OTL
OTL logfile created on: 1/10/2011 1:26:50 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = G:\Documents and Settings\K. Albert 2\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): G:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Program Files
Drive G: | 76.68 Gb Total Space | 34.04 Gb Free Space | 44.39% Space Free | Partition Type: NTFS
Drive H: | 232.88 Gb Total Space | 171.16 Gb Free Space | 73.50% Space Free | Partition Type: NTFS
Computer Name: ALBERT2 | User Name: K. Albert 2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - G:\Documents and Settings\K. Albert 2\Desktop\OTL.exe (OldTimer Tools)
PRC - G:\Program Files\new folder\Update\realsched.exe (RealNetworks, Inc.)
PRC - G:\Program Files\AVG\AVGLS9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - G:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
PRC - H:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - G:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - G:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - G:\Program Files\AVG\AVGLS9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - G:\Program Files\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
PRC - H:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
PRC - H:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe (IObit)
PRC - G:\Program Files\AVG\AVGLS9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - G:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)
PRC - H:\Program Files\ThreatFire\TFTray.exe (PC Tools)
PRC - H:\Program Files\ThreatFire\TFService.exe (PC Tools)
PRC - G:\Program Files\DU Meter\DUMeterSvc.exe (Hagel Technologies Ltd.)
PRC - G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - G:\Program Files\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC)
PRC - G:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - G:\Program Files\Webroot\Washer\WasherSvc.exe (Webroot Software, Inc.)
PRC - G:\Program Files\Softwin\BitDefender10\bdagent.exe (SOFTWIN S.R.L.)
========== Modules (SafeList) ========== MOD - G:\Documents and Settings\K. Albert 2\Desktop\OTL.exe (OldTimer Tools)
MOD - G:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealNetworks, Inc.)
MOD - G:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll (Microsoft Corporation)
MOD - G:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll (Microsoft Corporation)
MOD - G:\WINDOWS\system32\guard32.dll (COMODO)
MOD - H:\Program Files\ThreatFire\TFWAH.dll (PC Tools)
MOD - H:\Program Files\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)
========== Win32 Services (SafeList) ========== SRV - (DFServ) -- File not found
SRV - (FLEXnet Licensing Service) -- G:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (cmdAgent) -- G:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (DragonSvc) -- G:\Program Files\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
SRV - (avg9wd) -- G:\Program Files\AVG\AVGLS9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (getPlusHelper) getPlus(R) -- G:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (CLPSLS) -- G:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)
SRV - (ThreatFire) -- H:\Program Files\ThreatFire\TFService.exe (PC Tools)
SRV - (DUMeterSvc) -- G:\Program Files\DU Meter\DUMeterSvc.exe (Hagel Technologies Ltd.)
SRV - (SeaPort) -- G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (Maxtor Sync Service) -- G:\Program Files\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC)
SRV - (wwEngineSvc) -- G:\Program Files\Webroot\Washer\WasherSvc.exe (Webroot Software, Inc.)
SRV - (Imapi Helper) -- G:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe (Alex Feinman)
========== Driver Services (SafeList) ========== DRV - (VBoxNetFlt) -- G:\WINDOWS\System32\DRIVERS\VBoxNetFlt.sys File not found
DRV - (Lbd) -- G:\WINDOWS\System32\DRIVERS\Lbd.sys File not found
DRV - (FXDrv32) -- E:\FXDrv32.sys File not found
DRV - (catchme) -- G:\ComboFix\catchme.sys File not found
DRV - (BDRsDrv) -- G:\Program Files\Softwin\BitDefender10\bdrsdrv.sys File not found
DRV - (BDFsDrv) -- G:\Program Files\Softwin\BitDefender10\bdfsdrv.sys File not found
DRV - (bdfdll) -- G:\Program Files\Softwin\BitDefender10\bdfdll.sys File not found
DRV - (Inspect) -- G:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- G:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)
DRV - (cmderd) -- G:\WINDOWS\system32\drivers\cmderd.sys (COMODO)
DRV - (cmdGuard) -- G:\WINDOWS\system32\drivers\cmdGuard.sys (COMODO)
DRV - (AvgTdiX) -- G:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- G:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (SASKUTIL) -- H:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- H:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- H:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (DeepFrz) -- G:\WINDOWS\System32\drivers\DeepFrz.sys (Faronics Corporation)
DRV - (TfSysMon) -- G:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools)
DRV - (TfFsMon) -- G:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools)
DRV - (TfNetMon) -- G:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools)
DRV - (CopyHDDVDHlp) -- G:\WINDOWS\system32\drivers\copyhddvdhlp.sys ()
DRV - (DVDHlp) -- G:\WINDOWS\system32\drivers\dvdhlp.sys (SlySoft, Inc.)
