/04/29 10:51:17 | 00,449,024 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Syllabus_China's Rise(2).doc
[2009/04/29 10:49:17 | 00,020,646 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\agnment[1].docx
[2009/04/29 10:48:51 | 00,022,783 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\China paper eco.docx
[2009/04/22 21:56:45 | 00,001,514 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG LinkScanner®.lnk
[2009/04/22 21:56:44 | 00,251,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/04/22 21:56:43 | 00,108,296 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/04/22 21:56:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVGTOOLBAR
[2009/04/22 21:56:10 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/04/22 21:56:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8ls
[2009/04/22 21:53:10 | 15,099,064 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Owner\Desktop\avg_lsf_stf_en_85_289.exe
[2009/04/22 16:19:57 | 02,869,264 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\dotNetFx35setup.exe
[2009/04/22 16:19:20 | 02,945,816 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\dotnetfx3setup.exe
[2009/04/22 10:46:27 | 00,014,610 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Copy of spraytrace.smx
[2009/04/22 10:44:45 | 00,004,255 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\spraytrace.phrases.rar
[2009/04/22 05:43:06 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009/04/17 12:35:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Creative
[2009/04/17 12:27:54 | 00,007,062 | ---- | C] () -- C:\WINDOWS\System32\audiopid.vxd
[2009/04/17 12:26:56 | 00,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscomct2.ocx
[2009/04/17 12:26:56 | 00,001,940 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Creative Product Registration.lnk
[2009/04/17 12:24:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative
[2009/04/17 12:24:12 | 00,000,000 | -H-D | C] -- C:\Program Files\Creative Installation Information
[2009/04/17 12:20:53 | 00,024,825 | R--- | C] () -- C:\WINDOWS\System32\xfisk.ini
[2009/04/17 12:20:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative
[2009/04/17 12:20:48 | 00,413,696 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009/04/17 12:20:48 | 00,110,592 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2009/04/17 12:20:15 | 00,181,248 | R--- | C] (Creative Technology Limited) -- C:\WINDOWS\System32\skInst.dll
[2009/04/17 12:20:06 | 00,782,336 | R--- | C] (Creative Labs Inc.) -- C:\WINDOWS\OALInst.exe
[2009/04/17 12:20:05 | 00,151,040 | R--- | C] () -- C:\WINDOWS\System32\KSXPPI32.dll
[2009/04/17 12:20:05 | 00,001,462 | R--- | C] () -- C:\WINDOWS\skdef.reg
[2009/04/17 12:20:04 | 01,670,016 | R--- | C] (Creative) -- C:\WINDOWS\System32\drivers\skfilt.sys
[2009/04/17 12:20:04 | 00,000,315 | RH-- | C] () -- C:\WINDOWS\ctfile.rfc
[2009/04/17 12:19:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Creative Labs
[2009/04/17 12:17:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative Labs Shared
[2009/04/17 12:13:53 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2009/04/17 12:13:53 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2009/04/17 07:16:53 | 00,008,294 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Order Report.xlsx
[2009/04/17 01:58:52 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/17 01:58:43 | 01,203,922 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/04/17 01:58:39 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/16 06:40:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/04/16 05:47:11 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/04/16 05:45:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Sun
[2009/04/13 13:52:22 | 00,016,679 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Three Topics English 102 final.docx
[2009/04/10 18:47:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/04/10 18:46:44 | 00,302,800 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20090410_184642.reg
[2009/04/10 18:27:07 | 03,190,688 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Owner\Desktop\ccsetup218.exe
[2009/04/10 14:25:26 | 00,015,092 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Three Topics English 102.docx
[2009/04/08 06:58:32 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/08 06:58:04 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/08 06:58:00 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/08 06:58:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/08 06:55:01 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/04/08 06:54:40 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/01/07 18:12:58 | 00,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2008/11/12 05:49:15 | 00,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/10/15 15:51:49 | 00,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/09/23 18:26:43 | 00,000,066 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2008/09/23 18:26:14 | 00,002,516 | ---- | C] () -- C:\WINDOWS\System32\P16X.ini
[2008/09/23 18:26:14 | 00,000,052 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/07/26 08:25:02 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2003/09/01 11:06:14 | 00,002,696 | ---- | C] () -- C:\WINDOWS\MIXDEF.INI
[2003/07/08 13:41:48 | 00,047,616 | ---- | C] () -- C:\WINDOWS\System32\P16X.dll
[2002/04/11 00:41:00 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2001/08/18 08:00:00 | 00,000,643 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/18 08:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini

