Hi peku006, Thanks for your help. ^_^ There are the 2 files.
OTL.Txt
OTL logfile created on: 9/10/2009 11:45:50 - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = D:\Documents and Settings\jzhao\My Documents
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
2.00 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 38.00% Memory free
3.85 Gb Paging File | 2.73 Gb Available in Paging File | 70.87% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 59.61 Gb Total Space | 48.64 Gb Free Space | 81.60% Space Free | Partition Type: NTFS
Drive D: | 89.40 Gb Total Space | 77.55 Gb Free Space | 86.74% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 10.00 Gb Total Space | 10.00 Gb Free Space | 100.00% Space Free | Partition Type: NWFS
I: Drive not present or media not loaded
Drive R: | 10.00 Gb Total Space | 5.42 Gb Free Space | 54.23% Space Free | Partition Type: NWFS
Drive S: | 14.95 Gb Total Space | 9.36 Gb Free Space | 62.60% Space Free | Partition Type: NWFS
Drive T: | 146.48 Gb Total Space | 14.44 Gb Free Space | 9.86% Space Free | Partition Type: NWFS
Drive U: | 250.00 Gb Total Space | 18.63 Gb Free Space | 7.45% Space Free | Partition Type: NWFS
Drive W: | 100.00 Gb Total Space | 17.30 Gb Free Space | 17.30% Space Free | Partition Type: NWFS
Drive Y: | 14.95 Gb Total Space | 9.36 Gb Free Space | 62.60% Space Free | Partition Type: NWFS
Drive Z: | 14.95 Gb Total Space | 9.36 Gb Free Space | 62.60% Space Free | Partition Type: NWFS
Computer Name: ENG2175
Current User Name: jzhao
NOT logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Novell\ZENworks\NalAgent.exe (Novell, Inc)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\System32\dpmw32.exe (Novell, Inc.)
PRC - C:\WINDOWS\System32\NWTRAY.EXE (Novell, Inc.)
PRC - C:\ePOAgent\Common Framework\UdaterUI.exe (McAfee, Inc.)
PRC - c:\ePOAgent\Common Framework\McTray.exe (McAfee, Inc.)
PRC - C:\WINDOWS\System32\iprntctl.exe (Novell, Inc.)
PRC - C:\WINDOWS\System32\iprntlgn.exe (Novell, Inc.)
PRC - C:\WINDOWS\System32\iprntlgn.exe (Novell, Inc.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
PRC - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe (Cisco Systems, Inc)
PRC - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE (Microsoft Corporation)
PRC - C:\matlabR14\bin\win32\MATLAB.exe (The MathWorks Inc.)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - D:\TASK\Kingsoft\xdict.exe (Kingsoft Co, Ltd.)
PRC - C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\EndNote X\EndNote.exe (Thomson ResearchSoft)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\AutoCAD 2007\acad.exe (Autodesk, Inc.)
PRC - D:\Documents and Settings\jzhao\Local Settings\Temp\AdskCleanup.0001 (Macrovision Europe Ltd.)
PRC - D:\Documents and Settings\jzhao\Local Settings\Temp\AdskCleanup.0001 (Macrovision Europe Ltd.)
PRC - D:\Documents and Settings\jzhao\My Documents\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== ========== Driver Services (SafeList) ========== ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.eng.uts.edu.auIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.eng.uts.edu.auIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.eng.uts.edu.auIE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\S-1-5-21-3255292066-3476479179-2278027394-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/29 17:40:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/29 17:40:01 | 00,000,000 | ---D | M]
[2009/09/29 17:40:45 | 00,000,000 | ---D | M] -- D:\Documents and Settings\jzhao\Application Data\mozilla\Extensions
[2009/09/29 17:40:45 | 00,000,000 | ---D | M] -- D:\Documents and Settings\jzhao\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/29 17:40:45 | 00,000,000 | ---D | M] -- D:\Documents and Settings\jzhao\Application Data\mozilla\Firefox\Profiles\rkrwc562.default\extensions
[2009/09/29 17:40:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/29 17:40:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/25 07:17:45 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/25 07:17:45 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/08/25 07:17:45 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/08/25 06:10:36 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/08/25 06:10:36 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/08/25 06:10:36 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/08/25 06:10:36 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/25 06:10:36 | 00,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/08/25 06:10:36 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/25 06:10:36 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/25 06:10:36 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [iPrint Event Monitor] C:\WINDOWS\System32\iprntlgn.exe (Novell, Inc.)