DRV - (VBoxNetAdp) -- G:\WINDOWS\system32\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV - (ElbyCDI0) -- G:\WINDOWS\system32\drivers\ElbyCDI0.sys (Elaborate Bytes AG)
DRV - (WmXlCore) -- G:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- G:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmHidLo) -- G:\WINDOWS\system32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmFilter) -- G:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- G:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (SCDEmu) -- G:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Tcpip6) -- G:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (BANTExt) -- G:\WINDOWS\System32\Drivers\BANTExt.sys ()
DRV - (MXOPSWD) -- G:\WINDOWS\system32\drivers\mxopswd.sys ()
DRV - (Amusbprt) -- G:\WINDOWS\system32\drivers\Amusbprt.sys ((Standard mouse types))
DRV - (Amfilter) -- G:\WINDOWS\system32\drivers\Amfilter.sys ((Standard mouse types))
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- G:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (thdudf) -- G:\WINDOWS\system32\drivers\thdudf.sys (TOSHIBA Corporation)
DRV - (myWIFIzone) -- G:\WINDOWS\system32\drivers\myWIFIzone.sys (myWIFIzone.com)
DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- G:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.comIE - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
www.bing.com [binary data]
IE - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page =
http://g.msn.com/1me10IE8ENUS/701IE - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?st=1IE - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - G:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Sal the Foot Mob Wars Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2602812&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "MSN.com"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..network.proxy.type: 4
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: G:\Program Files\AVG\AVGLS9\Firefox [2010/11/24 08:26:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: G:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/12/24 06:15:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: G:\Program Files\Mozilla Firefox\components [2010/12/25 10:03:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: G:\Program Files\Mozilla Firefox\plugins [2010/12/24 06:16:26 | 000,000,000 | ---D | M]
[2009/06/30 06:17:23 | 000,000,000 | ---D | M] (No name found) -- G:\Documents and Settings\K. Albert 2\Application Data\Mozilla\Extensions
[2010/12/24 06:24:11 | 000,000,000 | ---D | M] (No name found) -- G:\Documents and Settings\K. Albert 2\Application Data\Mozilla\Firefox\Profiles\7m79505x.default\extensions
[2009/08/14 09:22:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- G:\Documents and Settings\K. Albert 2\Application Data\Mozilla\Firefox\Profiles\7m79505x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/05 19:27:07 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- G:\Documents and Settings\K. Albert 2\Application Data\Mozilla\Firefox\Profiles\7m79505x.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/07/04 01:02:19 | 000,000,000 | ---D | M] (Read it Later) -- G:\Documents and Settings\K. Albert 2\Application Data\Mozilla\Firefox\Profiles\7m79505x.default\extensions\isreaditlater@ideashower.com
[2010/06/10 22:42:06 | 000,000,945 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Application Data\Mozilla\Firefox\Profiles\7m79505x.default\searchplugins\conduit.xml
[2010/01/24 07:27:08 | 000,005,493 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Application Data\Mozilla\Firefox\Profiles\7m79505x.default\searchplugins\startpage-https.xml
[2010/01/24 07:27:08 | 000,005,471 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Application Data\Mozilla\Firefox\Profiles\7m79505x.default\searchplugins\startpage.xml
[2010/12/24 06:24:11 | 000,000,000 | ---D | M] (No name found) -- G:\Program Files\Mozilla Firefox\extensions
[2010/04/20 19:27:48 | 000,000,000 | ---D | M] (Java Console) -- G:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/21 00:16:18 | 000,000,000 | ---D | M] (Java Console) -- G:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/20 20:06:27 | 000,000,000 | ---D | M] (Java Console) -- G:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/21 00:09:52 | 000,000,000 | ---D | M] (Java Console) -- G:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/07/08 12:44:33 | 000,000,000 | ---D | M] (Hide My IP) -- G:\Program Files\Mozilla Firefox\extensions\staff@hide-my-ip.com
[2010/12/24 06:15:41 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- G:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/11/24 08:26:52 | 000,000,000 | ---D | M] (AVG Safe Search) -- G:\PROGRAM FILES\AVG\AVGLS9\FIREFOX
[2009/07/02 08:56:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- G:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- G:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/03/16 18:35:15 | 000,000,027 | ---- | M]) - G:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - G:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - G:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - G:\Program Files\AVG\AVGLS9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - G:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - G:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - G:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - G:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - G:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - G:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - G:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - G:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] G:\Program Files\AVG\AVGLS9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDAgent] G:\Program Files\Softwin\BitDefender10\bdagent.exe (SOFTWIN S.R.L.)
