Here is the OTL log file:
OTL logfile created on: 5/4/2011 7:07:53 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 74.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.68 Gb Total Space | 60.69 Gb Free Space | 57.98% Space Free | Partition Type: NTFS
Drive D: | 7.09 Gb Total Space | 0.36 Gb Free Space | 5.08% Space Free | Partition Type: FAT32
Computer Name: KAGJRBDRM | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version6\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
PRC - C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Seagate LLC)
PRC - C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\dwwin.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\WINDOWS\system32\StkASv2K.exe (Syntek America Inc.)
PRC - C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Program Files\TeamViewer\Version6\tv_w32.dll (TeamViewer GmbH)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\crtdll.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (NMIndexingService) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (dsNcService) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (StkASSrv) -- C:\WINDOWS\system32\StkASv2K.exe (Syntek America Inc.)
========== Driver Services (SafeList) ========== DRV - (MpKslbd457d61) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslbd457d61.sys (Microsoft Corporation)
DRV - (MpKsl137394ee) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl137394ee.sys (Microsoft Corporation)
DRV - (MpKslc74c66fc) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslc74c66fc.sys (Microsoft Corporation)
DRV - (MpKsl58499cc9) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl58499cc9.sys (Microsoft Corporation)
DRV - (MpKsl8c95d5ff) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl8c95d5ff.sys (Microsoft Corporation)
DRV - (MpKsl214adfb3) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl214adfb3.sys (Microsoft Corporation)
DRV - (MpKslf5348dc4) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslf5348dc4.sys (Microsoft Corporation)
DRV - (MpKslcac1d7be) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslcac1d7be.sys (Microsoft Corporation)
DRV - (MpKsleeb4cd12) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsleeb4cd12.sys (Microsoft Corporation)
DRV - (MpKsla213656c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsla213656c.sys (Microsoft Corporation)
DRV - (MpKsl9fa236a2) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl9fa236a2.sys (Microsoft Corporation)
DRV - (MpKsl2a1be77c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl2a1be77c.sys (Microsoft Corporation)
DRV - (MpKsla1cef5b6) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsla1cef5b6.sys (Microsoft Corporation)
DRV - (MpKsla9802961) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsla9802961.sys (Microsoft Corporation)
DRV - (MpKsl79582465) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl79582465.sys (Microsoft Corporation)
DRV - (MpKsldfaf8e6a) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsldfaf8e6a.sys (Microsoft Corporation)
DRV - (MpKslb584b310) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslb584b310.sys (Microsoft Corporation)
DRV - (MpKsl00947257) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl00947257.sys (Microsoft Corporation)
DRV - (MpKslc82af2ac) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslc82af2ac.sys (Microsoft Corporation)
DRV - (MpKslc4cc9430) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslc4cc9430.sys (Microsoft Corporation)
DRV - (MpKsla1e014b8) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsla1e014b8.sys (Microsoft Corporation)
DRV - (MpKsl49c6d372) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl49c6d372.sys (Microsoft Corporation)
DRV - (MpKsld28b8df9) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsld28b8df9.sys (Microsoft Corporation)
DRV - (MpKsl145d70ad) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl145d70ad.sys (Microsoft Corporation)
DRV - (MpKsl2db84f1c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl2db84f1c.sys (Microsoft Corporation)
DRV - (MpKsl3304f577) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl3304f577.sys (Microsoft Corporation)
DRV - (MpKsl487e3fa7) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl487e3fa7.sys (Microsoft Corporation)
DRV - (MpKslca03157c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslca03157c.sys (Microsoft Corporation)
DRV - (MpKsl6af832b7) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl6af832b7.sys (Microsoft Corporation)
DRV - (MpKslcc7b944b) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslcc7b944b.sys (Microsoft Corporation)
DRV - (MpKsl86d5db95) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl86d5db95.sys (Microsoft Corporation)
DRV - (MpKsl5d307f23) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl5d307f23.sys (Microsoft Corporation)
DRV - (MpKsl70113d55) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl70113d55.sys (Microsoft Corporation)
DRV - (MpKsl4876e13a) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl4876e13a.sys (Microsoft Corporation)
DRV - (MpKsl9885be52) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl9885be52.sys (Microsoft Corporation)
DRV - (MpKsl97ce11b0) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl97ce11b0.sys (Microsoft Corporation)