O4 - HKLM..\Run: [iPrint Tray] C:\WINDOWS\System32\iprntctl.exe (Novell, Inc.)
O4 - HKLM..\Run: [KeyAccess] C:\WINDOWS\keyacc32.exe (Sassafras Software Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] c:\ePOAgent\Common Framework\UdaterUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NDPS] C:\WINDOWS\System32\dpmw32.exe (Novell, Inc.)
O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\NWTRAY.EXE (Novell, Inc.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [ZENRC Tray Icon] C:\WINDOWS\System32\zentray.exe (Novell, Inc.)
O4 - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe ()
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe (Cisco Systems, Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\KeyAccess.lnk = C:\WINDOWS\keyacc32.exe (Sassafras Software Inc.)
O4 - Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\WINDOWS\Installer\{DE75F4B7-8C44-4460-BBED-1B34E93A1F1D}\Icon_WZQKPICK.EXE (InstallShield Software Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O7 - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Program Files\Novell\ZENworks\AxNalServer.dll (Novell, Inc)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\netware\NWWS2NDS.DLL (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\System32\netware\NWWS2SAP.DLL (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\System32\netware\NWWS2SLP.DLL (Novell, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: edu.au ([*.uts] * in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: edu.au ([*.uts] * in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\..Trusted Domains: edu.au ([*.uts] * in Trusted sites)
O15 - HKU\S-1-5-21-3255292066-3476479179-2278027394-1007\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01}
http://site.ebrary.com.ezproxy.lib.uts. ... aryRdr.cab (Infotl Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2_06)
O16 - DPF: {8EF6B33A-D553-4440-8EC1-CF1B0AFEE9D2}
http://www.dxstudio.com/downloads/DXWebSetup.dll (DX Studio Player Web Setup DLL)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}
http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 138.25.40.32 138.25.40.30 138.25.16.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (KATRACK.DLL) - C:\WINDOWS\KATRACK.DLL (Sassafras Software Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (ziswin.exe) - C:\WINDOWS\System32\ziswin.exe (Novell)
O20 - HKLM Winlogon: GinaDLL - (NWGINA.DLL) - C:\WINDOWS\System32\NWGINA.DLL (Novell, Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\NetIdentity Notification: DllName - C:\WINDOWS\system32\Novell\XtNotify.dll - C:\WINDOWS\System32\Novell\XtNotify.dll (Novell, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {763370C4-268E-4308-A60C-D8DA0342BE32} - C:\Program Files\Novell\ZENworks\NalShell.dll (Novell, Inc)
O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/11/30 10:26:01 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/11/05 09:31:38 | 00,000,097 | -HS- | M] () - Y:\autorun.inf -- [ NWFS ]
O33 - MountPoints2\{129b2a5b-bd78-11dc-ab08-0019b9045414}\Shell\AutoRun\command - "" = fooool.exe
O33 - MountPoints2\{129b2a5b-bd78-11dc-ab08-0019b9045414}\Shell\explore\Command - "" = fooool.exe
O33 - MountPoints2\{129b2a5b-bd78-11dc-ab08-0019b9045414}\Shell\open\Command - "" = fooool.exe
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ========== [1 C:\WINDOWS\*.tmp files]
[2009/09/21 13:45:58 | 00,000,000 | ---D | C] -- D:\Documents and Settings\jzhao\Application Data\Baidu
[2009/10/02 09:47:32 | 00,000,000 | ---D | C] -- D:\Documents and Settings\jzhao\Application Data\Inkscape