O4 - HKLM..\Run: [COMODO Internet Security] G:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [ThreatFire] H:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] G:\program files\new folder\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tsnpstd3] G:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [WinPatrol] H:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003..\Run: [ISUSPM] G:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003..\Run: [SmartRAM] H:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - G:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - G:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F}
http://srtest-cdn.systemrequirementslab ... detect.cab (Reg Error: Value error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/microsoftup ... 0257624859 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - G:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - G:\Program Files\AVG\AVGLS9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - G:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - G:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - H:\Program Files\SUPERAntiSpyware\SASWINLO.dll - H:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\DfLogon: DllName - LogonDll.dll - G:\WINDOWS\System32\LogonDll.dll ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - G:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: G:\Documents and Settings\K. Albert 2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: G:\Documents and Settings\K. Albert 2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - H:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/30 01:30:50 | 000,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:G /k:H *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/01/10 01:37:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- G:\Documents and Settings\K. Albert 2\Desktop\OTL.exe
[2011/01/10 01:16:07 | 000,000,000 | ---D | C] -- G:\Documents and Settings\K. Albert 2\Start Menu\Programs\HiJackThis
[2011/01/04 14:50:48 | 000,000,000 | ---D | C] -- G:\WINDOWS\pss
[2010/12/29 20:14:10 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\MSNDynFiles
[2010/12/26 12:24:06 | 000,000,000 | ---D | C] -- G:\Program Files\Common Files\Macrovision Shared
[2010/12/26 12:23:57 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\Rosetta Stone
[2010/12/26 12:23:33 | 000,000,000 | ---D | C] -- G:\Program Files\Rosetta Stone
[2010/12/26 12:23:33 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2010/12/24 06:15:57 | 000,000,000 | ---D | C] -- G:\Program Files\Real
[2010/12/24 06:15:49 | 000,000,000 | ---D | C] -- G:\Program Files\Common Files\xing shared
[2010/12/24 06:15:26 | 000,199,904 | ---- | C] (RealNetworks, Inc.) -- G:\WINDOWS\System32\rmoc3260.dll
[2010/12/24 06:14:54 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- G:\WINDOWS\System32\pndx5016.dll
[2010/12/24 06:14:54 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- G:\WINDOWS\System32\pndx5032.dll
[2010/12/24 06:14:52 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\Real
[2010/12/24 06:14:51 | 000,272,896 | ---- | C] (Progressive Networks) -- G:\WINDOWS\System32\pncrt.dll
[2010/12/24 06:14:22 | 000,000,000 | ---D | C] -- G:\Program Files\new folder
[2010/12/21 00:09:49 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- G:\WINDOWS\System32\javaws.exe
[2010/12/21 00:09:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- G:\WINDOWS\System32\javaw.exe
[2010/12/21 00:09:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- G:\WINDOWS\System32\java.exe
[2010/12/19 03:21:17 | 000,000,000 | ---D | C] -- G:\Documents and Settings\K. Albert 2\Application Data\FLEXnet
[2010/12/19 02:43:15 | 000,000,000 | ---D | C] -- G:\Program Files\Common Files\IVA
[2010/12/19 02:42:33 | 000,000,000 | ---D | C] -- G:\Program Files\Common Files\Nuance