========== Files - Modified Within 30 Days ==========

[3 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/05 15:57:52 | 00,002,193 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk
[2009/05/05 15:53:43 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/05/05 15:48:10 | 00,025,973 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/05/05 15:47:48 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2009/05/05 15:47:45 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2009/05/04 19:08:03 | 00,000,643 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/05/04 18:26:31 | 00,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/04 14:51:09 | 00,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-1801674531-725345543-1003.job
[2009/05/04 13:59:07 | 00,532,626 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SecurityCheck.exe
[2009/05/04 13:58:41 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTListIt2.exe
[2009/05/04 13:46:37 | 00,002,674 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20090504_134610.reg
[2009/05/04 13:45:45 | 00,371,562 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20090504_134535.reg
[2009/05/04 13:43:32 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk
[2009/05/04 13:04:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/04 12:42:09 | 00,197,200 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ASpring09SyllabusPart2.docx
[2009/05/04 12:40:00 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Owner\Desktop\~$aluating sources page.docx
[2009/05/04 12:39:54 | 00,012,046 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\evaluating sources page.docx
[2009/05/04 12:33:02 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Owner\Desktop\~$glish102syllabusSpring2009(2).doc
[2009/05/04 12:31:33 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Owner\Desktop\~$guing a Position.doc
[2009/05/04 12:31:21 | 00,049,664 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Arguing a Position.doc
[2009/05/04 12:31:16 | 00,040,448 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\English102syllabusSpring2009(2).doc
[2009/05/04 12:31:10 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Evaluating Sources(2).doc
[2009/05/04 12:31:04 | 00,039,424 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MLA Style Quiz102Spr09(2).doc
[2009/05/04 12:30:59 | 00,010,578 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Touring the(2).docx
[2009/05/04 08:45:11 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Owner\Local Settings\desktop.ini
[2009/05/04 08:30:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/04 08:30:34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/04 08:30:28 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2009/05/01 15:25:15 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/05/01 15:25:15 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2009/05/01 14:52:02 | 00,068,096 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\PAPER Final.doc
[2009/05/01 14:07:19 | 00,069,120 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\PAPER WITH REVIEW!.doc
[2009/05/01 13:55:00 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HijackThis.lnk
[2009/05/01 13:54:54 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HJTInstall.exe
[2009/05/01 01:00:10 | 00,000,332 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2009/04/30 23:59:46 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/04/29 23:47:33 | 00,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 3.5 Beta 4.lnk
[2009/04/29 23:46:50 | 07,991,640 | ---- | M] (Mozilla) -- C:\Documents and Settings\Owner\Desktop\Firefox Setup 3.5 Beta 4.exe
[2009/04/29 20:19:46 | 00,045,079 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Comparative Case Study Iran-Israel.docx
[2009/04/29 18:01:31 | 00,018,875 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\China paper eco2.docx
[2009/04/29 14:45:20 | 00,022,783 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\China paper eco.docx
[2009/04/29 12:34:43 | 00,013,067 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\In celebration of the 60th anniversary of the founding of the People.docx
[2009/04/29 10:52:59 | 00,010,578 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Touring the.docx
[2009/04/29 10:52:52 | 00,025,088 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Evaluating Sources.doc
[2009/04/29 10:52:45 | 00,039,424 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MLA Style Quiz102Spr09.doc
[2009/04/29 10:51:59 | 00,030,720 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\PRC Foreign Policy_Key Dates.doc
[2009/04/29 10:51:51 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\PRC Domestic Politics_Key Dates.doc
[2009/04/29 10:51:37 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Briefing Book Instructions.doc
[2009/04/29 10:51:30 | 00,044,544 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Briefing Book Intro_Taylor 2009.doc
[2009/04/29 10:51:18 | 00,449,024 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Syllabus_China's Rise(2).doc
[2009/04/29 10:49:17 | 00,020,646 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\agnment[1].docx
[2009/04/29 10:04:42 | 00,012,800 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Settings.cfg
[2009/04/24 19:21:39 | 00,002,244 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2009/04/22 21:56:45 | 00,001,514 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG LinkScanner®.lnk
[2009/04/22 21:56:44 | 00,251,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/04/22 21:56:43 | 00,108,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/04/22 21:54:17 | 15,099,064 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Owner\Desktop\avg_lsf_stf_en_85_289.exe
[2009/04/22 16:19:57 | 02,869,264 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\dotNetFx35setup.exe
[2009/04/22 16:19:20 | 02,945,816 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Owner\Desktop\dotnetfx3setup.exe
[2009/04/22 10:44:46 | 00,004,255 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\spraytrace.phrases.rar
[2009/04/22 05:51:13 | 00,000,134 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Internet Explorer Troubleshooting.url
[2009/04/17 12:26:56 | 00,001,940 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Creative Product Registration.lnk
[2009/04/17 12:21:36 | 00,481,086 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/04/17 12:21:36 | 00,409,084 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/17 12:21:36 | 00,064,296 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/17 12:20:53 | 00,000,412 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/04/17 12:20:53 | 00,000,412 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/04/17 12:20:53 | 00,000,315 | RH-- | M] () -- C:\WINDOWS\ctfile.rfc
[2009/04/17 12:20:48 | 00,413,696 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009/04/17 12:20:48 | 00,110,592 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2009/04/17 10:50:53 | 00,008,294 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Order Report.xlsx
[2009/04/16 12:03:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/04/15 02:25:05 | 00,000,340 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/04/13 13:52:23 | 00,016,679 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Three Topics English 102 final.docx
[2009/04/10 18:50:15 | 00,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/04/10 18:50:15 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/04/10 18:46:51 | 00,302,800 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20090410_184642.reg
[2009/04/10 18:27:19 | 03,190,688 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Owner\Desktop\ccsetup218.exe
[2009/04/10 14:25:27 | 00,015,092 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Three Topics English 102.docx
[2009/04/08 18:17:07 | 00,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/04/08 18:17:07 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/04/08 06:55:01 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/04/06 07:57:26 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

