Sorry for the delay. Here are the contents of OTViewIt.Txt:
OTViewIt logfile created on: 5/13/2009 9:13:01 AM - Run 2
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1011.88 Mb Total Physical Memory | 562.73 Mb Available Physical Memory | 55.61% Memory free
2.37 Gb Paging File | 1.97 Gb Available in Paging File | 82.94% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.91 Gb Total Space | 91.70 Gb Free Space | 85.77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-6E40E97492
Current User Name: Meg
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 90 Days
========== Processes ========== [2009/04/01 10:26:54 | 00,415,024 | ---- | M] (BitDefender SRL) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
[2009/04/01 10:26:43 | 01,626,112 | ---- | M] (BitDefender S. R. L.) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
[2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2007/01/04 21:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
[2008/02/28 02:00:20 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
[2008/02/28 02:00:04 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
[2008/02/28 02:00:14 | 00,137,752 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
[2008/05/16 01:39:00 | 16,862,720 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
[2008/04/24 20:32:08 | 01,044,480 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2007/07/05 13:35:54 | 00,094,208 | ---- | M] (sonix) -- C:\WINDOWS\PLFSetL.exe
[2008/02/28 02:00:16 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
[2008/06/10 05:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2009/04/28 09:28:56 | 00,778,240 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
[2009/03/12 20:56:58 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2009/04/28 09:28:56 | 00,438,272 | ---- | M] () -- C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
[2008/07/08 18:41:02 | 02,828,184 | ---- | M] (PC Tools) -- C:\Program Files\Registry Mechanic\RegMech.exe
[2008/06/04 20:10:02 | 00,114,688 | ---- | M] (InterVideo Inc.) -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
[2008/08/15 12:58:44 | 00,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Meg.ACER-6E40E97492\Local Settings\Temp\RtkBtMnt.exe
[2009/03/12 20:56:52 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2008/06/10 05:27:03 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
[2009/05/12 12:55:46 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\OTViewIt.exe
[2008/04/14 22:00:00 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE
========== (O23) Win32 Services ========== [2009/03/06 00:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2008/07/17 13:06:56 | 00,118,784 | ---- | M] (BitDefender S.R.L.
http://www.bitdefender.com) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe -- (Arrakis3 [On_Demand | Stopped])
[2004/07/15 03:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2008/07/31 17:16:28 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2009/03/12 20:56:52 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2007/01/04 21:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr [Auto | Running])
[2009/04/01 10:26:54 | 00,415,024 | ---- | M] (BitDefender SRL) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV [Auto | Running])
[2007/08/24 05:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006/10/26 16:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
File not found -- -- (SiteAdvisor Service [Auto | Stopped])
[2009/04/01 10:26:43 | 01,626,112 | ---- | M] (BitDefender S. R. L.) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- (VSSERV [Auto | Running])
========== Driver Services ========== [2008/04/14 22:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde [Boot | Running])
[2008/04/14 02:06:40 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\drivers\AMDAGP.SYS -- (amdagp [Boot | Running])
[2008/05/20 19:31:26 | 01,312,576 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416 [On_Demand | Running])
[2008/04/14 22:00:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\drivers\asc.sys -- (asc [Boot | Running])
[2008/04/14 22:00:00 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\drivers\asc3550.sys -- (asc3550 [Boot | Running])
File not found -- -- (Avg7RsW [Disabled | Running])
[2008/09/18 12:09:12 | 00,111,112 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm [On_Demand | Running])
[2008/12/10 20:42:46 | 00,242,184 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr [On_Demand | Running])
[2009/03/25 18:20:39 | 00,137,224 | ---- | M] (BitDefender LLC) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif [System | Running])
[2009/04/03 13:13:02 | 00,008,832 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys -- (BDSelfPr [On_Demand | Running])
[2008/04/14 22:00:00 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\drivers\cmdide.sys -- (CmdIde [Boot | Running])
[2008/04/14 22:00:00 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\drivers\dac2w2k.sys -- (dac2w2k [Boot | Running])