[2010/12/19 02:36:01 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\Nuance
[2010/12/19 02:36:01 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\FLEXnet
[2010/12/19 02:35:37 | 000,000,000 | ---D | C] -- G:\WINDOWS\speech
[2010/12/19 02:24:56 | 000,833,342 | ---- | C] ( ) -- G:\WINDOWS\System32\regw2.exe
[2010/12/16 06:18:28 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\FreeGamePick.com
[2010/12/11 22:45:34 | 000,000,000 | RH-D | C] -- G:\Documents and Settings\K. Albert 2\Recent
[2010/12/11 22:16:49 | 000,000,000 | ---D | C] -- G:\Program Files\Best Registry Software
[2009/06/30 05:25:31 | 000,147,456 | ---- | C] ( ) -- G:\WINDOWS\System32\rsnpstd3.dll
[2009/06/30 05:25:31 | 000,061,440 | ---- | C] ( ) -- G:\WINDOWS\System32\vsnpstd3.dll
[2009/06/30 05:25:31 | 000,053,248 | ---- | C] ( ) -- G:\WINDOWS\System32\csnpstd3.dll
[2009/06/30 05:25:31 | 000,053,248 | ---- | C] ( ) -- G:\WINDOWS\csnpstd3.dll
[1 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/01/10 13:34:37 | 001,474,832 | ---- | M] () -- G:\WINDOWS\System32\drivers\sfi.dat
[2011/01/10 13:32:43 | 000,000,396 | ---- | M] () -- G:\WINDOWS\tasks\SmartDefrag.job
[2011/01/10 13:11:48 | 000,000,290 | ---- | M] () -- G:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-2000478354-1177238915-1003.job
[2011/01/10 13:11:47 | 000,000,298 | ---- | M] () -- G:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-2000478354-1177238915-1003.job
[2011/01/10 12:46:01 | 000,000,896 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/10 11:46:07 | 000,000,892 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/10 02:27:01 | 000,000,000 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Local Settings\Application Data\prvlcl.dat
[2011/01/10 01:38:43 | 000,296,448 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\08pvg4gu.exe
[2011/01/10 01:37:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\K. Albert 2\Desktop\OTL.exe
[2011/01/10 01:25:04 | 000,002,459 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\HiJackThis.lnk
[2011/01/10 00:29:09 | 000,002,265 | ---- | M] () -- G:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/01/09 17:56:00 | 000,000,400 | ---- | M] () -- G:\WINDOWS\tasks\AWC Update.job
[2011/01/09 16:32:56 | 000,879,047 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\SecurityCheck.exe
[2011/01/08 18:06:28 | 000,677,781 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\Democracy at Work.zip
[2011/01/07 00:25:40 | 000,002,206 | ---- | M] () -- G:\WINDOWS\System32\wpa.dbl
[2011/01/07 00:24:06 | 000,000,388 | ---- | M] () -- G:\WINDOWS\tasks\AWC AutoSweep.job
[2011/01/07 00:06:45 | 000,000,784 | ---- | M] () -- G:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/06 15:10:51 | 004,595,986 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\best glue commercial.zip
[2011/01/06 07:47:18 | 000,001,329 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\Shortcut to Cu Cu Ru Cu Cu Paloma Harry Belafonte.lnk
[2011/01/04 02:52:51 | 000,002,291 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\My WIFI Zone.lnk
[2010/12/31 00:11:39 | 005,153,789 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\THINK YOU CAN DRIVE A BOAT.zip
[2010/12/29 19:12:10 | 000,000,708 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\QuuxPlayer.lnk
[2010/12/29 19:12:10 | 000,000,708 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Application Data\Microsoft\Internet Explorer\Quick Launch\QuuxPlayer.lnk
[2010/12/26 13:18:31 | 000,002,477 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\Rosetta Stone Version 3.lnk
[2010/12/24 06:16:03 | 000,000,685 | ---- | M] () -- G:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/12/24 06:15:26 | 000,199,904 | ---- | M] (RealNetworks, Inc.) -- G:\WINDOWS\System32\rmoc3260.dll
[2010/12/24 06:14:54 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- G:\WINDOWS\System32\pndx5016.dll
