Okay here they are.
GMER
GMER 1.0.15.15530 -
http://www.gmer.netRootkit scan 2010-12-01 18:23:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-16 WDC_WD800JB-00JJC0 rev.05.01C05
Running: wyz1m7pr.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\ugtdqpog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xED9E2558]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xED9E2E5C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xED9E3C90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xED9E41DA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xED9E3138]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xED9E13C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xED9E40C0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xED9E2146]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xED9E3F94]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xED9E22EE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xED9E42FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xED9E2AE4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xED9E402A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xED9E59E2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xED9E19D2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xED9E1D86]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xED9E35BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xED9E6BEE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xED9E1ED2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xED9E1F6A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xED9E33C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xED9E5AD4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xED9E13A4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xED9E13B6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xED9E623C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xED9E2096]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xED9E4270]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xED9E2EDE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xED9E1588]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xED9E4150]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xED9E2794]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xED9E5FD6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xED9E4390]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xED9E2686]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xED9E2002]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xED9E1C3A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xED9E6576]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xED9E1864]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xED9E5E68]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xED9E1AF4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xED9E0DDE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xED9E46F4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xED9E45BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xED9E577C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xED9E1156]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xED9E6A90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xED9E0D76]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xED9E39D6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xED9E2D00]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xED9E501C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xED9E5C72]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xED9E66C6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xED9E16DE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xED9E67B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xED9E68F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xED9E5906]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xED9E2930]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xED9E2890]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xED9E641A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xED9E2A1A]
INT 0x01 \SystemRoot\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) F617A4F6
INT 0x03 \SystemRoot\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) F617A59C
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804E9FA0 5 Bytes JMP ED9D4FE6 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EE87E 5 Bytes JMP ED9D53C2 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!ZwCallbackReturn + 2508 80501D40 12 Bytes [D4, 5A, 9E, ED, A4, 13, 9E, ...] {AAM 0x5a; SAHF ; IN EAX, DX; MOVSB ; ADC EBX, [ESI-0x61ec4913]; IN EAX, DX}
.text ntkrnlpa.exe!ZwCallbackReturn + 2684 80501EBC 16 Bytes [F4, 1A, 9E, ED, DE, 0D, 9E, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 2778 80501FB0 12 Bytes [B8, 67, 9E, ED, F2, 68, 9E, ...] {MOV EAX, 0xf2ed9e67; PUSH 0x5906ed9e; SAHF ; IN EAX, DX}
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF6004000, 0x175176, 0xE8000020]
init C:\WINDOWS\System32\Drivers\sunkfilt.sys entry point in "init" section [0xF787F300]
.text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xF66AD300, 0x22020, 0xE8000020]
.text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xF7857300, 0x1B7E, 0xE8000020]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [F6EA7000] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [F6EA7000] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\tcpip6.sys[TDI.SYS!TdiRegisterDeviceObject] [F6EA7000] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\nwlnkipx.sys[TDI.SYS!TdiRegisterDeviceObject] [F6EA7000] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\nwlnknb.sys[TDI.SYS!TdiRegisterDeviceObject] [F6EA7000] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\nwlnkspx.sys[TDI.SYS!TdiRegisterDeviceObject] [F6EA7000] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Udfs.SYS (UDF File System Driver/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 08: copy of MBR
---- EOF - GMER 1.0.15 ----
OTL
OTL logfile created on: 12/1/2010 3:44:35 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 40.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 20.85 Gb Free Space | 27.97% Space Free | Partition Type: NTFS
Drive D: | 2.43 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: KBROOM | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV - (nosGetPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (PrismXL) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (McDetect.exe) -- c:\Program Files\McAfee.com\Agent\Mcdetect.exe (McAfee, Inc)
SRV - (McTskshd.exe) -- c:\Program Files\McAfee.com\Agent\McTskshd.exe (McAfee, Inc)
SRV - (mcupdmgr.exe) -- C:\Program Files\McAfee.com\Agent\mcupdmgr.exe (McAfee, Inc)
SRV - (ACS) -- C:\WINDOWS\system32\acs.exe ()
SRV - (McAfeeAntiSpyware) -- C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe (Network Associates, Inc.)