DRV - (MpKsl9fea8964) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl9fea8964.sys (Microsoft Corporation)
DRV - (MpKsla096351e) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsla096351e.sys (Microsoft Corporation)
DRV - (MpKsl3cd5adb0) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl3cd5adb0.sys (Microsoft Corporation)
DRV - (MpKsl0de627ca) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl0de627ca.sys (Microsoft Corporation)
DRV - (MpKslb370845b) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslb370845b.sys (Microsoft Corporation)
DRV - (MpKsl6b911708) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl6b911708.sys (Microsoft Corporation)
DRV - (MpKslc98d4418) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslc98d4418.sys (Microsoft Corporation)
DRV - (MpKsl59b6a117) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl59b6a117.sys (Microsoft Corporation)
DRV - (MpKsl6e834d77) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl6e834d77.sys (Microsoft Corporation)
DRV - (MpKsl76b6ff5b) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl76b6ff5b.sys (Microsoft Corporation)
DRV - (MpKsl58ea688c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl58ea688c.sys (Microsoft Corporation)
DRV - (MpKsl3868fca9) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl3868fca9.sys (Microsoft Corporation)
DRV - (MpKsl12fd40ba) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl12fd40ba.sys (Microsoft Corporation)
DRV - (MpKsl3d7c32ba) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl3d7c32ba.sys (Microsoft Corporation)
DRV - (MpKsl3ad1d77a) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl3ad1d77a.sys (Microsoft Corporation)
DRV - (MpKsl9c90f9fb) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl9c90f9fb.sys (Microsoft Corporation)
DRV - (MpKsl299ce536) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl299ce536.sys (Microsoft Corporation)
DRV - (MpKslfdc90eed) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslfdc90eed.sys (Microsoft Corporation)
DRV - (MpKslce431cc2) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslce431cc2.sys (Microsoft Corporation)
DRV - (MpKslcbb0a085) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslcbb0a085.sys (Microsoft Corporation)
DRV - (MpKslfbb8d78f) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslfbb8d78f.sys (Microsoft Corporation)
DRV - (MpKsl9da39e8e) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl9da39e8e.sys (Microsoft Corporation)
DRV - (MpKsl0ebbef3d) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl0ebbef3d.sys (Microsoft Corporation)
DRV - (MpKsl08463535) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl08463535.sys (Microsoft Corporation)
DRV - (MpKsl54bb46b9) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl54bb46b9.sys (Microsoft Corporation)
DRV - (MpKsl33d14aa9) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl33d14aa9.sys (Microsoft Corporation)
DRV - (MpKsl5313091c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl5313091c.sys (Microsoft Corporation)
DRV - (MpKsle2850501) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsle2850501.sys (Microsoft Corporation)
DRV - (MpKslca0902fc) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslca0902fc.sys (Microsoft Corporation)
DRV - (MpKslc5f2d355) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslc5f2d355.sys (Microsoft Corporation)
DRV - (MpKslf3fbf89e) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslf3fbf89e.sys (Microsoft Corporation)
DRV - (MpKsl71ee3df4) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl71ee3df4.sys (Microsoft Corporation)
DRV - (MpKsld502097b) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsld502097b.sys (Microsoft Corporation)
DRV - (MpKslc5eec913) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslc5eec913.sys (Microsoft Corporation)
DRV - (MpKsle6a15049) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsle6a15049.sys (Microsoft Corporation)
DRV - (MpKsl9a3210d4) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl9a3210d4.sys (Microsoft Corporation)
DRV - (MpKslea3b8669) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslea3b8669.sys (Microsoft Corporation)
DRV - (MpKsl56d97cc9) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl56d97cc9.sys (Microsoft Corporation)
DRV - (MpKsld703ca5c) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsld703ca5c.sys (Microsoft Corporation)
DRV - (MpKsl1c2466ab) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl1c2466ab.sys (Microsoft Corporation)
DRV - (MpKsl77e2e16f) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl77e2e16f.sys (Microsoft Corporation)
DRV - (MpKslf735cbba) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslf735cbba.sys (Microsoft Corporation)
DRV - (MpKsld537442f) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsld537442f.sys (Microsoft Corporation)
DRV - (MpKsl54282b6e) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl54282b6e.sys (Microsoft Corporation)
DRV - (MpKsl90832eaf) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl90832eaf.sys (Microsoft Corporation)
DRV - (MpKslab72a74e) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslab72a74e.sys (Microsoft Corporation)
DRV - (MpKsl1e650b63) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl1e650b63.sys (Microsoft Corporation)
DRV - (MpKsl694c0a85) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl694c0a85.sys (Microsoft Corporation)