[2010/12/24 06:14:54 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- G:\WINDOWS\System32\pndx5032.dll
[2010/12/24 06:14:51 | 000,272,896 | ---- | M] (Progressive Networks) -- G:\WINDOWS\System32\pncrt.dll
[2010/12/21 23:07:33 | 015,103,144 | ---- | M] () -- G:\Documents and Settings\K. Albert 2\Desktop\kmp.exe
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- G:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- G:\WINDOWS\System32\drivers\mbam.sys
[2010/12/19 02:24:56 | 000,833,342 | ---- | M] ( ) -- G:\WINDOWS\System32\regw2.exe
[2010/12/13 17:47:48 | 000,001,813 | ---- | M] () -- G:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[1 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/01/10 01:38:36 | 000,296,448 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Desktop\08pvg4gu.exe
[2011/01/09 16:32:49 | 000,879,047 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Desktop\SecurityCheck.exe
[2011/01/08 18:06:17 | 000,677,781 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Desktop\Democracy at Work.zip
[2011/01/06 15:10:39 | 004,595,986 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Desktop\best glue commercial.zip
[2011/01/06 07:47:18 | 000,001,329 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Desktop\Shortcut to Cu Cu Ru Cu Cu Paloma Harry Belafonte.lnk
[2011/01/04 10:37:20 | 000,000,396 | ---- | C] () -- G:\WINDOWS\tasks\SmartDefrag.job
[2010/12/31 00:11:28 | 005,153,789 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Desktop\THINK YOU CAN DRIVE A BOAT.zip
[2010/12/26 12:25:56 | 000,002,477 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Desktop\Rosetta Stone Version 3.lnk
[2010/12/24 06:17:20 | 000,000,290 | ---- | C] () -- G:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-2000478354-1177238915-1003.job
[2010/12/24 06:17:18 | 000,000,298 | ---- | C] () -- G:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-2000478354-1177238915-1003.job
[2010/12/24 06:16:03 | 000,000,685 | ---- | C] () -- G:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2010/12/21 23:06:21 | 015,103,144 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Desktop\kmp.exe
[2010/06/20 12:40:54 | 000,000,341 | ---- | C] () -- G:\WINDOWS\dellstat.ini
[2010/06/20 12:40:03 | 000,040,960 | ---- | C] () -- G:\WINDOWS\System32\dlbcvs.dll
[2010/06/20 12:40:01 | 000,000,373 | ---- | C] () -- G:\WINDOWS\System32\dlbccoin.ini
[2010/05/11 10:57:43 | 000,065,536 | ---- | C] () -- G:\WINDOWS\System32\LogonDll.dll
[2010/05/05 22:13:32 | 000,000,000 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Local Settings\Application Data\prvlcl.dat
[2010/03/19 18:18:01 | 000,000,319 | ---- | C] () -- G:\WINDOWS\cavscan.INI
[2010/02/19 13:00:52 | 000,000,205 | ---- | C] () -- G:\WINDOWS\WinInit.Ini
[2010/02/18 09:02:37 | 000,042,496 | ---- | C] () -- G:\WINDOWS\System32\ElbyHlper.dll
[2010/02/18 09:02:37 | 000,005,632 | ---- | C] () -- G:\WINDOWS\System32\drivers\copyhddvdhlp.sys
[2010/02/08 23:17:51 | 000,000,635 | ---- | C] () -- G:\WINDOWS\rtcwgoty.INI
[2010/02/08 23:11:26 | 000,000,758 | ---- | C] () -- G:\WINDOWS\Rtcwplat.INI
[2010/01/19 23:34:58 | 000,000,181 | ---- | C] () -- G:\WINDOWS\SIERRA.INI
[2009/12/07 20:56:32 | 000,151,552 | ---- | C] () -- G:\WINDOWS\System32\SecureNet.dll
[2009/12/07 01:01:27 | 000,348,160 | ---- | C] () -- G:\WINDOWS\System32\Rivet200.dll
[2009/11/12 18:54:24 | 000,000,600 | ---- | C] () -- G:\WINDOWS\Rtcw.INI
[2009/08/19 03:49:54 | 000,000,062 | ---- | C] () -- G:\WINDOWS\MyProg.ini
[2009/08/19 03:05:31 | 000,000,113 | ---- | C] () -- G:\WINDOWS\winzipme.ini
[2009/08/19 03:03:03 | 000,155,648 | ---- | C] () -- G:\WINDOWS\System32\addurl41.DLL
[2009/08/19 03:03:03 | 000,018,432 | ---- | C] () -- G:\WINDOWS\System32\winwatch.DLL
[2009/08/15 15:07:45 | 000,129,024 | ---- | C] () -- G:\WINDOWS\System32\AVERM.dll
[2009/08/15 15:07:44 | 000,028,672 | ---- | C] () -- G:\WINDOWS\System32\AVEQT.dll