========== Driver Services (SafeList) ========== DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found
DRV - (RimUsb) -- C:\WINDOWS\System32\Drivers\RimUsb.sys File not found
DRV - (cpuz132) -- C:\DOCUME~1\Owner\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (kl2) -- C:\WINDOWS\system32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\WINDOWS\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab ZAO)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV - (Sftredir) -- C:\WINDOWS\system32\drivers\Sftredirxp.sys (Microsoft Corporation)
DRV - (Sftvol) -- C:\WINDOWS\system32\drivers\Sftvolxp.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\WINDOWS\system32\drivers\Sftplayxp.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\WINDOWS\system32\drivers\Sftfsxp.sys (Microsoft Corporation)
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
DRV - (BLKWGD) -- C:\WINDOWS\system32\drivers\BLKWGD.sys (Belkin Corporation.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (SunkFilt) -- C:\WINDOWS\system32\drivers\Sunkfilt.sys (Alcor Micro Corp.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (wlanndi5) -- C:\WINDOWS\system32\wlanndi5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (mxnic) -- C:\WINDOWS\system32\drivers\mxnic.sys (Macronix International Co., Ltd. )
DRV - (USRpdA) -- C:\WINDOWS\system32\drivers\USRpdA.sys (U.S. Robotics Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://news.yahoo.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:29775
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:29775
IE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
http://home.mywebsearch.com/index.jhtml ... DlSjD8oDxQIE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Ask"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}:1.0.3.105
FF - prefs.js..extensions.enabledItems: gamebox@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {f264a272-1abb-f2c6-410e-89388ec74d28}:4.6.6.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems:
KavAntiBanner@Kaspersky.ru:11.0.1.400
FF - prefs.js..extensions.enabledItems:
linkfilter@kaspersky.ru:11.0.1.400
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZJfox000&fl=0&ptb=iRi1k3hKeZjgDlSjD8oDxQ&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77ce7918&searchfor="
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "*.local,localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 4
FF - HKLM\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/21 17:46:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/30 12:18:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/30 12:18:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010/11/29 19:49:21 | 000,000,000 | ---D | M]
[2010/08/24 15:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/08/24 15:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\home2@tomtom.com
[2009/07/15 15:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/12/01 14:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\extensions
[2010/05/04 15:38:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/14 11:24:15 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}
[2010/10/23 22:23:42 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2010/05/04 15:38:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/12/20 22:42:30 | 000,000,000 | ---D | M] (Fast Browser Search) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2010/10/19 14:27:28 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/04/13 17:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\extensions\gamebox@toolbar
[2010/09/27 20:01:29 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\searchplugins\ask.uk.xml
[2010/02/01 22:01:16 | 000,009,977 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\m8voghpj.default\searchplugins\mywebsearch.xml
[2010/12/01 14:19:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/23 16:26:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/11/29 16:42:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/29 20:03:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/03/05 19:29:16 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{f264a272-1abb-f2c6-410e-89388ec74d28}
[2010/11/29 19:51:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010/11/29 19:51:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2009/10/05 03:12:20 | 000,353,280 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\mifrionjvszwu.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/12/20 22:42:34 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png
[2010/01/30 23:19:09 | 000,001,950 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.src
O1 HOSTS File: ([2010/11/29 11:16:41 | 000,426,772 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ie3.proxy.aol.com
O1 - Hosts: 89.149.225.68
www.google.comO1 - Hosts: 89.149.225.68
www.google.deO1 - Hosts: 89.149.225.68
www.google.frO1 - Hosts: 89.149.225.68
www.google.co.ukO1 - Hosts: 89.149.225.68
www.google.com.brO1 - Hosts: 89.149.225.68
www.google.itO1 - Hosts: 89.149.225.68
www.google.esO1 - Hosts: 89.149.225.68
www.google.co.jpO1 - Hosts: 89.149.225.68
www.google.com.mxO1 - Hosts: 89.149.225.68
www.google.caO1 - Hosts: 89.149.225.68
www.google.com.auO1 - Hosts: 89.149.225.68
www.google.nlO1 - Hosts: 89.149.225.68
www.google.co.zaO1 - Hosts: 89.149.225.68
www.google.beO1 - Hosts: 89.149.225.68
www.google.grO1 - Hosts: 89.149.225.68
www.google.atO1 - Hosts: 89.149.225.68
www.google.seO1 - Hosts: 89.149.225.68
www.google.chO1 - Hosts: 89.149.225.68
www.google.ptO1 - Hosts: 89.149.225.68
www.google.dkO1 - Hosts: 89.149.225.68
www.google.fiO1 - Hosts: 89.149.225.68
www.google.ieO1 - Hosts: 89.149.225.68
www.google.noO1 - Hosts: 14703 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O2 - BHO: (egoads) - {c6660f63-8c1e-8904-2c16-cd87913f5eb0} - Reg Error: Value error. File not found
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File not found
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File not found
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileUrl = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskBar = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Nosecuritytab = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUpdateCheck = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\WindowsUpdate: DisableWindowsUpdateAccess = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-2592961891-1294117790-2519880380-1003\..Trusted Domains: google.com ([www] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B}