DRV - (MpKsled21ff56) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsled21ff56.sys (Microsoft Corporation)
DRV - (MpKsl346de3c8) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl346de3c8.sys (Microsoft Corporation)
DRV - (MpKsld0d4a5c7) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsld0d4a5c7.sys (Microsoft Corporation)
DRV - (MpKslc72e11a1) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslc72e11a1.sys (Microsoft Corporation)
DRV - (MpKsl4d46b6e8) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl4d46b6e8.sys (Microsoft Corporation)
DRV - (MpKsl0a55bf42) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl0a55bf42.sys (Microsoft Corporation)
DRV - (MpKsl51d3d2e2) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl51d3d2e2.sys (Microsoft Corporation)
DRV - (MpKslba980cfd) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslba980cfd.sys (Microsoft Corporation)
DRV - (MpKsl1a854ee1) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl1a854ee1.sys (Microsoft Corporation)
DRV - (MpKsl733fbf21) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl733fbf21.sys (Microsoft Corporation)
DRV - (MpKsl14081e04) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl14081e04.sys (Microsoft Corporation)
DRV - (MpKsl3dfb84c6) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl3dfb84c6.sys (Microsoft Corporation)
DRV - (MpKslea183040) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslea183040.sys (Microsoft Corporation)
DRV - (MpKslab056cc6) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslab056cc6.sys (Microsoft Corporation)
DRV - (MpKsl4e4a4c51) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl4e4a4c51.sys (Microsoft Corporation)
DRV - (MpKslcdf18274) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslcdf18274.sys (Microsoft Corporation)
DRV - (MpKslfd294182) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslfd294182.sys (Microsoft Corporation)
DRV - (MpKsl325ec6e7) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl325ec6e7.sys (Microsoft Corporation)
DRV - (MpKsl9525ab8b) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl9525ab8b.sys (Microsoft Corporation)
DRV - (MpKsl714e0ba2) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl714e0ba2.sys (Microsoft Corporation)
DRV - (MpKsla2c97c2f) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsla2c97c2f.sys (Microsoft Corporation)
DRV - (MpKslb8c6c253) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslb8c6c253.sys (Microsoft Corporation)
DRV - (MpKsl1d99b920) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl1d99b920.sys (Microsoft Corporation)
DRV - (MpKsl09c9d423) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl09c9d423.sys (Microsoft Corporation)
DRV - (MpKsl709b498a) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl709b498a.sys (Microsoft Corporation)
DRV - (MpKsld1d628da) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsld1d628da.sys (Microsoft Corporation)
DRV - (MpKslaed2410b) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKslaed2410b.sys (Microsoft Corporation)
DRV - (MpKsl9f3be310) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{69269A3E-438F-4C1E-A54E-B55289FE52A4}\MpKsl9f3be310.sys (Microsoft Corporation)
DRV - (dsNcAdpt) -- C:\WINDOWS\system32\drivers\dsNcAdpt.sys (Juniper Networks)
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfendiskmp) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mfendisk) -- C:\WINDOWS\system32\drivers\mfendisk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdi2k) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\WINDOWS\system32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (s616bus) Sony Ericsson Device 616 driver (WDM) -- C:\WINDOWS\system32\drivers\s616bus.sys (MCCI Corporation)
DRV - (CoachVid) -- C:\WINDOWS\system32\drivers\CoachVid.sys (FotoNation Inc.)
DRV - (StkAMini) -- C:\WINDOWS\system32\drivers\StkAMini.sys (Syntek America Inc.)
DRV - (StkScan) -- C:\WINDOWS\system32\drivers\StkScan.sys (Syntek America Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (NPPTNT2) -- C:\WINDOWS\system32\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (Usblink) -- C:\WINDOWS\system32\drivers\ulink.sys ()
DRV - (DCamUSBMke) -- C:\WINDOWS\system32\drivers\Mkeusbi.sys (Matsushita-Kotobuki Electronics Ind.,Ltd.)
DRV - (MKEMUSB) -- C:\WINDOWS\system32\drivers\Mkemusb.sys (Matsushita Kotobuki Electronics Industries, Ltd.)
DRV - (EUSBSCSI) -- C:\WINDOWS\system32\drivers\EUSBSCSI.SYS (SCM Microsystems Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/01 00:47:10 | 000,000,000 | ---D | M]
[2008/11/21 23:41:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Application Data\Mozilla\Extensions
[2008/11/21 23:41:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Application Data\Mozilla\Firefox\Profiles\smy70p93.default\extensions
[2008/11/25 23:29:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/08/29 17:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2007/07/03 10:20:48 | 000,069,632 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2007/11/20 16:52:00 | 002,884,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
O1 HOSTS File: ([2011/04/29 00:24:24 | 000,433,490 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1
www.123haustiereundmehr.comO1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 14921 more lines...