[2009/01/15 12:19:36 | 00,023,848 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Stopped])
[2008/04/14 22:00:00 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2008/02/15 00:12:06 | 05,854,752 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm [On_Demand | Running])
[2008/05/20 04:53:00 | 04,800,000 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
[2008/07/07 20:16:26 | 00,096,856 | ---- | M] (JMicron Technology Corporation) -- C:\WINDOWS\system32\drivers\jmcr.sys -- (JMCR [On_Demand | Stopped])
[2008/04/14 22:00:00 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\drivers\mraid35x.sys -- (mraid35x [Boot | Running])
[2008/09/02 14:32:06 | 00,013,056 | ---- | M] () -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos [On_Demand | Running])
[2008/04/14 22:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2008/07/31 17:17:04 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2008/04/14 22:00:00 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql1080.sys -- (ql1080 [Boot | Running])
[2008/04/14 22:00:00 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql12160.sys -- (ql12160 [Boot | Running])
[2008/04/14 22:00:00 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\drivers\ql1280.sys -- (ql1280 [Boot | Running])
[2008/06/30 22:27:44 | 00,108,800 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
[2008/04/14 22:00:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2008/04/14 02:06:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\SISAGP.SYS -- (sisagp [Boot | Running])
[2007/10/01 15:59:46 | 01,769,984 | ---- | M] () -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC [On_Demand | Running])
[2008/04/14 22:00:00 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\drivers\sparrow.sys -- (Sparrow [Boot | Running])
[2008/04/14 22:00:00 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\drivers\symc810.sys -- (symc810 [Boot | Running])
[2008/04/14 22:00:00 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\symc8xx.sys -- (symc8xx [Boot | Running])
[2008/04/14 22:00:00 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_hi.sys -- (sym_hi [Boot | Running])
[2008/04/14 22:00:00 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\drivers\sym_u3.sys -- (sym_u3 [Boot | Running])
[2008/04/24 20:17:10 | 00,225,024 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2009/04/18 18:38:12 | 00,039,808 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos [On_Demand | Running])
[2008/04/14 22:00:00 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\drivers\ultra.sys -- (ultra [Boot | Running])
[2009/03/05 23:59:00 | 00,036,864 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2008/04/13 19:06:40 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi [System | Running])
========== (R ) Internet Explorer ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0109&m=aoa150
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0109&m=aoa150
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchDefaultBranded"=
"Start Page"=http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0109&m=aoa150
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-21-3608563885-1456529303-1442883288-1006\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0109&m=aoa150
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchDefaultBranded"=
"Start Page"=http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=0&o=xph&d=0109&m=aoa150
[HKEY_USERS\S-1-5-21-3608563885-1456529303-1442883288-1006\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3608563885-1456529303-1442883288-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local
========== (O1) Hosts File ========== HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
========== (O2) BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{089FD14D-132B-48FC-8861-0048AE113215} (HKLM) -- C:\Program Files\SiteAdvisor\6172\SiteAdv.dll File not found
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
========== (O3) Toolbars ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{0BF43445-2F28-4351-9252-17FE6E806AA0}" (HKLM) -- C:\Program Files\SiteAdvisor\6172\SiteAdv.dll File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{381FFDE8-2394-4f90-B10D-FC6124A40F8C}" (HKLM) -- C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll (Bitdefender)
========== (O4) Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"Alcmtr"=ALCMTR.EXE (Realtek Semiconductor Corp.)
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" (BitDefender S.R.L.)
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" (BitDefender)
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
"LaunchApp"=Alaunch (Acer Inc.)
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC ()
"Persistence"=C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName (Microsoft Corporation)
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC (Microsoft Corporation)
"PLFSetL"=C:\WINDOWS\PLFSetL.exe (sonix)
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
"RTHDCPL"=RTHDCPL.EXE (Realtek Semiconductor Corp.)