========== LOP Check ==========

[2009/04/22 21:56:09 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/01/15 10:43:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{81A39259-3FF0-430A-95F5-EF566D08DE70}
[2009/04/08 06:58:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/03/08 19:42:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2008/11/17 19:25:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/03/12 14:00:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008/11/17 19:24:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2008/11/17 19:24:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2008/09/23 17:37:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008/09/23 17:38:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/04/22 21:56:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg8ls
[2009/04/17 12:35:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Creative
[2009/04/17 12:19:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Creative Labs
[2008/09/23 15:01:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2009/01/08 22:05:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/01/07 08:59:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2008/09/23 17:02:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009/05/05 15:53:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2008/09/23 16:25:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2008/09/23 16:28:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2008/11/06 23:20:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2008/09/23 16:27:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
[2009/01/23 16:52:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/10/19 00:15:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2008/10/15 15:48:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2009/01/22 23:31:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/09/23 16:14:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009/02/11 12:18:36 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/04/22 05:13:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2009/03/12 14:37:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2008/09/23 16:11:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
[2008/11/13 03:30:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/01/05 21:35:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SPAUN IT
[2009/05/04 19:49:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/03/08 19:13:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/11/17 19:25:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/09/23 16:31:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2008/09/23 10:36:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/04/22 21:56:37 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Application Data
[2008/11/17 19:28:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\acccore
[2008/11/17 17:42:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2009/03/17 20:11:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Apple Computer
[2009/04/29 20:34:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVGTOOLBAR
[2009/04/17 12:35:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Creative
[2008/11/06 16:42:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Dynamic
[2008/11/06 16:42:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\EmailNotifier
[2008/10/03 21:04:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo
[2009/04/22 22:45:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Google
[2009/03/03 08:00:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Help
[2009/04/22 12:37:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\HLSW
[2008/09/23 16:34:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\HP
[2008/09/22 18:43:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Identities
[2008/10/15 15:50:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2008/09/23 14:51:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2009/01/22 23:31:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2009/04/17 07:16:19 | 00,000,000 | --SD | M] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2009/02/25 06:16:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Move Networks
[2009/04/08 23:19:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2009/03/30 13:19:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Real
[2009/04/22 10:47:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SiteClasses
[2009/04/22 10:47:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sites
[2008/11/13 03:33:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Skype
[2008/11/13 03:32:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\skypePM
[2009/04/16 05:45:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sun
[2009/04/10 18:50:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\tor
[2009/01/08 22:05:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Uniblue
[2008/10/03 02:37:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2008/11/12 05:50:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ventrilo
[2009/04/10 18:33:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vidalia
[2008/09/24 17:32:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\vlc
[2008/11/07 02:48:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WinRAR
[2009/01/10 06:31:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Xfire
[2009/05/04 13:04:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/04/16 12:03:02 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001/08/18 08:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/05/05 15:53:43 | 00,000,868 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009/05/05 15:47:48 | 00,000,882 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job
[2009/05/04 14:51:09 | 00,000,926 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-1801674531-725345543-1003.job
[2009/04/15 02:25:05 | 00,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2009/05/01 01:00:10 | 00,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2009/05/04 08:30:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