[2009/08/13 14:27:42 | 000,000,165 | ---- | C] () -- G:\WINDOWS\startUp manager.INI
[2009/07/08 10:17:11 | 000,000,046 | ---- | C] () -- G:\WINDOWS\RmFile.ini
[2009/07/06 01:47:35 | 000,000,235 | ---- | C] () -- G:\WINDOWS\VECalc.INI
[2009/07/03 02:48:32 | 000,003,840 | ---- | C] () -- G:\WINDOWS\System32\drivers\BANTExt.sys
[2009/06/30 05:25:33 | 000,015,498 | ---- | C] () -- G:\WINDOWS\snpstd3.ini
[2009/06/30 03:50:00 | 000,168,208 | ---- | C] () -- G:\WINDOWS\System32\guard32(2)(2).dll
[2009/06/30 02:39:53 | 000,030,208 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/30 02:02:15 | 000,126,976 | ---- | C] () -- G:\WINDOWS\System32\e1000msg.dll
[2009/06/30 01:31:08 | 000,164,352 | ---- | C] () -- G:\WINDOWS\System32\unrar.dll
[2009/06/30 01:31:08 | 000,000,038 | ---- | C] () -- G:\WINDOWS\avisplitter.ini
[2009/06/30 01:31:02 | 000,007,680 | ---- | C] () -- G:\WINDOWS\System32\ff_vfw.dll
[2009/06/30 01:25:54 | 000,059,904 | ---- | C] () -- G:\WINDOWS\System32\zlib1.dll
[2009/06/30 01:25:47 | 000,394,752 | ---- | C] () -- G:\WINDOWS\System32\cygwinb19.dll
[2009/06/29 18:08:42 | 000,004,161 | ---- | C] () -- G:\WINDOWS\ODBCINST.INI
[2008/04/14 04:00:00 | 000,693,792 | ---- | C] () -- G:\WINDOWS\System32\OGACheckControl.DLL
[2008/03/24 08:47:02 | 000,000,012 | ---- | C] () -- G:\Documents and Settings\K. Albert 2\Application Data\userdic.tlx
[2007/05/03 12:37:08 | 000,022,152 | ---- | C] () -- G:\WINDOWS\System32\drivers\mxopswd.sys
[2007/04/07 03:22:06 | 000,032,768 | ---- | C] () -- G:\WINDOWS\System32\Amhooker.dll
[2007/01/31 12:50:32 | 000,913,408 | ---- | C] () -- G:\WINDOWS\System32\xreglib.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 190 bytes -> G:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> G:\Documents and Settings\All Users\Application Data\TEMP:1CA73D29
@Alternate Data Stream - 100 bytes -> G:\Documents and Settings\All Users\Application Data\TEMP:ADF211B1
< End of report >
EXTRAS
OTL Extras logfile created on: 1/10/2011 1:26:50 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = G:\Documents and Settings\K. Albert 2\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): G:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Program Files
Drive G: | 76.68 Gb Total Space | 34.04 Gb Free Space | 44.39% Space Free | Partition Type: NTFS
Drive H: | 232.88 Gb Total Space | 171.16 Gb Free Space | 73.50% Space Free | Partition Type: NTFS
Computer Name: ALBERT2 | User Name: K. Albert 2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- G:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallOverride" = 0
"AntiVirusOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"G:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe" = G:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. )
"G:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe" = G:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Multidmedia Limited )
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"G:\Program Files\uTorrent\uTorrent.exe" = G:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"G:\Program Files\AVG\AVGLS9\avgupd.exe" = G:\Program Files\AVG\AVGLS9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"G:\Program Files\AVG\AVGLS9\avgnsx.exe" = G:\Program Files\AVG\AVGLS9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"G:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe" = G:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd. )
"G:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe" = G:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application -- (Multidmedia Limited )
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{01AF8EF9-CF10-4A60-9787-27A4CFD81920}" = Word Magic Professional Suite Premier 5.2
"{069F290E-8895-452A-B32C-2195FEA5DEB0}" = Webcam Capture
"{09F55516-AC75-43EA-8127-292E5A28B7DF}" = Monster Trux Extreme - Offroad Edition