"SiteAdvisor"=C:\Program Files\SiteAdvisor\6172\SiteAdv.exe File not found
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegistryMechanic"=C:\Program Files\Registry Mechanic\RegMech.exe /H (PC Tools)
[HKEY_USERS\S-1-5-21-3608563885-1456529303-1442883288-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegistryMechanic"=C:\Program Files\Registry Mechanic\RegMech.exe /H (PC Tools)
========== (O4) Startup Folders ========== File not found -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
[2008/06/04 20:10:02 | 00,114,688 | ---- | M] (InterVideo Inc.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
========== (O6 & O7) Current Version Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-21-3608563885-1456529303-1442883288-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
========== (O8) IE Context Menu Extensions ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Google Photos Screensa&ver: C:\WINDOWS\system32\GPhotos.scr [2009/01/05 17:33:03 | 03,751,995 | ---- | M] (Google Inc.)
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2007/10/05 22:37:38 | 17,927,192 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Google Photos Screensa&ver: C:\WINDOWS\system32\GPhotos.scr [2009/01/05 17:33:03 | 03,751,995 | ---- | M] (Google Inc.)
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Google Photos Screensa&ver: C:\WINDOWS\system32\GPhotos.scr [2009/01/05 17:33:03 | 03,751,995 | ---- | M] (Google Inc.)
[HKEY_USERS\S-1-5-21-3608563885-1456529303-1442883288-1006\Software\Microsoft\Internet Explorer\MenuExt\]
Add to Google Photos Screensa&ver: C:\WINDOWS\system32\GPhotos.scr [2009/01/05 17:33:03 | 03,751,995 | ---- | M] (Google Inc.)
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [2007/10/05 22:37:38 | 17,927,192 | ---- | M] (Microsoft Corporation)
========== (O9) IE Extensions ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008/06/10 05:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Button: Send to OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2007/08/29 02:49:28 | 00,606,120 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}: Menu: S&end to OneNote -- %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [2007/08/29 02:49:28 | 00,606,120 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Research -- %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [2006/10/26 22:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\Network Diagnostic\xpnetdiag.exe [2008/04/14 22:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 07:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 07:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{2670000A-7350-4f3c-8081-5663EE0C6C49} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Send to OneNote] -> [2007/08/29 02:49:28 | 00,606,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 22:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 22:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 07:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3608563885-1456529303-1442883288-1006\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{2670000A-7350-4f3c-8081-5663EE0C6C49} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Send to OneNote] -> [2007/08/29 02:49:28 | 00,606,120 | ---- | M] (Microsoft Corporation)
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 22:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/14 22:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 07:42:30 | 01,695,232 | ---- | M] (Microsoft Corporation)
========== (O12) Internet Explorer Plugins ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" =
http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
========== (O13) Default Prefixes ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
========== (O15) Trusted Sites ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.
========== (O16) DPF ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab -- Java Plug-in 1.6.0_07
========== (O17) DNS Name Servers ========== {0947A1B9-B090-4890-9D9D-BFAC89AAE0B0} (Servers: | Description: Realtek RTL8102E Family PCI-E Fast Ethernet NIC)
{131946CA-AE48-4D3D-89A5-2F0C7FCFB534} (Servers: | Description: )
{32C708AF-AF5A-4F2D-9BA6-D1F2C5856E1C} (Servers: | Description: Atheros AR5007EG Wireless Network Adapter)
========== (O20) Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
igfxcui: "DllName" = igfxdev.dll -- C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
========== Safeboot Options ========== "AlternateShell"=cmd.exe
========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ========== AUTOEXEC.BAT []
[2008/08/15 12:37:44 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]
========== Files/Folders - Created Within 90 Days ========== [2009/05/12 12:55:43 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\OTViewIt.exe
[2009/05/10 17:24:39 | 00,000,000 | -HSD | C] -- C:\found.000
[2009/05/10 15:37:58 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\mormon.doc