tripod

May 5 2009, 08:25 PM

OTListIt Extras logfile created on: 5/5/2009 3:52:35 PM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 55.19% Memory free
3.35 Gb Paging File | 2.74 Gb Available in Paging File | 81.65% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.73 Gb Total Space | 64.35 Gb Free Space | 57.59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LI0DOKP1N
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2008/10/15 15:50:58 | 00,066,864 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/13 14:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2008/10/15 15:50:58 | 00,066,864 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[2008/11/10 11:23:50 | 01,539,072 | ---- | M] () -- C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe
[2009/03/24 18:33:40 | 03,985,104 | ---- | M] (Google) -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin
[2009/03/24 17:55:30 | 00,083,440 | ---- | M] (Google) -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin
[2008/09/23 15:17:06 | 21,755,688 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
[2006/11/03 03:17:27 | 00,010,800 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
[2008/10/21 13:09:59 | 00,050,472 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
[2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/09/23 17:22:33 | 04,725,784 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\peggle extreme\PeggleExtreme.exe:*:Enabled:Peggle Extreme
[2009/02/04 20:50:58 | 00,000,061 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\doom 2\doom2.bat:*:Enabled:Doom 2
[2009/02/04 20:59:46 | 00,555,520 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\quake\Winquake.exe:*:Enabled:Quake
[2009/02/04 20:59:45 | 00,696,832 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\quake\qwcl.exe:*:Enabled:Quake
[2009/02/04 20:59:36 | 00,157,184 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\quake\Glquake.exe:*:Enabled:Quake
[2009/02/04 20:59:46 | 00,168,448 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\quake\glqwcl.exe:*:Enabled:Quake
[2008/05/21 05:37:24 | 12,844,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
[2007/08/29 01:23:36 | 00,340,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove
[2008/05/21 06:54:40 | 01,022,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote
[2009/01/09 12:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
[2009/03/08 19:22:57 | 02,203,648 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\world of goo\WorldOfGoo.exe:*:Enabled:World of Goo
[2009/03/11 16:01:51 | 05,278,776 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\peggle nights\PeggleNights.exe:*:Enabled:Peggle Nights
[2009/03/12 14:25:06 | 00,114,256 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\luxor 2\Luxor2.exe:*:Enabled:Luxor 2
[2009/03/12 14:25:31 | 03,890,184 | ---- | M] () -- C:\Program Files\Steam\steamapps\common\zuma deluxe\Zuma.exe:*:Enabled:Zuma Deluxe
[2009/04/02 16:10:58 | 13,646,632 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2009/04/22 21:56:16 | 01,064,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVGLS\avgupd.exe:*:Enabled:avgupd.exe
[2009/04/22 21:56:17 | 00,594,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVGLS\avgnsx.exe:*:Enabled:avgnsx.exe