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{13FC7B28-A757-4E4B-A25B-9D0078518893}" = Virtual Engine Calculator Advanced
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1C7B9B03-4D9B-4F5F-9637-E1BA76ADF889}" = Satellite TV Media Player 4.5
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 23
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E7B64D-150F-4A9E-B7A3-5A6AC8C2F822}" = ebgcSDK
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33BC9D7E-E790-495E-A4EA-CFB160C17A91}" = Logitech Gaming Software 5.08
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}" = MSN Toolbar
"{377B2121-65F6-4C5F-998F-5284DEF41F3E}" = COMODO livePCsupport
"{39B1BD87-561E-4762-AED9-7C5213B06C24}" = ebgcInfra
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{402B9DFC-F6DB-4FF7-B01C-7B97D8C45114}" = myWIFIzone
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5A427F-BA39-4BF0-9999-9A47FBE60C9F}" = Visual C++ 9.0 Runtime for Dragon NaturallySpeaking
"{4A90A9CE-0B49-4A02-94F5-C864BA33A916}" = Performance USB keyboard hotkey blocker
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{58F9D852-9443-4955-A1ED-12C9E0504DD0}" = Mavis Beacon Teaches Typing Platinum 20
"{63391350-41D4-4181-9D68-038777020C38}" = System Requirements Lab
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6446BBD0-CB83-40E1-BEA1-0C147065E2A6}" = Maxtor Manager
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{69EA986B-B172-4FAA-B54D-853BD3A2B264}" = Popcap Game Collection
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}" = Rosetta Stone Version 3
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86076752-37A4-41E6-BFC4-73186683AF7B}" = Sprint Cars - Road to Knoxville
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.0 beta 1
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AF95557C-A14A-42D2-8C9D-E9650D1A8016}" = Asistente Prodigy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7A8AA10-B632-42F8-9F57-A16FDCE0601E}" = Clock Screen Saver
"{C9B26742-06BE-3B75-B1DE-7B91B5956A04}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30304
"{CB33664C-5683-40AB-B968-01276F6F3446}" = ebgcRes
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D7A44641-968D-4883-9DDA-88CB591DB93F}" = IHRA Drag Racing Sportsman Edition
"{DFC6573E-124D-4026-BFA4-B433C9D3FF21}" = ISO Recorder
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus
"{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}" = Dragon NaturallySpeaking 11
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FCC3BD6A-F118-475D-8748-7EE08EA0AF56}" = HDView for Internet Explorer
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"7-Zip" = 7-Zip 4.65
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Advanced Registry Optimizer_is1" = Advanced Registry Optimizer
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Any Video Converter_is1" = Any Video Converter 2.7.6
"ASCOM Platform 3.0" = ASCOM Platform 3.0
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"Avg9LsUninstall" = AVG LinkScanner® 9.0
"Bejeweled 31.0" = Bejeweled 3
"Belarc Advisor" = Belarc Advisor 8.1
"CCleaner" = CCleaner
"Chicken Invaders 3 - Christmas Edition" = Chicken Invaders 3 - Christmas Edition (remove only)
"CleanMyPC - Registry Cleaner_is1" = CleanMyPC - Registry Cleaner
"Dell Photo Printer 720" = Dell Photo Printer 720
"Dell Photo Printer 720 Logger" = Dell Photo Printer 720 Logger
"Digital Clock Screen Saver_is1" = Digital Clock Screen Saver
"Drag Racer" = Drag Racer 3.0
"DSL Speed V4.6_is1" = DSL Speed V4.6
"DUMeter3_is1" = DU Meter
"DVD-CLONER VII_is1" = DVD-CLONER V7.00 Build 990
"FotoSketcher_is1" = FotoSketcher - Version 1.9
"Game Booster_is1" = Game Booster
"Google Chrome" = Google Chrome
"HideMyIP2009 1.00" = HideMyIP2009 1.00
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{6446BBD0-CB83-40E1-BEA1-0C147065E2A6}" = Maxtor Manager
"Jardinains!" = Jardinains!