[2009/05/03 15:17:07 | 06,264,217 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\The La's - BBC In Session - 2008 - 06 - The La's - There She Goes (May 31, 1988 Session).mp3
[2009/05/03 15:17:07 | 00,198,144 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\writing_style_guide.doc
[2009/05/03 15:17:07 | 00,169,472 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\TaxReturn(3).pdf
[2009/05/03 15:17:07 | 00,166,028 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\TaxReturn(2).pdf
[2009/05/03 15:17:07 | 00,078,678 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\TaxReturn.pdf
[2009/05/03 15:17:07 | 00,065,271 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\TaxReturn(4).pdf
[2009/05/03 15:17:07 | 00,019,968 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\springfield to denver april 8 to april 14.doc
[2009/05/03 15:17:07 | 00,009,188 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Trial Play.odt
[2009/05/03 15:17:07 | 00,000,790 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Windows Media Player.lnk
[2009/05/03 15:17:06 | 00,049,471 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Sandi Meg Hat.jpg
[2009/05/03 15:17:06 | 00,039,230 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Sandi Meg Court.jpg
[2009/05/03 15:17:06 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\PSY book Review.doc
[2009/05/03 15:17:06 | 00,027,648 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\psy ppr.doc
[2009/05/03 15:17:06 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\sell for mom and pop.doc
[2009/05/03 15:17:06 | 00,017,408 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Psy Communication.doc
[2009/05/03 15:17:06 | 00,015,478 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\songs to download.odt
[2009/05/03 15:17:06 | 00,014,848 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Rental Application.doc
[2009/05/03 15:17:06 | 00,013,824 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Psychology Thought Paper 2.wps
[2009/05/03 15:17:06 | 00,010,752 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\sports psychology thought ppr 2.doc
[2009/05/03 15:17:06 | 00,000,742 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Registry Mechanic.lnk
[2009/05/03 15:16:59 | 14,935,3184 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\OOo_3.0.1_Win32Intel_install_wJRE_en-US.exe
[2009/05/03 15:16:59 | 03,088,505 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Sandi Rock Climbing 2.jpg
[2009/05/03 15:16:59 | 02,856,710 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Sandi Rock Climbing 1.jpg
[2009/05/03 15:16:59 | 00,105,307 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Red Leaf.jpg
[2009/05/03 15:16:59 | 00,086,016 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Online_Employment_Application_james river.doc
[2009/05/03 15:16:59 | 00,061,146 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Sandi Wedding.jpg
[2009/05/03 15:16:59 | 00,033,942 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\meg iulian cropped.jpg
[2009/05/03 15:16:59 | 00,033,792 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Wingard Resume.doc
[2009/05/03 15:16:59 | 00,016,384 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\mike's view on Christian homosexuals.doc
[2009/05/03 15:16:59 | 00,015,660 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Wingard Resume.docx
[2009/05/03 15:16:59 | 00,001,606 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Mozilla Firefox.lnk
[2009/05/03 15:16:58 | 03,912,212 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Court Rock Climbing 3.jpg
[2009/05/03 15:16:58 | 03,541,102 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Court Rock Climbing 2.jpg
[2009/05/03 15:16:58 | 01,584,247 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Court Rock Climbing 1.jpg
[2009/05/03 15:16:58 | 00,899,665 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\i1040ez instructions.pdf
[2009/05/03 15:16:58 | 00,111,702 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\FTF1239826624877.pdf
[2009/05/03 15:16:58 | 00,086,016 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\JRA application.doc
[2009/05/03 15:16:58 | 00,080,771 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Heather Height.jpg
[2009/05/03 15:16:58 | 00,072,446 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Karen's Wedding.jpg
[2009/05/03 15:16:58 | 00,055,799 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Cowboy Hat.jpg
[2009/05/03 15:16:58 | 00,047,493 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Iulian.jpg
[2009/05/03 15:16:58 | 00,045,568 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Holocaust Notes 3 Feb 09.doc
[2009/05/03 15:16:58 | 00,033,280 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Holocaust Notes 17 Feb 09.doc
[2009/05/03 15:16:58 | 00,031,244 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg and Sandi Bowling.jpg
[2009/05/03 15:16:58 | 00,004,222 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\maggie.jpg