[2009/09/29 17:40:42 | 00,000,000 | ---D | C] -- D:\Documents and Settings\jzhao\Local Settings\Application Data\Mozilla
[2009/09/29 17:39:58 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/10/02 10:59:23 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/10/09 11:44:23 | 00,520,704 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\jzhao\My Documents\OTL.exe
[2009/09/24 11:38:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/09/18 13:11:30 | 00,167,936 | ---- | C] (Ricoh Co.,Ltd.) -- C:\WINDOWS\System32\JCUI.exe
[2009/09/16 12:23:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2009/09/16 12:23:56 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2009/09/16 12:23:56 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/10/09 11:44:31 | 00,520,704 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\jzhao\My Documents\OTL.exe
[2009/10/09 11:39:00 | 00,011,541 | ---- | M] () -- D:\Documents and Settings\jzhao\My Documents\planetary gearset simulation.rar
[2009/10/06 09:10:25 | 00,393,510 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/06 09:10:25 | 00,059,110 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/06 09:10:24 | 00,458,662 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/06 09:09:18 | 00,002,069 | ---- | M] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2009/10/06 09:09:16 | 00,002,123 | ---- | M] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2009/10/06 09:08:31 | 00,001,543 | ---- | M] () -- C:\WINDOWS\keyacc.ini
[2009/10/06 09:08:18 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/06 09:08:18 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/06 09:08:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/03 12:57:35 | 00,084,992 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\KeyAccess Audit
[2009/10/02 10:59:23 | 00,001,612 | ---- | M] () -- D:\Documents and Settings\jzhao\Desktop\HijackThis.lnk
[2009/10/01 19:56:20 | 00,000,284 | ---- | M] () -- C:\WINDOWS\matlab.ini
[2009/10/01 10:18:30 | 00,000,029 | ---- | M] () -- C:\WINDOWS\AdvConfig.ini
[2009/09/29 17:40:03 | 00,001,500 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/09/24 11:13:13 | 00,000,049 | ---- | M] () -- C:\WINDOWS\hpmnwun.ini
[2009/09/17 11:38:40 | 00,362,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/09/16 18:00:30 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files - No Company Name ==========[2009/10/09 11:39:44 | 00,011,541 | ---- | C] () -- D:\Documents and Settings\jzhao\My Documents\planetary gearset simulation.rar
[2009/10/02 10:59:23 | 00,001,612 | ---- | C] () -- D:\Documents and Settings\jzhao\Desktop\HijackThis.lnk
[2009/09/29 17:40:03 | 00,001,500 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2008/04/09 13:53:04 | 00,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2007/10/24 11:08:28 | 00,034,671 | ---- | C] () -- C:\WINDOWS\System32\drivers\nipplpt.sys
[2007/08/17 14:50:48 | 00,084,992 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\KeyAccess Audit
[2007/05/24 13:26:31 | 00,008,138 | ---- | C] () -- C:\WINDOWS\Accord50.Ini
[2007/04/11 14:39:33 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/04/04 16:25:20 | 00,001,759 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/04/02 13:36:48 | 00,001,280 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2007/04/02 13:31:56 | 00,000,029 | ---- | C] () -- C:\WINDOWS\AdvConfig.ini
[2007/03/28 12:48:56 | 00,097,808 | ---- | C] () -- D:\Documents and Settings\jzhao\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007/03/12 09:28:07 | 00,000,049 | ---- | C] () -- C:\WINDOWS\hpmnwun.ini