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20110501004421.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE (Corel Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] File not found
O4 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009..\Run: [jlxlvxxi] File not found
O4 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\Pin.lnk = C:\hp\bin\cloaker.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableProfileQuota = 1
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\Corel\WordPerfect Office X5\Programs\WPLauncher.hta ()
O15 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\..Trusted Domains: amazon.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3897567626-3988324131-189734360-1009\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}
https://activatemywifi.verizon.net/sdcC ... taller.cab (Support.com Configuration Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
http://www2.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 6441798828 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
https://ftsaccess.foxtv.com/dana-cached ... Client.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O29 - HKLM SecurityProviders - (miwhhjse.dll) - File not found
O29 - HKLM SecurityProviders - (mjavtqmq.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/12/05 02:50:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{12ed4927-754e-11df-8018-0017318c48aa}\Shell\AutoRun\command - "" = J:\driver\usb\–Í€ŒŽ
O33 - MountPoints2\{12ed4927-754e-11df-8018-0017318c48aa}\Shell\open\command - "" = J:\driver\usb\–Í€ŒŽ
O33 - MountPoints2\{12ed4928-754e-11df-8018-0017318c48aa}\Shell\AutoRun\command - "" = driver\usb\–Í€ŒŽ
O33 - MountPoints2\{12ed4928-754e-11df-8018-0017318c48aa}\Shell\open\command - "" = driver\usb\–Í€ŒŽ
O33 - MountPoints2\{4716eb80-c91a-11dd-bfbd-0017318c48aa}\Shell - "" = AutoRun
O33 - MountPoints2\{4716eb80-c91a-11dd-bfbd-0017318c48aa}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4716eb80-c91a-11dd-bfbd-0017318c48aa}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{d082179c-3dce-11de-bfe5-0017318c48aa}\Shell - "" = AutoRun
O33 - MountPoints2\{d082179c-3dce-11de-bfe5-0017318c48aa}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d082179c-3dce-11de-bfe5-0017318c48aa}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\rar.exe /s
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/05/04 07:05:56 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Desktop\OTL.exe
[2011/05/04 06:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/05/03 18:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2011/05/03 18:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Local Settings\Application Data\Downloaded Installations
[2011/05/03 18:42:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Carbonite
[2011/05/03 18:42:17 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2011/05/03 18:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2011/05/03 18:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2011/05/03 14:14:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/05/02 16:45:20 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/05/02 16:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\PCHealth
[2011/05/02 16:21:58 | 000,000,000 | ---D | C] -- C:\aa86ad911d3b7e7a30c6ce
[2011/05/02 16:13:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/02 15:23:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Desktop\New Folder
[2011/05/01 00:07:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Juniper Networks
[2011/05/01 00:07:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Application Data\Juniper Networks
[2011/04/30 22:44:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Identities
[2011/04/30 17:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\Toyota Highlander
[2011/04/29 02:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2011/04/29 02:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2011/04/28 23:21:54 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/04/28 23:21:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/04/28 23:21:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/04/28 23:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Application Data\McAfee
[2011/04/17 17:11:34 | 000,406,896 | ---- | C] (Juniper Networks) -- C:\WINDOWS\System32\dsNcSmartCardProv.dll
[2011/04/17 17:11:34 | 000,361,840 | ---- | C] (Juniper Networks) -- C:\WINDOWS\System32\dsNcCredProv.dll
[2011/04/17 17:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Juniper Networks
[2011/04/17 17:10:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2011/04/16 13:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\TAXES_2010
[2007/01/24 23:26:37 | 000,049,152 | R--- | C] (Matsushita Electric Industrial Co.,Ltd.) -- C:\Program Files\Common Files\HDvAvi.dll
[2004/11/24 14:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\*.tmp files -> C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\*.tmp -> ]
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/05/04 07:04:04 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2011/05/04 07:00:12 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/05/04 06:39:29 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/04 06:34:54 | 000,001,603 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2011/05/04 06:34:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/04 06:34:12 | 3152,596,992 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/03 19:22:16 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Desktop\OTL.exe
[2011/05/03 18:44:25 | 000,001,871 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2011/05/03 18:42:22 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Carbonite Online Backup Setup.lnk