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{38B39865-D988-4945-9A22-6107B8B40953}" = C4200
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{5012BC0C-7E1A-329A-8F02-B6846070C5F8}" = Google Talk Plugin
"{50CE21D8-0F44-4f3f-A392-7F9AD3194DEF}" = PS_AIO_Software
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{548EAC70-EE00-11DD-908C-005056806466}" = Google Earth
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5B3A354B-C059-4861-A85B-CA46F1089E15}" = Creative USB Headsets
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{64A420BB-55F7-3594-BA63-79607B07959F}" = O3D Plugin
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}" = HP Photosmart All-In-One Software 8.0
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{87FDB1C6-785F-3482-B30E-FF2F2A021F65}" = Google Gears
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}" = Sound Blaster Live!
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{ADE3CACC-EC31-480C-83A0-587EE60CE8DF}" = RamBooster
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B668B2B8-70D4-4754-A890-17C1DDDA9418}" = PS_AIO_Software_min
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4C91E02-D4E2-481E-BCBA-7D90CC8D43E1}" = LiveZilla
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D2AFD577-8CF5-37F4-A4CF-32BEE91CB9C8}" = O3D Extras
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FE0C305A-37EE-4499-B4CF-0182E37B20C4}" = PS_AIO_ProductContext
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"AceFTP 3 Freeware" = AceFTP 3 Freeware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS4_is1" = Adobe Photoshop CS4
"AIM_6" = AIM 6
"Avg8LsUninstall" = AVG LinkScanner® 8.5
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"ENTERPRISER" = Microsoft Office Enterprise 2007
"filehippo.com" = filehippo.com Update Checker
"Google Updater" = Google Updater
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"HijackThis" = HijackThis 2.0.2
"HLSW_is1" = HLSW v1.3.0
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"LiveZilla" = LiveZilla
"lvdrivers_11.80" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.3 (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"Mozilla Firefox (3.5b4)" = Mozilla Firefox (3.5b4)
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Privoxy" = Privoxy 3.0.6
"RealPlayer 6.0" = RealPlayer
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpywareBlaster_is1" = SpywareBlaster 4.1
"Steam App 10" = Counter-Strike
"Steam App 100" = Condition Zero Deleted Scenes
"Steam App 12900" = Audiosurf
"Steam App 15920" = Luxor 2
"Steam App 16040" = Luxor: Quest for the Afterlife
"Steam App 22000" = World of Goo
"Steam App 2300" = Doom 2
"Steam App 2310" = Quake
"Steam App 240" = Counter-Strike: Source
"Steam App 3330" = Zuma Deluxe
"Steam App 3483" = Peggle Extreme
"Steam App 3540" = Peggle Nights
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 440" = Team Fortress 2
"Steam App 80" = Condition Zero
"SysInfo" = Creative System Information
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Tor" = Tor 0.2.0.34
"Vidalia" = Vidalia 0.1.10
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/1/2009 4:55:47 PM | Computer Name = LI0DOKP1N | Source = MsiInstaller | ID = 11719
Description = Product: PS_AIO_ProductContext -- Error 1719. The Windows Installer
Service could not be accessed. This can occur if the Windows Installer is not correctly
installed. Contact your support personnel for assistance.

Error - 5/4/2009 2:11:41 PM | Computer Name = LI0DOKP1N | Source = Application Hang | ID = 1002
Description = Hanging application SETUP.EXE, version 12.0.6212.1000, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/4/2009 2:11:52 PM | Computer Name = LI0DOKP1N | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 12.0.6331.5000, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/4/2009 2:19:25 PM | Computer Name = LI0DOKP1N | Source = Application Hang | ID = 1002
Description = Hanging application OTListIt2.exe, version 2.0.15.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 5/4/2009 2:19:58 PM | Computer Name = LI0DOKP1N | Source = Application Hang | ID = 1002
Description = Hanging application OTListIt2.exe, version 2.0.15.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 5/4/2009 2:22:01 PM | Computer Name = LI0DOKP1N | Source = Application Hang | ID = 1002
Description = Hanging application OTListIt2.exe, version 2.0.15.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 5/4/2009 6:25:40 PM | Computer Name = LI0DOKP1N | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 5/4/2009 6:25:40 PM | Computer Name = LI0DOKP1N | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 5/4/2009 6:26:28 PM | Computer Name = LI0DOKP1N | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 5/4/2009 6:26:29 PM | Computer Name = LI0DOKP1N | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