http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab (CDownloadCtrl Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} Reg Error: Value error. (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {F2A0229A-C4CA-4789-B606-973D24DCDD1C} - C:\Program Files\McAfee\McAfee AntiSpyware\MssShell.dll (Network Associates, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/03/23 12:13:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/09/29 09:55:44 | 000,000,052 | RH-- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{128174e4-d5b2-11de-994c-0013d309033a}\Shell - "" = AutoRun
O33 - MountPoints2\{128174e4-d5b2-11de-994c-0013d309033a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{128174e4-d5b2-11de-994c-0013d309033a}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{608afa65-c577-11db-97e7-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{608afa65-c577-11db-97e7-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{608afa65-c577-11db-97e7-806d6172696f}\Shell\AutoRun\command - "" = D:\Installer.exe -- [2007/05/31 11:13:54 | 001,127,993 | RH-- | M] ()
O33 - MountPoints2\{75531b90-b2c0-11df-9991-0013d309033a}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/11/30 14:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010/11/30 14:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010/11/30 12:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\Activision Value
[2010/11/30 10:44:39 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/29 20:03:12 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/11/29 20:03:12 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/11/29 20:03:12 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/11/29 19:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/11/29 19:47:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2010/11/29 19:46:55 | 000,475,736 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/11/29 19:42:54 | 000,000,000 | ---D | C] -- C:\c9957585ebe695590413
[2010/11/29 19:21:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2010/11/29 16:52:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2010/11/29 16:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010/11/29 16:45:03 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/11/29 16:43:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/11/29 16:42:55 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/11/29 16:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\OpenOffice.org 3.2 (en-US) Installation Files
[2010/11/29 14:17:15 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2010/11/29 14:17:14 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/11/29 14:17:14 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/11/29 14:16:45 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/11/29 14:16:11 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/11/29 14:13:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/11/29 11:23:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\DoctorWeb
[2010/11/29 11:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IObit
[2010/11/27 10:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SecondLife
[2010/11/27 10:08:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\SecondLife
[2010/11/27 10:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\SecondLifeViewer2
[2010/11/24 11:20:06 | 001,830,912 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atiadaxx.exe
[2010/11/12 16:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/11/02 03:04:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/12/01 15:46:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C73E70D4-2858-42CA-970F-F932A96A06C0}.job
[2010/12/01 15:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/12/01 15:23:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/01 15:18:07 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At65.job
[2010/12/01 15:13:05 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/12/01 14:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At91.job
[2010/12/01 14:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/12/01 14:36:46 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/12/01 14:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At68.job
[2010/12/01 14:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/12/01 13:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At79.job
[2010/12/01 13:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/12/01 13:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At71.job
[2010/12/01 13:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/12/01 12:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At102.job
[2010/12/01 12:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/12/01 12:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At77.job
[2010/12/01 12:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/12/01 12:00:00 | 000,000,670 | ---- | M] () -- C:\WINDOWS\tasks\Free Registry Fix.job
[2010/12/01 11:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At95.job
[2010/12/01 11:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/12/01 11:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At66.job
[2010/12/01 11:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/12/01 10:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At81.job
[2010/12/01 10:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/12/01 10:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At69.job
[2010/12/01 10:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/12/01 09:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At89.job
[2010/12/01 09:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/12/01 09:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At67.job
[2010/12/01 09:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/12/01 08:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At86.job
[2010/12/01 08:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/12/01 08:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At63.job
[2010/12/01 08:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/12/01 07:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At84.job
[2010/12/01 07:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/12/01 07:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At60.job
[2010/12/01 07:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/12/01 06:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At94.job
[2010/12/01 06:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/12/01 06:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At61.job
[2010/12/01 06:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/12/01 05:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At96.job
[2010/12/01 05:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/12/01 05:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At62.job