[2011/05/03 18:42:10 | 000,002,027 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Application Data\Microsoft\Internet Explorer\Quick Launch\muvee Reveal Seagate Edition.lnk
[2011/05/03 18:42:10 | 000,002,009 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\muvee Reveal Seagate Edition.lnk
[2011/05/03 16:00:21 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\vtscheduletask.job
[2011/05/02 16:32:31 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/05/02 16:31:29 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/01 00:39:25 | 000,001,779 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Virtual Technician.lnk
[2011/04/30 07:42:56 | 000,015,660 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\Toyota temp IDCard.pdf
[2011/04/29 13:36:31 | 001,951,030 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\Emersen Fence Quote.pdf
[2011/04/29 00:24:24 | 000,433,490 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/04/28 22:44:53 | 000,016,942 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Local Settings\Application Data\82g4ixb78ofy7jnbf3x7
[2011/04/28 22:44:53 | 000,016,942 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\82g4ixb78ofy7jnbf3x7
[2011/04/13 21:56:55 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/13 03:30:29 | 000,235,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/13 03:13:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/13 03:10:58 | 000,442,796 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/13 03:10:58 | 000,071,936 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\*.tmp files -> C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\*.tmp -> ]
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/05/03 18:44:25 | 000,001,871 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seagate Manager.lnk
[2011/05/03 18:42:22 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Carbonite Online Backup Setup.lnk
[2011/05/03 18:42:10 | 000,002,027 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Application Data\Microsoft\Internet Explorer\Quick Launch\muvee Reveal Seagate Edition.lnk
[2011/05/03 18:42:10 | 000,002,009 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\muvee Reveal Seagate Edition.lnk
[2011/05/03 18:40:55 | 000,001,087 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Seagate muvee Reveal.lnk
[2011/05/03 01:41:29 | 000,001,603 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Total Protection.lnk
[2011/05/02 16:37:21 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/02 16:32:05 | 000,001,688 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/05/02 16:15:00 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/05/01 00:39:25 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Virtual Technician.lnk
[2011/05/01 00:39:04 | 000,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Virtual Technician.lnk
[2011/04/30 07:42:56 | 000,015,660 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\Toyota temp IDCard.pdf
[2011/04/29 13:36:31 | 001,951,030 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\Emersen Fence Quote.pdf
[2011/04/28 23:00:28 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\vtscheduletask.job
[2011/04/28 22:38:50 | 000,016,942 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Local Settings\Application Data\82g4ixb78ofy7jnbf3x7
[2011/04/28 22:38:50 | 000,016,942 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\82g4ixb78ofy7jnbf3x7
[2011/01/25 23:49:37 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2011/01/04 15:47:27 | 000,001,344 | ---- | C] () -- C:\WINDOWS\System32\odbcinst.ini
[2010/10/09 16:01:13 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\msexcr.ini
[2010/09/04 16:49:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/08/10 16:50:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Application Data\wklnhst.dat
[2010/07/21 20:15:30 | 000,037,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\ulink.sys
[2010/07/21 20:15:29 | 000,005,406 | ---- | C] () -- C:\WINDOWS\System32\drivers\M5633.bin
[2010/06/29 21:44:54 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009/12/30 19:44:33 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/12/30 19:44:32 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009/12/30 19:44:32 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009/12/30 19:44:32 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009/12/30 19:44:32 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009/12/30 19:44:32 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009/12/30 19:44:32 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009/12/30 19:44:32 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009/12/30 19:44:32 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009/12/30 19:44:31 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009/12/30 19:44:31 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009/12/30 19:44:31 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009/12/30 19:44:31 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009/12/30 19:44:31 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009/12/30 19:44:31 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009/12/30 19:44:31 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009/12/30 18:57:38 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PERFV100V350.ini
[2009/12/30 18:54:31 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfw66.bin
[2009/04/17 03:09:51 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/04/04 19:40:02 | 000,000,007 | ---- | C] () -- C:\WINDOWS\System32\pllk.bin
[2009/04/04 18:27:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\a9k.bin
[2009/03/17 16:50:00 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2009/02/16 19:20:54 | 000,000,071 | ---- | C] () -- C:\WINDOWS\pex.INI