[2007/03/12 09:25:13 | 00,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2007/03/12 09:24:33 | 00,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2007/03/08 15:08:22 | 00,000,284 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2007/03/08 13:23:59 | 08,146,126 | -H-- | C] () -- D:\Documents and Settings\jzhao\Local Settings\Application Data\IconCache.db
[2007/03/08 13:23:59 | 00,010,752 | ---- | C] () -- D:\Documents and Settings\jzhao\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/08 13:23:59 | 00,000,062 | -HS- | C] () -- D:\Documents and Settings\jzhao\Application Data\desktop.ini
[2006/11/30 17:02:33 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/30 15:56:01 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/11/30 12:00:46 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\GAMSWrap.dll
[2006/11/30 12:00:05 | 00,002,420 | ---- | C] () -- C:\WINDOWS\lwppro.ini
[2006/11/30 12:00:04 | 00,002,757 | ---- | C] () -- C:\WINDOWS\System32\rdrstats.ini
[2006/11/30 12:00:02 | 00,245,843 | ---- | C] () -- C:\WINDOWS\System32\nwshlxnt.dll
[2006/11/30 12:00:01 | 00,065,619 | ---- | C] () -- C:\WINDOWS\System32\setupw2k.dll
[2006/11/30 12:00:01 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\lgncon32.dll
[2006/11/30 12:00:01 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\dplgnw32.dll
[2006/11/30 12:00:00 | 00,216,064 | ---- | C] () -- C:\WINDOWS\System32\lgnwnt32.dll
[2006/11/30 12:00:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\prtwin32.dll
[2006/11/30 12:00:00 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\nwpsrv32.dll
[2006/11/30 11:59:59 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\nwslog32.dll
[2006/11/30 09:02:43 | 00,000,062 | -HS- | C] () -- D:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/03/17 03:39:12 | 00,454,761 | ---- | C] () -- C:\WINDOWS\System32\boost_regex-vc6-mt-1_31.dll
[2004/03/17 03:38:26 | 00,467,052 | ---- | C] () -- C:\WINDOWS\System32\boost_regex-vc6-mt-gd-1_31.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/04/17 14:21:44 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\XMLPARSE.DLL
[2000/09/01 14:00:00 | 00,001,543 | ---- | C] () -- C:\WINDOWS\keyacc.ini
[1999/08/07 01:05:16 | 00,212,480 | ---- | C] () -- C:\WINDOWS\System32\DBPORT6.DLL
[1980/01/01 11:00:00 | 00,000,877 | ---- | C] () -- C:\WINDOWS\win.ini
[1980/01/01 11:00:00 | 00,000,250 | ---- | C] () -- C:\WINDOWS\system.ini
< End of report >
Extras.Txt
OTL Extras logfile created on: 9/10/2009 11:45:50 - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = D:\Documents and Settings\jzhao\My Documents
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
2.00 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 38.00% Memory free
3.85 Gb Paging File | 2.73 Gb Available in Paging File | 70.87% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 59.61 Gb Total Space | 48.64 Gb Free Space | 81.60% Space Free | Partition Type: NTFS
Drive D: | 89.40 Gb Total Space | 77.55 Gb Free Space | 86.74% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 10.00 Gb Total Space | 10.00 Gb Free Space | 100.00% Space Free | Partition Type: NWFS
I: Drive not present or media not loaded
Drive R: | 10.00 Gb Total Space | 5.42 Gb Free Space | 54.23% Space Free | Partition Type: NWFS
Drive S: | 14.95 Gb Total Space | 9.36 Gb Free Space | 62.60% Space Free | Partition Type: NWFS
Drive T: | 146.48 Gb Total Space | 14.44 Gb Free Space | 9.86% Space Free | Partition Type: NWFS
Drive U: | 250.00 Gb Total Space | 18.63 Gb Free Space | 7.45% Space Free | Partition Type: NWFS
Drive W: | 100.00 Gb Total Space | 17.30 Gb Free Space | 17.30% Space Free | Partition Type: NWFS