[2009/05/03 15:16:58 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\iTunes.lnk
[2009/05/03 15:16:57 | 00,211,008 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\f1040ez.pdf
[2009/05/03 15:16:57 | 00,066,975 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\FTF1239826211821.pdf
[2009/05/03 15:16:57 | 00,015,872 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\FAFSA.doc
[2009/05/03 15:16:56 | 05,722,648 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\emusic_fx_bundle.exe
[2009/05/03 15:16:54 | 00,048,064 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Dawn.jpg
[2009/05/03 15:16:54 | 00,015,519 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Courtney Ropp-Resume.docx
[2009/05/03 15:16:54 | 00,015,380 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Courtney Ropp-Resume(2).docx
[2009/05/03 15:16:54 | 00,011,068 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\cover letter_BGT.docx
[2009/05/03 15:16:54 | 00,001,867 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\BitDefender Antivirus 2009.lnk
[2009/05/03 15:16:53 | 00,062,888 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\300px-Battle_of_Wilsons_Creek.png
[2009/05/03 15:16:53 | 00,017,408 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Arousal PPR.doc
[2009/05/03 15:16:53 | 00,015,872 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\15 april 09.doc
[2009/05/03 15:16:53 | 00,015,872 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\08 April 09 Notes.doc
[2009/05/03 15:16:53 | 00,014,848 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\30 march 09 notes.doc
[2009/05/03 15:16:53 | 00,013,312 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\22 April 09.doc
[2009/05/03 15:16:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Worship Theology
[2009/05/03 15:16:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Sports Psy
[2009/05/03 15:16:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Short Hair
[2009/05/03 15:16:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\ROTC 212
[2009/05/03 15:16:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\ROTC 102
[2009/05/03 15:16:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Psychology of Sports and Physical Education
[2009/05/03 15:16:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Organizatonal Management
[2009/05/03 15:14:49 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\My Pictures
[2009/05/03 15:14:26 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\My eMusic
[2009/05/03 15:13:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Holocaust
[2009/05/03 09:36:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Worship Theology Week 6&7
[2009/05/02 19:47:45 | 00,001,681 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\HijackThis.lnk
[2009/05/02 19:47:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\New Folder
[2009/05/02 16:38:12 | 00,000,000 | ---D | C] -- C:\Program Files\JRE
[2009/05/02 16:37:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Application Data\Elluminate
[2009/04/19 20:04:18 | 00,000,905 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.0.lnk
[2009/04/18 18:28:14 | 00,000,132 | ---- | C] () -- C:\httpdwl.dat
[2009/04/03 15:16:56 | 06,264,217 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\The La's - BBC In Session - 2008 - 06 - The La's - There She Goes (May 31, 1988 Session).mp3
[2009/04/02 23:41:32 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll
[2009/04/02 18:16:47 | 00,000,000 | RH-D | C] -- C:\$VAULT$.AVG
[2009/03/28 18:46:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Local Settings\Application Data\eMusic
[2009/03/28 18:46:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Application Data\eMusic
[2009/03/28 18:46:24 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\My eMusic
[2009/03/28 18:46:20 | 00,000,000 | ---D | C] -- C:\Program Files\eMusic Download Manager
[2009/03/28 18:44:45 | 05,722,648 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\emusic_fx_bundle.exe
[2009/03/24 21:40:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Application Data\Apple Computer
[2009/03/24 21:40:25 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\iTunes.lnk
[2009/03/24 21:39:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/03/24 21:38:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Local Settings\Application Data\Apple
[2009/03/24 21:37:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/03/24 21:36:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Local Settings\Application Data\Apple Computer
[2009/03/10 18:45:21 | 00,198,144 | ---- | C] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\writing_style_guide.doc
[2009/03/08 18:30:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Application Data\AVG7
[2009/03/08 18:30:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg7
[2009/03/05 20:16:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Application Data\Move Networks