[2009/01/26 20:47:42 | 000,454,656 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2008/11/20 07:26:53 | 000,063,488 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/11 07:35:50 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Local Settings\Application Data\fusioncache.dat
[2008/10/05 00:39:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2008/07/05 06:14:48 | 000,456,192 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/07/05 06:14:44 | 003,591,168 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/07/05 06:13:16 | 000,708,096 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/06/22 12:34:00 | 000,177,664 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/06/13 06:39:38 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/06/12 13:36:38 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/03/29 08:23:46 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2008/03/16 11:56:12 | 000,001,289 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/03/16 09:45:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/03/08 15:30:49 | 000,000,033 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2008/01/13 23:59:36 | 000,056,320 | ---- | C] () -- C:\WINDOWS\ginstall.dll
[2007/10/03 13:07:27 | 000,000,001 | ---- | C] () -- C:\WINDOWS\rmaamiss.dll
[2007/03/18 21:51:02 | 000,000,137 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/02/04 20:59:18 | 000,006,330 | ---- | C] () -- C:\WINDOWS\CDex.INI
[2006/11/15 13:53:04 | 000,063,730 | ---- | C] () -- C:\Program Files\viewsonicinstruct_xp.pdf
[2006/11/15 13:47:02 | 000,000,101 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2006/11/02 11:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006/10/30 20:03:36 | 000,000,311 | ---- | C] () -- C:\WINDOWS\EReg077.dat
[2006/10/30 20:03:16 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2006/10/30 19:37:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/10/25 09:17:48 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2006/05/25 02:31:06 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/25 02:05:54 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/05/25 02:01:14 | 000,118,842 | R--- | C] () -- C:\WINDOWS\HPCPCUninstaller-6.3.2.116-5577497.exe
[2006/05/25 02:00:05 | 000,667,896 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2006/05/25 02:00:05 | 000,001,227 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2006/05/25 01:59:57 | 000,012,994 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/05/25 01:59:51 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/05/25 01:57:39 | 000,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/05/25 01:56:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/05/25 01:44:07 | 000,000,086 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/05/25 01:42:27 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/05/25 01:42:27 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/05/25 01:37:35 | 000,095,822 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/05/25 01:36:12 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/05/25 01:33:29 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/05/25 01:33:28 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/05/25 01:33:28 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/05/25 01:33:28 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/05/25 01:33:28 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/05/25 01:33:28 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/05/25 01:33:28 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/05/25 01:33:28 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/05/25 01:33:26 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/05/25 01:33:26 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/05/25 01:33:26 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/05/25 01:18:44 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/05/25 01:15:13 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/03/02 17:31:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/12/05 03:05:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/12/05 02:55:08 | 000,442,796 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/12/05 02:55:08 | 000,071,936 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/12/05 02:53:22 | 000,235,168 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/12/05 02:50:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/12/05 02:48:22 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/12/14 07:04:48 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/14 07:02:49 | 001,175,552 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/10/03 12:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/06/15 17:38:00 | 000,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2001/08/23 18:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 18:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1996/11/17 02:37:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
========== Files - Unicode (All) ==========[2009/06/12 12:17:55 | 000,025,600 | ---- | M] ()(C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\????????????????????????????.doc) -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\该版本软件增加了在录像的视频文件右上角显示录像时间的功能.doc
[2009/06/12 12:17:55 | 000,025,600 | ---- | C] ()(C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\????????????????????????????.doc) -- C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\My Documents\该版本软件增加了在录像的视频文件右上角显示录像时间的功能.doc
< End of report >
Here is the Extras Log file:
OTL Extras logfile created on: 5/4/2011 7:07:53 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Compaq_Owner.KAGJRBDRM\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 74.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 104.68 Gb Total Space | 60.69 Gb Free Space | 57.98% Space Free | Partition Type: NTFS
Drive D: | 7.09 Gb Total Space | 0.36 Gb Free Space | 5.08% Space Free | Partition Type: FAT32