Drive Y: | 14.95 Gb Total Space | 9.36 Gb Free Space | 62.60% Space Free | Partition Type: NWFS
Drive Z: | 14.95 Gb Total Space | 9.36 Gb Free Space | 62.60% Space Free | Partition Type: NWFS
Computer Name: ENG2175
Current User Name: jzhao
NOT logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3255292066-3476479179-2278027394-1007\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.scr [@ = AutoCADScriptFile] -- "" "%1"
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe"
http://www.dd4000.cn (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04010300-6D72-4D54-8686-91D884A27B5C}" = Cisco Clean Access Agent
"{09FD1B4F-236C-4044-84C8-17DF24B78EEF}" = Inkscape
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2DDF7B8C-2A1C-43E6-8881-5F8B3F8FA279}" = Photo Editor
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35C03C04-3F1F-42C2-A989-A757EE691F65}" = McAfee VirusScan Enterprise
"{430B5D82-DFAA-411F-A26F-3FF2FE159A57}" = Google Toolbar 2.0.114
"{445720BF-5F16-48BB-B99F-1062AFD13F6F}" = AbsoluteFTP 2.2.7
"{5783F2D7-5001-0409-0002-0060B0CE6BBA}" = AutoCAD 2007 - English
"{5BED2EDE-A1D1-42A6-8B41-D6E718962B1E}" = Putty
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7148F0A8-6813-11D6-A77B-00B0D0142060}" = Java 2 Runtime Environment, SE v1.4.2_06
"{7878B1D4-B2CB-4EA8-9A0A-7E0575D23B96}" = ZENworks Desktop Management Agent
"{848F5F25-D635-4FB3-A280-018D60FA64AA}" = Wolfram Mathematica 6
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{929408E6-D265-4174-805F-81D1D914E2A4}" = QuickTime
"{996CC9D2-EE76-4FBF-B7A5-C7C0358DC304}" = Wolfram Notebook Indexer 2.0
"{9B427732-573E-4E78-B6FA-AC3E5A218BA2}" = NMAS Client
"{A4EEC865-3910-481B-BE15-8E4063C6090D}" = Ghostscript 8.50
"{AC76BA86-1033-0000-7760-100000000002}" = Adobe Acrobat 7.0 Professional
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{B9A5A789-D491-49FB-958C-BFEC2C11BB1D}" = NMAS Challenge Response Method
"{BC7AA667-0E1E-4EA0-9B1A-AA0958FD39AB}" = Super Flexible File Synchronizer
"{BCF7C15F-F9D6-485A-8C1A-634AC8D7AD28}" = Mozilla Thunderbird
"{C186D101-AE52-4201-B17D-DBA0C6CC0C7A}" = Engauge Digitizer
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D91EEFEB-965F-4975-9094-14808CC0D651}" = Windows Media Player 10 Series
"{DE75F4B7-8C44-4460-BBED-1B34E93A1F1D}" = WinZip 9.0
"{E23D1D2C-1762-11D5-A8D2-00C04FA35723}" = KeyServer Client
"{E92B7A19-5FD5-4AEE-9FEF-7AD5DD3A675E}" = MetaFrame Presentation Server Client
"{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}" = NICI (Shared) U.S./Worldwide (128 bit) (2.7.3-1)
"{FE4BD9BD-4A26-4F39-B12C-19336204B102}" = EndNote X Volume License Edition
"AccelrysAccordSDK51RT" = Accord SDK 5.1 Runtime
"Adobe Acrobat 7.0 Professional - V" = Adobe Acrobat 7.0.5 Professional
"ATI Display Driver" = ATI Display Driver
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"HijackThis" = HijackThis 2.0.2
"InstallShield_{848F5F25-D635-4FB3-A280-018D60FA64AA}" = Wolfram Mathematica 6
"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper
"MatlabR14SP3" = MATLAB 7.1
"McAfee Anti-Spyware Enterprise Module" = McAfee AntiSpyware Enterprise Module
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"Novell Client for Windows" = Novell Client for Windows
"Novell iPrint Client" = Novell iPrint Client v04.32.00
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Wallpaper Friend 1.1" = Wallpaper Friend 1.1
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3255292066-3476479179-2278027394-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Stereogram Screensaver_is1" = Stereogram Screensaver v1.0
< End of report >