[2009/03/03 21:28:19 | 00,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2009/03/03 21:22:14 | 00,001,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Antivirus 2009.lnk
[2009/03/03 21:22:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Application Data\BitDefender
[2009/02/23 13:03:54 | 00,001,048 | ---- | C] () -- C:\WINDOWS\System32\BDUpdateV1.xml
[2009/02/18 20:20:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Meg.ACER-6E40E97492\Application Data\CiscoCAA
[2009/02/18 20:20:43 | 00,001,962 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk
[2009/02/18 20:20:43 | 00,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Clean Access Agent.lnk
[2009/02/18 20:20:35 | 00,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
[2009/02/18 20:18:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
========== Files - Modified Within 90 Days ========== [1 C:\WINDOWS\System32\*.tmp files]
[2009/05/12 12:55:46 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\OTViewIt.exe
[2009/05/12 12:55:23 | 00,001,048 | ---- | M] () -- C:\WINDOWS\System32\BDUpdateV1.xml
[2009/05/10 17:32:23 | 00,474,002 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/10 17:32:23 | 00,403,850 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/10 17:32:23 | 00,063,936 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/10 17:25:31 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/10 17:25:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/10 17:25:21 | 10,611,05664 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/10 15:42:56 | 00,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
[2009/05/10 15:40:40 | 05,359,544 | -H-- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Local Settings\Application Data\IconCache.db
[2009/05/10 15:38:01 | 00,013,824 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\mormon.doc
[2009/05/05 15:19:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/02 22:50:39 | 00,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI
[2009/05/02 19:47:45 | 00,001,681 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\HijackThis.lnk
[2009/05/02 13:24:16 | 00,114,176 | -HS- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Thumbs.db:encryptable
[2009/04/26 11:19:06 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\iTunes.lnk
[2009/04/22 09:42:18 | 00,013,312 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\22 April 09.doc
[2009/04/20 14:09:19 | 00,064,768 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/04/20 14:08:22 | 00,263,824 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/19 20:04:18 | 00,000,905 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.0.lnk
[2009/04/19 12:31:02 | 14,935,3184 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\OOo_3.0.1_Win32Intel_install_wJRE_en-US.exe
[2009/04/18 18:28:14 | 00,000,132 | ---- | M] () -- C:\httpdwl.dat
[2009/04/18 18:10:42 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/04/17 09:30:26 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\iTunes.lnk
[2009/04/15 21:00:40 | 00,065,271 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\TaxReturn(4).pdf
[2009/04/15 19:41:32 | 00,169,472 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\TaxReturn(3).pdf
[2009/04/15 19:38:12 | 00,166,028 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\TaxReturn(2).pdf
[2009/04/15 15:17:10 | 00,111,702 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\FTF1239826624877.pdf
[2009/04/15 15:10:20 | 00,066,975 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\FTF1239826211821.pdf
[2009/04/15 09:29:26 | 00,015,872 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\15 april 09.doc
[2009/04/11 15:07:20 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\sell for mom and pop.doc
[2009/04/10 01:09:02 | 00,078,678 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\TaxReturn.pdf
[2009/04/08 09:45:00 | 00,015,872 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\08 April 09 Notes.doc
[2009/04/06 07:36:10 | 00,016,384 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\mike's view on Christian homosexuals.doc
[2009/04/06 00:24:00 | 06,264,217 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\The La's - BBC In Session - 2008 - 06 - The La's - There She Goes (May 31, 1988 Session).mp3
[2009/04/06 00:23:59 | 06,264,217 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\The La's - BBC In Session - 2008 - 06 - The La's - There She Goes (May 31, 1988 Session).mp3
[2009/04/05 19:43:00 | 00,004,222 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\maggie.jpg
[2009/04/02 23:41:40 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Windows Media Player.lnk
[2009/04/02 23:41:39 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\Windows Media Player.lnk
[2009/04/01 21:55:12 | 00,015,872 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\FAFSA.doc
[2009/04/01 17:33:40 | 00,062,888 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\300px-Battle_of_Wilsons_Creek.png