Computer Name: KAGJRBDRM | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"56685:TCP" = 56685:TCP:*:Enabled:Pando Media Booster
"56685:UDP" = 56685:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"56685:TCP" = 56685:TCP:*:Enabled:Pando Media Booster
"56685:UDP" = 56685:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{13EBF9E8-82FF-47D0-A324-534B79EF7F71}" = WordPerfect Office X5 - WT
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{15C77FC3-8137-4A5E-8F81-F559045DD6B0}" = Shipping Assistant 3.7
"{17C5A285-F7B6-492B-8F3B-343D02B84D75}" = WordPerfect Office X5 - Common
"{19B4CD07-1919-4002-B28F-A5D2027026E0}" = WordPerfect Office X5 - IPM
"{1B15D991-5619-4BC1-B71E-3DE793B792FC}" = ArcSoft MediaConverter 2
"{1C278B97-9D25-48B0-9A4E-F4F2BB992043}" = EPSON Perfection V100 Photo Scanner Driver Update
"{1DF03ECE-6AF4-414E-B118-C316F151A9A2}" = Corel WordPerfect Office - iFilter
"{1F0D7D15-8A36-4AE4-8573-70BEA7DF379D}" = WordPerfect Office X5 - Migration Manager
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 23
"{272C8DEE-F54F-406C-9AA6-B4DE2985A47C}" = Flash Drive Tester v1.14
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2CAF1DE6-AF95-46A6-A96F-C5E71423C71C}" = Digital Camera Driver
"{2EC502F7-CBB0-44F8-8F5D-C9A6FC1E5A2A}" = LightScribe System Software
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{378BAC91-3AE8-45F0-90E4-4F81E3EAEBC5}" = WordPerfect Office X5 - PR
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta)
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4873CC58-69D8-490D-9E5C-001DC2EE2010}" = WordPerfect Lightning - Messages
"{4873CC58-69D8-490D-9E5C-001DC2EE2020}" = WordPerfect Lightning - IPM
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{64459BD5-3AE8-4689-B7B0-D57B667D8399}" = WordPerfect Office X5 - PerfectExperts EN
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{67ED9603-CB76-4338-B7B0-690FE144C4DA}" = WordPerfect Lightning
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6C13C708-FF28-4991-84E6-5526A0EE677B}" = WordPerfect Office X5 - Oxford
"{6CB9C12F-AF20-4FF4-BFFA-F4502B9F5F8A}" = Digital Camera Driver
"{6E4B1E42-A831-44B4-A705-D006F68560EC}" = WordPerfect Office X5 - Graphics
"{71D2F8EE-9D45-4D95-A6F6-F6433C2B94B5}" = WordPerfect Office X5 - System EN
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE VCD
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{78E9A751-5616-233F-1249-16AC5758C646}" = muvee Reveal Seagate Edition
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{92B60B3B-7DF3-4BF7-8823-9F17A9EEA31E}" = WordPerfect Office X5
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6FD1334-FD75-4951-935D-08F8C7E4C6B0}" = WordPerfect Office X5 - Sharepoint
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C29CE41A-3268-4A5C-8B29-5799906785E9}" = Wi-Fi Connect
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD5C6C29-E6CB-4DF3-B45F-A04087B1C294}" = WordPerfect Office X5 - Templates
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic
"{D4167D08-0F61-4F44-BC3F-26B4960745C4}" = WordPerfect Office X5 - Skins
"{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5
"{D7643510-C1AE-44AD-B0F9-0665C4D73BFD}" = WordPerfect Office X5 - LegalTools
"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DAEDCD3D-B981-4F10-B17B-764753EDAF9F}" = WordPerfect Office X5 - QP
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5 - Setup Files
"{E337B156-DF81-48D8-8977-B1574EE87BCF}" = USB2.0 Capture Device
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E539B721-4458-4EFC-8BD0-04D4842051AE}" = Wordperfect Office X5 - EN
"{E67732DE-3387-4F1E-BDDA-2D0C08BC025B}" = WordPerfect Office X5 - Filters
"{EC61C6D9-159B-4B14-AAF3-AF33FCFA50DD}" = WordPerfect Office X5 - WP
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F68794FD-9BBA-44FB-976C-4FCE2B447476}" = Palmcorder USB Device Driver 3.01
"{F6EE49FD-B736-4888-A05A-115F3B1160FA}" = WordPerfect Lightning - MSOM
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FD2E3551-29BB-4FC6-B775-A3330955F7B6}" = Searchme Toolbar
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"AudibleManager" = AudibleManager
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"CCleaner" = CCleaner
"Desktop FLV Player_is1" = FLVhosting Desktop FLV Player Ver 2.00
"Dia" = Dia (remove only)
"diashapes" = diashapes
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EPSON Scanner" = EPSON Scan
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Install WeatherBug" = Remove WeatherBug Installer
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"MapleStory" = MapleStory
"McAfee Virtual Technician" = McAfee Virtual Technician
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Money2006b" = Microsoft Money 2006
"MSC" = McAfee Total Protection
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Polaroid PolaColor Insight v4.5" = Polaroid PolaColor Insight v4.5 (Remove only)
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer
"Samsung CLP-300 Series" = Samsung CLP-300 Series
"Silent Package Run-Time Sample" = EPSON Perfection V100P User's Guide
"SprintScan35 v2.6" = SprintScan 35
"TeamViewer 6" = TeamViewer 6
"Visio Technical" = Visio Technical
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = Gimp 2.6.2 Debug
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"XviD" = XviD MPEG-4 Codec
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3897567626-3988324131-189734360-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.0.0.320
"Juniper_Setup_Client" = Juniper Networks Setup Client
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 5/2/2011 4:33:23 PM | Computer Name = KAGJRBDRM | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80072efe, P2 endsearch, P3 search, P4 3.0.8107.0,
P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.