[2010/12/01 05:13:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/12/01 05:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/12/01 04:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At88.job
[2010/12/01 04:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/12/01 04:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At59.job
[2010/12/01 04:13:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/12/01 04:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/12/01 03:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At101.job
[2010/12/01 03:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/12/01 03:20:43 | 000,000,430 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010/12/01 03:19:52 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/01 03:19:52 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2010/12/01 03:19:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/01 03:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At58.job
[2010/12/01 03:13:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/12/01 03:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/12/01 02:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At80.job
[2010/12/01 02:41:01 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/12/01 02:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At57.job
[2010/12/01 02:13:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/12/01 02:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/12/01 01:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At82.job
[2010/12/01 01:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/12/01 01:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At56.job
[2010/12/01 01:13:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/12/01 01:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/12/01 00:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At85.job
[2010/12/01 00:41:01 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/12/01 00:18:04 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At55.job
[2010/12/01 00:13:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/12/01 00:13:02 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/11/30 23:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At87.job
[2010/11/30 23:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At54.job
[2010/11/30 23:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At74.job
[2010/11/30 23:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/11/30 22:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At98.job
[2010/11/30 22:41:01 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At53.job
[2010/11/30 22:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At64.job
[2010/11/30 22:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/11/30 21:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At83.job
[2010/11/30 21:41:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At52.job
[2010/11/30 21:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At70.job
[2010/11/30 21:13:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/11/30 20:48:01 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At100.job
[2010/11/30 20:41:01 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At51.job
[2010/11/30 20:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At75.job
[2010/11/30 20:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/11/30 19:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At99.job
[2010/11/30 19:41:01 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At50.job
[2010/11/30 19:18:00 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At76.job
[2010/11/30 19:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/11/30 18:48:01 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At90.job
[2010/11/30 18:41:01 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At49.job
[2010/11/30 18:18:01 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At78.job
[2010/11/30 18:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/11/30 17:48:01 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At97.job
[2010/11/30 17:41:01 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/11/30 17:18:01 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At72.job
[2010/11/30 17:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/11/30 16:48:01 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At92.job
[2010/11/30 16:41:01 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/11/30 16:18:01 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\At73.job
[2010/11/30 16:13:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/11/30 15:48:00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\At93.job
[2010/11/30 12:50:46 | 000,002,681 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Big Game Hunter 2006 Season.lnk
[2010/11/30 10:45:27 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2010/11/30 03:36:33 | 000,351,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/30 03:19:57 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/11/30 03:13:00 | 000,441,898 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/30 03:13:00 | 000,071,450 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/29 20:09:07 | 000,475,736 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/11/29 20:09:04 | 000,115,465 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/11/29 20:09:04 | 000,097,545 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/11/29 19:59:50 | 000,002,341 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/29 18:18:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/29 18:08:27 | 000,000,034 | ---- | M] () -- C:\WINDOWS\iltwain.ini
[2010/11/29 17:32:55 | 000,013,243 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\geckospread.ods
[2010/11/29 17:18:43 | 000,017,955 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\snakesspread.ods
[2010/11/29 16:55:29 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\New Database.odb
[2010/11/29 16:54:07 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010/11/29 16:48:48 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\OpenOffice.org 3.2.lnk
[2010/11/29 11:16:41 | 000,426,772 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/11/29 11:09:43 | 000,000,151 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\IObit Freeware.url
[2010/11/29 09:33:57 | 000,425,042 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101129-111641.backup
[2010/11/29 09:33:36 | 000,425,042 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101129-093357.backup
[2010/11/29 09:33:17 | 000,425,042 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101129-093336.backup