[2009/04/01 08:41:12 | 00,014,848 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\30 march 09 notes.doc
[2009/03/30 01:15:54 | 00,048,064 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Dawn.jpg
[2009/03/29 10:16:02 | 00,009,188 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Trial Play.odt
[2009/03/28 18:45:42 | 05,722,648 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\emusic_fx_bundle.exe
[2009/03/28 18:45:41 | 05,722,648 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\emusic_fx_bundle.exe
[2009/03/27 11:32:14 | 00,015,478 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\songs to download.odt
[2009/03/24 20:04:24 | 00,014,848 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Rental Application.doc
[2009/03/10 18:45:24 | 00,198,144 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\writing_style_guide.doc
[2009/03/10 18:45:24 | 00,198,144 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop\writing_style_guide.doc
[2009/03/08 18:25:52 | 00,001,962 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk
[2009/03/08 18:25:52 | 00,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Clean Access Agent.lnk
[2009/03/07 20:18:12 | 00,899,665 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\i1040ez instructions.pdf
[2009/03/07 20:12:42 | 00,211,008 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\f1040ez.pdf
[2009/03/07 19:09:42 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\springfield to denver april 8 to april 14.doc
[2009/03/03 21:22:16 | 00,001,867 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\BitDefender Antivirus 2009.lnk
[2009/03/03 21:22:14 | 00,001,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Antivirus 2009.lnk
[2009/03/02 21:09:12 | 00,017,408 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Arousal PPR.doc
[2009/03/02 20:16:26 | 00,080,771 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Heather Height.jpg
[2009/03/02 14:06:16 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\Application Data\wklnhst.dat
[2009/02/28 17:57:34 | 00,072,446 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Karen's Wedding.jpg
[2009/02/28 13:07:00 | 00,017,408 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Psy Communication.doc
[2009/02/23 01:57:34 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\PSY book Review.doc
[2009/02/21 22:59:04 | 00,045,568 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Holocaust Notes 3 Feb 09.doc
[2009/02/21 22:07:44 | 00,033,792 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Wingard Resume.doc
[2009/02/21 22:07:32 | 00,015,660 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg Wingard Resume.docx
[2009/02/21 00:26:44 | 00,027,648 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\psy ppr.doc
[2009/02/18 20:50:08 | 00,031,244 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Meg and Sandi Bowling.jpg
[2009/02/17 20:25:06 | 00,033,280 | ---- | M] () -- C:\Documents and Settings\Meg.ACER-6E40E97492\My Documents\Holocaust Notes 17 Feb 09.doc
< End of report >
And here are the contents of Extras.Txt:
OTViewIt Extras logfile created on: 5/13/2009 9:13:01 AM - Run 2
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Meg.ACER-6E40E97492\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1011.88 Mb Total Physical Memory | 562.73 Mb Available Physical Memory | 55.61% Memory free
2.37 Gb Paging File | 1.97 Gb Available in Paging File | 82.94% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.91 Gb Total Space | 91.70 Gb Free Space | 85.77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-6E40E97492
Current User Name: Meg
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 90 Days
========== File Associations ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 22:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 22:00:00 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 22:00:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2008/04/14 22:00:00 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2007/08/29 01:43:30 | 01,022,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2009/03/12 20:56:54 | 13,498,664 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2008/06/10 02:21:04 | 00,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary
========== (O10) Winsock2 Catalogs ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
========== (O18) Protocol Handlers ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2007/08/29 01:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2007/08/29 01:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2007/08/29 01:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2006/10/26 15:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2001/06/20 11:26:46 | 00,221,184 | ---- | M] (Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
File not found C:\Program Files\SiteAdvisor\6172\SiteAdv.dll (siteadvisor:{3A5DC592-7723-4EAA-9EE6-AF4222BCF879} (HKLM) [Reg Error: Value does not exist or could not be read.])