Error - 5/3/2011 11:04:45 AM | Computer Name = KAGJRBDRM | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2680 (0xa78) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.794
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\system32\clbcatq.dll
by C:\WINDOWS\System32\alg.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 5/3/2011 2:14:43 PM | Computer Name = KAGJRBDRM | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0, P2 moaccapability, P3 3.0.8107.0, P4
0, P5 0, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 5/3/2011 6:13:43 PM | Computer Name = KAGJRBDRM | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 3976 (0xf88) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.794
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab.bak
by C:\WINDOWS\System32\svchost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 5/3/2011 6:14:43 PM | Computer Name = KAGJRBDRM | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/3/2011 6:15:19 PM | Computer Name = KAGJRBDRM | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80072efe, P2 endsearch, P3 search, P4 3.0.8107.0,
P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.
Error - 5/3/2011 6:15:38 PM | Computer Name = KAGJRBDRM | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
Error - 5/4/2011 2:10:30 AM | Computer Name = KAGJRBDRM | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 3404 (0xd4c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.794
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab.bak
by C:\WINDOWS\System32\svchost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
Error - 5/4/2011 7:07:04 AM | Computer Name = KAGJRBDRM | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.22.3, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 5/4/2011 7:13:07 AM | Computer Name = KAGJRBDRM | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2912 (0xb60) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.794
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab.bak
by C:\WINDOWS\System32\svchost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)
7004(0)(0) 5006(0)(0) 5004(0)(0)
[ System Events ]
Error - 5/4/2011 12:10:46 AM | Computer Name = KAGJRBDRM | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 b9f3b71d, parameter3
a6d79738, parameter4 00000000.
Error - 5/4/2011 2:11:30 AM | Computer Name = KAGJRBDRM | Source = Service Control Manager | ID = 7031
Description = The McShield service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 5000 milliseconds: Restart
the service.
Error - 5/4/2011 6:34:57 AM | Computer Name = KAGJRBDRM | Source = Service Control Manager | ID = 7000
Description = The Panasonic Digital Palmcorder service failed to start due to the
following error: %%1058
Error - 5/4/2011 6:34:57 AM | Computer Name = KAGJRBDRM | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%20
Error - 5/4/2011 6:36:16 AM | Computer Name = KAGJRBDRM | Source = WMPNetworkSvc | ID = 866312
Description = A new media server was not initialized because WMCreateDeviceRegistration()
encountered error '0x80070057'. The Windows Media DRM components on your computer
might be corrupted. Verify that protected files play correctly in Windows Media
Player, and then restart the WMPNetworkSvc service.
Error - 5/4/2011 6:36:19 AM | Computer Name = KAGJRBDRM | Source = WMPNetworkSvc | ID = 866312
Description = A new media server was not initialized because WMCreateDeviceRegistration()
encountered error '0x80070057'. The Windows Media DRM components on your computer
might be corrupted. Verify that protected files play correctly in Windows Media
Player, and then restart the WMPNetworkSvc service.
Error - 5/4/2011 7:02:15 AM | Computer Name = KAGJRBDRM | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 b9f3b71d, parameter3
a72a0738, parameter4 00000000.
Error - 5/4/2011 7:02:24 AM | Computer Name = KAGJRBDRM | Source = DCOM | ID = 10010
Description = The server {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} did not register
with DCOM within the required timeout.
Error - 5/4/2011 7:02:47 AM | Computer Name = KAGJRBDRM | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 b9f3b71d, parameter3
a579f738, parameter4 00000000.
Error - 5/4/2011 7:13:08 AM | Computer Name = KAGJRBDRM | Source = Service Control Manager | ID = 7031
Description = The McShield service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 5000 milliseconds: Restart
the service.
< End of report >
Gamer text results:GMER 1.0.15.15572 -
http://www.gmer.netRootkit scan 2011-05-04 11:23:19
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort2 ST3120213AS rev.3.AHH
Running: f8hmgdz9.exe; Driver: C:\DOCUME~1\COMPAQ~1.KAG\LOCALS~1\Temp\pxliypog.sys
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\Explorer.EXE[932] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00D1000A
.text C:\WINDOWS\Explorer.EXE[932] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D2000A
.text C:\WINDOWS\Explorer.EXE[932] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00C2000C
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 8AC4E33B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 8AC4E33B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP2T0L0-5 8AC4E33B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort2 8AC4E33B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort3 8AC4E33B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort4 8AC4E33B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort5 8AC4E33B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T1L0-1f 8AC4E33B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-17 8AC4E33B
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs BA0DB400
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 TDL4@MBR code has been found <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- EOF - GMER 1.0.15 ----