[2010/11/29 09:32:58 | 000,425,042 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101129-093317.backup
[2010/11/29 09:00:26 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/11/28 11:58:57 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/27 10:08:36 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Second Life Viewer 2.lnk
[2010/11/26 21:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\McAfee AntiSpyware.job
[2010/11/24 12:24:23 | 000,001,494 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ATI 3D Control Panel.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/11/30 14:05:44 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/11/30 12:47:02 | 000,002,681 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Big Game Hunter 2006 Season.lnk
[2010/11/30 12:21:56 | 000,000,577 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/11/30 10:44:39 | 000,002,447 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2010/11/29 19:51:10 | 000,115,465 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/11/29 19:51:10 | 000,097,545 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/11/29 17:32:53 | 000,013,243 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\geckospread.ods
[2010/11/29 17:18:42 | 000,017,955 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\snakesspread.ods
[2010/11/29 16:54:51 | 000,002,309 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\New Database.odb
[2010/11/29 16:54:07 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010/11/29 16:48:47 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\OpenOffice.org 3.2.lnk
[2010/11/29 08:56:16 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At102.job
[2010/11/29 08:56:16 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At101.job
[2010/11/29 08:56:15 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At99.job
[2010/11/29 08:56:15 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At98.job
[2010/11/29 08:56:15 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At97.job
[2010/11/29 08:56:15 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At96.job
[2010/11/29 08:56:15 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At95.job
[2010/11/29 08:56:15 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At100.job
[2010/11/29 08:56:14 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At94.job
[2010/11/29 08:56:14 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At93.job
[2010/11/29 08:56:14 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At92.job
[2010/11/29 08:56:14 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At91.job
[2010/11/29 08:56:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At90.job
[2010/11/29 08:56:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At89.job
[2010/11/29 08:56:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At88.job
[2010/11/29 08:56:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At87.job
[2010/11/29 08:56:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At86.job
[2010/11/29 08:56:12 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At85.job
[2010/11/29 08:56:11 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At84.job
[2010/11/29 08:56:11 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At83.job
[2010/11/29 08:56:11 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At82.job
[2010/11/29 08:56:11 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At81.job
[2010/11/29 08:56:09 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At80.job
[2010/11/29 08:56:08 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\At79.job
[2010/11/27 10:08:36 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Second Life Viewer 2.lnk
[2010/11/24 12:24:23 | 000,001,494 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ATI 3D Control Panel.lnk
[2010/11/13 20:12:13 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At78.job
[2010/11/13 20:12:13 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At77.job
[2010/11/13 20:12:13 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At76.job
[2010/11/13 20:12:13 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At75.job
[2010/11/13 20:12:12 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At74.job
[2010/11/13 20:12:12 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At73.job
[2010/11/13 20:12:12 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At72.job
[2010/11/13 20:12:11 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At71.job
[2010/11/13 20:12:10 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At70.job
[2010/11/13 20:12:10 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At69.job
[2010/11/13 20:12:10 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At68.job
[2010/11/13 20:12:09 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At67.job
[2010/11/13 20:12:09 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At66.job
[2010/11/13 20:12:09 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At65.job
[2010/11/13 20:12:08 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At64.job
[2010/11/13 20:12:01 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At63.job
[2010/11/13 20:12:01 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At62.job
[2010/11/13 20:12:01 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At61.job
[2010/11/13 20:12:01 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At60.job
[2010/11/13 20:12:01 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At59.job
[2010/11/13 20:12:01 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At58.job
[2010/11/13 20:12:01 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At57.job
[2010/11/13 20:12:01 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At56.job
[2010/11/13 20:12:00 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\At55.job
[2010/11/12 16:09:56 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/10/27 19:47:45 | 000,000,389 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/10/17 15:16:03 | 000,000,284 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009/11/23 16:27:31 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009/11/12 03:03:22 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/05/24 20:48:07 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2008/06/28 23:42:26 | 000,000,034 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2008/01/11 05:33:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/10/22 21:00:25 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/10/09 19:05:21 | 000,000,261 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2007/06/28 00:18:17 | 000,002,913 | ---- | C] () -- C:\WINDOWS\seRapid.INI