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.7
"Luxor 2" = Luxor 2 (remove only)
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Silverlight" = Microsoft Silverlight
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSNINST" = MSN
"PakMan 2008_is1" = PakMan 2008
"Pocket Tanks1.3" = Pocket Tanks
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PowerISO" = PowerISO
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"QuuxPlayer" = QuuxPlayer
"RealPlayer 12.0" = RealPlayer
"Smart Defrag_is1" = Smart Defrag
"ST6UNST #1" = RichoSoft SetUp Monitor
"Starry Night Pro 5" = Starry Night Pro 5
"System Explorer_is1" = System Explorer 2.0.5
"The KMPlayer" = The KMPlayer (remove only)
"TheTreasuresOfMontezuma21.0" = TheTreasuresOfMontezuma2
"Total Pinball 25_is1" = Total Pinball 25
"twkmastr1_is1" = TweakMASTER
"Ultra Flash Video FLV Converter_is1" = Ultra Flash Video FLV Converter 3.9.1120
"What's Running_is1" = What's Running 2.2
"WheelMouse" = 2X-Office 7.80
"Window Washer" = Window Washer
"Windows Rights Management Client" = Windows Rights Management Client with Service Pack 2
"Windows Rights Management Client Backwards" = Windows Rights Management Client Backwards Compatibility SP2
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1454471165-2000478354-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"King's Quest I" = King's Quest I
"King's Quest II" = King's Quest II
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 1/7/2011 10:04:34 AM | Computer Name = ALBERT2 | Source = DUMeterSvc | ID = 0
Description = Cannot create process as user (The system cannot find the file specified)
Error - 1/8/2011 2:21:33 AM | Computer Name = ALBERT2 | Source = DUMeterSvc | ID = 0
Description = Cannot create process as user (The system cannot find the file specified)
Error - 1/8/2011 7:00:23 AM | Computer Name = ALBERT2 | Source = DragonSvc | ID = 0
Description = Error: Failed to initiate execution of 'NatSpeak Periodic Language
Model Optimization' task
Error - 1/8/2011 10:04:43 AM | Computer Name = ALBERT2 | Source = DUMeterSvc | ID = 0
Description = Cannot create process as user (The system cannot find the file specified)
Error - 1/9/2011 7:00:24 AM | Computer Name = ALBERT2 | Source = DragonSvc | ID = 0
Description = Error: Failed to initiate execution of 'NatSpeak Periodic Language
Model Optimization' task
Error - 1/9/2011 10:05:01 AM | Computer Name = ALBERT2 | Source = DUMeterSvc | ID = 0
Description = Cannot create process as user (The system cannot find the file specified)
Error - 1/9/2011 10:46:38 PM | Computer Name = ALBERT2 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5634, faulting
module unknown, version 0.0.0.0, fault address 0x00000000.
Error - 1/10/2011 3:04:25 AM | Computer Name = ALBERT2 | Source = DragonSvc | ID = 0
Description = Error: Failed to initiate execution of 'NatSpeak Periodic Data Collection'
task
Error - 1/10/2011 7:00:26 AM | Computer Name = ALBERT2 | Source = DragonSvc | ID = 0
Description = Error: Failed to initiate execution of 'NatSpeak Periodic Language
Model Optimization' task
Error - 1/10/2011 10:05:08 AM | Computer Name = ALBERT2 | Source = DUMeterSvc | ID = 0
Description = Cannot create process as user (The system cannot find the file specified)
[ System Events ]
Error - 1/8/2011 2:52:14 PM | Computer Name = ALBERT2 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/8/2011 2:52:14 PM | Computer Name = ALBERT2 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/8/2011 2:52:14 PM | Computer Name = ALBERT2 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for g:\program files\new folder\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 1/8/2011 11:35:29 PM | Computer Name = ALBERT2 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.DebugCRT could not be found and
Last Error was The referenced assembly is not installed on your system.
Error - 1/8/2011 11:35:29 PM | Computer Name = ALBERT2 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference
error message: The referenced assembly is not installed on your system. .
Error - 1/8/2011 11:35:29 PM | Computer Name = ALBERT2 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for g:\program files\new folder\plugins\rmxrend.dll.
Reference
error message: The operation completed successfully. .
Error - 1/9/2011 3:41:33 AM | Computer Name = ALBERT2 | Source = DCOM | ID = 10010
Description = The server {548E275F-0290-40E7-B454-738B0C61DE60} did not register
with DCOM within the required timeout.
Error - 1/9/2011 5:51:58 PM | Computer Name = ALBERT2 | Source = DCOM | ID = 10010
Description = The server {548E275F-0290-40E7-B454-738B0C61DE60} did not register
with DCOM within the required timeout.
Error - 1/9/2011 6:04:07 PM | Computer Name = ALBERT2 | Source = DCOM | ID = 10010
Description = The server {548E275F-0290-40E7-B454-738B0C61DE60} did not register
with DCOM within the required timeout.
Error - 1/9/2011 6:16:26 PM | Computer Name = ALBERT2 | Source = DCOM | ID = 10010
Description = The server {548E275F-0290-40E7-B454-738B0C61DE60} did not register
with DCOM within the required timeout.
< End of report >
I tried to run the GMER in Normal mode and Safe mode and it wouldn't let ne run it...