[ OSession Events ]
Error - 10/13/2008 3:53:47 PM | Computer Name = LI0DOKP1N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 830 seconds with 360 seconds of active time. This session ended with a crash.

Error - 2/11/2009 1:33:32 PM | Computer Name = LI0DOKP1N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6215.1000. This session
lasted 444 seconds with 360 seconds of active time. This session ended with a crash.

Error - 2/13/2009 5:08:54 PM | Computer Name = LI0DOKP1N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.4518.1014. This session
lasted 6468 seconds with 600 seconds of active time. This session ended with a
crash.

Error - 2/16/2009 6:39:39 PM | Computer Name = LI0DOKP1N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.4518.1014. This session
lasted 1273 seconds with 1260 seconds of active time. This session ended with a
crash.

Error - 3/13/2009 8:47:38 PM | Computer Name = LI0DOKP1N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 31711 seconds with 1980 seconds of active time. This session ended with
a crash.

Error - 3/18/2009 2:59:34 PM | Computer Name = LI0DOKP1N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 901 seconds with 840 seconds of active time. This session ended with a crash.

Error - 4/17/2009 7:34:01 AM | Computer Name = LI0DOKP1N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 236 seconds with 180 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5/1/2009 8:22:50 AM | Computer Name = LI0DOKP1N | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
EXCALIBUR that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{199120A8-33B2-4E2B. The master browser is stopping or an election is
being forced.

Error - 5/1/2009 9:34:32 AM | Computer Name = LI0DOKP1N | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
EXCALIBUR that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{199120A8-33B2-4E2B. The master browser is stopping or an election is
being forced.

Error - 5/1/2009 10:45:18 AM | Computer Name = LI0DOKP1N | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
PC556411137441 that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{199120A8-33B2. The master browser is stopping or an election is being
forced.

Error - 5/1/2009 11:57:14 AM | Computer Name = LI0DOKP1N | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
YOUR-7745395E08 that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{199120A8-33B. The master browser is stopping or an election is being
forced.

Error - 5/1/2009 1:19:57 PM | Computer Name = LI0DOKP1N | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
YOUR-7745395E08 that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{199120A8-33B. The master browser is stopping or an election is being
forced.

Error - 5/1/2009 2:46:30 PM | Computer Name = LI0DOKP1N | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
YOUR-7745395E08 that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{199120A8-33B. The master browser is stopping or an election is being
forced.

Error - 5/1/2009 3:54:20 PM | Computer Name = LI0DOKP1N | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{199120A8-33B2-4E2B-8889-89B2F04F0BC6}. The
backup browser is stopping.

Error - 5/1/2009 4:32:44 PM | Computer Name = LI0DOKP1N | Source = MRxSmb | ID = 8003
Description = The master browser has received a server announcement from the computer
EXCALIBUR that believes that it is the master browser for the domain on transport
NetBT_Tcpip_{199120A8-33B2-4E2B. The master browser is stopping or an election is
being forced.

Error - 5/4/2009 6:45:52 PM | Computer Name = LI0DOKP1N | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update (KB951847) x86.

Error - 5/5/2009 3:47:45 PM | Computer Name = LI0DOKP1N | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 130.108.237.28
on the Network Card with network address 000D56575F17.

< End of report >

LoPhatPhuud

May 6 2009, 05:48 PM

Your system appears clean.

The Windows Update issue needs to be addressed but is beyond the scope of this forum. There are several reasons why the updates may be failing. I suggest you post your problem in the Windows Update Newsgroup here: http://www.microsoft.com/windowsxp/expertz...ng=en&cr=US

Go ahead and delete OTListIt2. We're done with it.

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.