[2007/05/31 13:47:06 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007/05/31 13:47:04 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007/05/02 21:43:43 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\sh33w32.dll
[2007/04/11 20:04:46 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\B7254F4704.sys
[2007/03/07 01:56:31 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/02/26 14:59:44 | 000,002,776 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/02/26 14:59:44 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\5AAF85BC4A.sys
[2007/02/26 02:50:36 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/03/23 22:07:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/03/23 10:53:24 | 000,001,420 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/03/23 10:53:24 | 000,000,482 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2005/03/23 04:03:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/10/06 12:42:56 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 17:04:24 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002/10/04 17:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/10/04 17:04:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/05/15 17:38:40 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2001/02/03 02:22:08 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\ExportModeller.dll
[2001/02/03 00:59:28 | 000,049,223 | ---- | C] () -- C:\WINDOWS\System32\crtslv.dll
[2000/11/08 15:46:00 | 000,404,992 | ---- | C] () -- C:\WINDOWS\System32\amzi4.dll
[2000/04/27 08:28:26 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll
[1999/12/02 17:01:20 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\ISP2000.dll
[1999/09/22 01:00:00 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\pg32conv.dll
[1999/05/24 03:37:44 | 000,347,648 | ---- | C] () -- C:\WINDOWS\System32\OMNIOR~1.DLL
[1999/05/24 03:37:44 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\OMNITH~1.DLL
[1997/06/13 19:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
EXTRAS
OTL Extras logfile created on: 12/1/2010 3:44:35 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 40.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 20.85 Gb Free Space | 27.97% Space Free | Partition Type: NTFS
Drive D: | 2.43 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: KBROOM | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"11575:TCP" = 11575:TCP:*:Disabled:limewire
"11575:UDP" = 11575:UDP:*:Disabled:limewire
"40218:TCP" = 40218:TCP:*:Disabled:limewire
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- (Veoh Networks)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Disabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Disabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Disabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Disabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Disabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Disabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Disabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Disabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Disabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Disabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Disabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Disabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\hpwucli.exe" = C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Disabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Disabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}" = HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite eMachines
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{2376AAB2-F4D9-48D7-A42B-4E80B8967A8B}" = F4500
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{28B80CEB-9340-4726-84D3-DF70C4349782}" = Cabela's Big Game Hunter 2006 Season
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5314FAC0-F8A5-4432-8980-251D055B2C5B}" = Belkin Wireless Utility
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7CD17545-765B-4AE9-BF87-DEF49429EB65}" = Degei4
"{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85498904-0748-45AA-9482-6DB8EA971B91}" = DJ_AIO_06_F4500_SW_MIN
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{a0bcf90f-b4e4-435c-a48d-8faae10554f9}" = Pixia
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Creepy & Cute Parts Pack
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F39A74A0-FAE2-401C-AED1-1C941AA28EA8}" = McAfee AntiSpyware
"{F545F05E-5CD5-4FC9-B02B-94AFFB74B678}" = SpyHunter
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver (Omega 3.8.442)
"AVI Movie Player" = AVI Movie Player
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"Corel Applications" = Corel Applications
"d57c76b4-ea5f-c732-6065-e3e789681e83" = Contextual Tool Egoads
"DivX Setup.divx.com" = DivX Setup
"Download Manager" = Download Manager 2.3.10
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Free Registry Fix" = Free Registry Fix 5.6
"Google Updater" = Google Updater
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InfoRapid Search & Replace" = InfoRapid Search & Replace
"InstallShield_{5314FAC0-F8A5-4432-8980-251D055B2C5B}" = Belkin Wireless Utility
"InstallShield_{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}" = Digital Media Reader
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan
"Mcafee SecurityCenter" = McAfee SecurityCenter
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft DirectX SDK (June 2010)" = Microsoft DirectX SDK (June 2010)
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MultiRes (remove only)" = MultiRes (remove only)
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PC Fix 2010_is1" = PCFix
"Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools
"RealPlayer 6.0" = RealPlayer Basic
"SecondLifeViewer2" = SecondLifeViewer2 (remove only)
"Shop for HP Supplies" = Shop for HP Supplies
"Smart Defrag_is1" = Smart Defrag
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ST5UNST #1" = SnakeMeasurer
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Veoh Web Player Beta" = Veoh Web Player
"ViewpointMediaPlayer" = Viewpoint Media Player
"Virus Effect Remover - Version 3.2.2.26_20100312_is1" = Virus Effect Remover©
"VLC media player" = VideoLAN VLC media player 0.8.6d
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2592961891-1294117790-2519880380-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SOE-Free Realms" = Free Realms
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 11/30/2010 2:15:19 PM | Computer Name = KBROOM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established
Error - 11/30/2010 2:18:46 PM | Computer Name = KBROOM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.