========== (O18) Protocol Filters ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2006/10/26 23:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]
========== HKEY_LOCAL_MACHINE Uninstall List ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}"=Adobe AIR
"{04010300-6D72-4D54-8686-91D884A27B5C}"=Cisco Clean Access Agent
"{07287123-B8AC-41CE-8346-3D777245C35B}"=Bonjour
"{162B71B8-8464-4680-A086-601D555B331D}"=Apple Mobile Device Support
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}"=QuickTime
"{28006915-2739-4EBE-B5E8-49B25D32EB33}"=Atheros for Acer Driver v7.6.0.224_Foxconn Installation Program
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{5744C55E-8FC2-41ED-A91B-65F95732524C}"=BitDefender Antivirus 2009
"{69333A04-5134-40A5-A055-9166A7AA1EC8}"=
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}"=Microsoft Works
"{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com
"{90120000-0010-0409-0000-0000000FF1CE}"=Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}"=Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}"=InterVideo WinDVD
"{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9
"{C26B06A9-27BB-45B0-9873-9C623EC2BA38}"=iTunes
"{C9BED750-1211-4480-B1A5-718A3BE15525}"=REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}"=Microsoft Office Suite Activation Assistant
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}"=InterVideo Register Manager
"{F44DA61E-720D-4E79-871F-F6E628B33242}"=OpenOffice.org 3.0
"Adobe AIR"=Adobe AIR
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Acrobat.com
"eMusic Download Manager"=eMusic Download Manager 4.1.1
"HDMI"=Intel(R) Graphics Media Accelerator Driver
"HijackThis"=HijackThis 2.0.2
"HOMESTUDENTR"=Microsoft Office Home and Student 2007
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.
"=Mozilla Firefox (3.0.
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"Picasa 3"=Picasa 3
"Registry Mechanic_is1"=Registry Mechanic 8.0
"SynTPDeinstKey"=Synaptics Pointing Device Driver
========== HKEY_CURRENT_USER Uninstall List ==========[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE"=Move Networks Media Player for Internet Explorer
========== HKEY_USERS Uninstall List ==========[HKEY_USERS\S-1-5-21-3608563885-1456529303-1442883288-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE"=Move Networks Media Player for Internet Explorer
========== Last 10 Event Log Errors ==========[ Application Events ]
Error - 2/24/2009 6:15:02 PM | Computer Name = ACER-6E40E97492 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 2/24/2009 6:15:02 PM | Computer Name = ACER-6E40E97492 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 2/24/2009 6:15:02 PM | Computer Name = ACER-6E40E97492 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.
Error - 2/24/2009 9:34:02 PM | Computer Name = ACER-6E40E97492 | Source = McLogEvent | ID = 5022
Description =
Error - 2/25/2009 4:55:08 PM | Computer Name = ACER-6E40E97492 | Source = McLogEvent | ID = 5022
Description =
Error - 2/26/2009 2:03:29 AM | Computer Name = ACER-6E40E97492 | Source = McLogEvent | ID = 5022
Description =
Error - 2/26/2009 2:32:51 AM | Computer Name = ACER-6E40E97492 | Source = McLogEvent | ID = 5022
Description =
Error - 2/26/2009 12:12:17 PM | Computer Name = ACER-6E40E97492 | Source = McLogEvent | ID = 5022
Description =
Error - 2/28/2009 6:14:40 PM | Computer Name = ACER-6E40E97492 | Source = McLogEvent | ID = 5022
Description =
Error - 3/2/2009 7:05:19 PM | Computer Name = ACER-6E40E97492 | Source = McLogEvent | ID = 5022
Description =
[ System Events ]
Error - 5/2/2009 2:40:07 PM | Computer Name = ACER-6E40E97492 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.
Error - 5/2/2009 5:12:11 PM | Computer Name = ACER-6E40E97492 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.
Error - 5/2/2009 11:50:09 PM | Computer Name = ACER-6E40E97492 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.
Error - 5/2/2009 11:52:49 PM | Computer Name = ACER-6E40E97492 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.
Error - 5/7/2009 1:17:59 PM | Computer Name = ACER-6E40E97492 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.124 for the Network Card with network
address 00234D716739 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 5/7/2009 11:28:17 PM | Computer Name = ACER-6E40E97492 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.
Error - 5/7/2009 11:31:26 PM | Computer Name = ACER-6E40E97492 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.
Error - 5/10/2009 10:18:42 AM | Computer Name = ACER-6E40E97492 | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 5/10/2009 4:40:22 PM | Computer Name = ACER-6E40E97492 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.
Error - 5/10/2009 4:42:50 PM | Computer Name = ACER-6E40E97492 | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.
< End of report >
Yes, I did have two anti-virus programs. Since reading your post I have deleted the AVG and now only have BitDefender. I found the virus after a BitDefender scan. It said that it was found in my volume.