Error - 11/30/2010 2:20:29 PM | Computer Name = KBROOM | Source = MsiInstaller | ID = 11706
Description = Product: TrayApp -- Error 1706. An installation package for the product
TrayApp cannot be found. Try the installation again using a valid copy of the installation
package 'TrayApp.msi'.
Error - 11/30/2010 2:20:35 PM | Computer Name = KBROOM | Source = MsiInstaller | ID = 11706
Description = Product: TrayApp -- Error 1706. An installation package for the product
TrayApp cannot be found. Try the installation again using a valid copy of the installation
package 'TrayApp.msi'.
Error - 11/30/2010 2:20:41 PM | Computer Name = KBROOM | Source = MsiInstaller | ID = 11706
Description = Product: TrayApp -- Error 1706. An installation package for the product
TrayApp cannot be found. Try the installation again using a valid copy of the installation
package 'TrayApp.msi'.
Error - 11/30/2010 2:20:58 PM | Computer Name = KBROOM | Source = MsiInstaller | ID = 11706
Description = Product: TrayApp -- Error 1706. An installation package for the product
TrayApp cannot be found. Try the installation again using a valid copy of the installation
package 'TrayApp.msi'.
Error - 11/30/2010 2:22:57 PM | Computer Name = KBROOM | Source = MsiInstaller | ID = 11706
Description = Product: TrayApp -- Error 1706. An installation package for the product
TrayApp cannot be found. Try the installation again using a valid copy of the installation
package 'TrayApp.msi'.
Error - 11/30/2010 2:23:08 PM | Computer Name = KBROOM | Source = MsiInstaller | ID = 11706
Description = Product: Status -- Error 1706. An installation package for the product
Status cannot be found. Try the installation again using a valid copy of the installation
package 'status.msi'.
Error - 11/30/2010 2:41:34 PM | Computer Name = KBROOM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established
Error - 11/30/2010 3:25:23 PM | Computer Name = KBROOM | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established
[ System Events ]
Error - 12/1/2010 2:13:02 AM | Computer Name = KBROOM | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942405
Error - 12/1/2010 3:13:00 AM | Computer Name = KBROOM | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942405
Error - 12/1/2010 4:13:00 AM | Computer Name = KBROOM | Source = Schedule | ID = 7901
Description = The At3.job command failed to start due to the following error: %%2147942405
Error - 12/1/2010 5:13:00 AM | Computer Name = KBROOM | Source = Schedule | ID = 7901
Description = The At5.job command failed to start due to the following error: %%2147942405
Error - 12/1/2010 5:20:11 AM | Computer Name = KBROOM | Source = Service Control Manager | ID = 7000
Description = The Sftfs service failed to start due to the following error: %%31
Error - 12/1/2010 5:20:11 AM | Computer Name = KBROOM | Source = Service Control Manager | ID = 7001
Description = The Application Virtualization Client service depends on the Sftfs
service which failed to start because of the following error: %%31
Error - 12/1/2010 5:20:11 AM | Computer Name = KBROOM | Source = Service Control Manager | ID = 7001
Description = The Client Virtualization Handler service depends on the Application
Virtualization Client service which failed to start because of the following error:
%%1068
Error - 12/1/2010 5:20:38 AM | Computer Name = KBROOM | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde
Error - 12/1/2010 6:13:00 AM | Computer Name = KBROOM | Source = Schedule | ID = 7901
Description = The At4.job command failed to start due to the following error: %%2147942405
Error - 12/1/2010 7:13:00 AM | Computer Name = KBROOM | Source = Schedule | ID = 7901
Description = The At6.job command failed to start due to the following error: %%2147942405
< End of report >