I went into safe mode and then after 5-10 mins, it turned off by itself. I have no clue why this is happening.
I went into safe mode and then after 5-10 mins, it turned off by itself. I have no clue why this is happening.
Let's check this:
- Please download OTViewIt by OldTimer and save it to your Desktop.
- Close all applications and windows.
- Double-click on the OTViewIt.exeto start OTViewIt.
- Place a checkmark in the blue-colored "Scan All Users" checkbox.
- Click the blue Run Scan button.
- OTViewIt will now start its scan.
- When the scan is complete, two text files will be created, OTViewIt.Txt <- this one will be opened in Notepad and Extras.txt, on Desktop.
- Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTViewIt.Txt and the Extras.txt to your post.
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006
Here is my otviewit.txt. Ok i have to post half of it on here because i can't post the full log. It was too big.
OTViewIt logfile created on: 11/10/2008 6:11:55 AM - Run
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\Home\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.98 Mb Total Physical Memory | 530.74 Mb Available Physical Memory | 59.37% Memory free
2.12 Gb Paging File | 1.76 Gb Available in Paging File | 83.40% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 26.87 Gb Free Space | 48.09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DELL-B3446AB14D
Current User Name: Home
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== Processes ==========
[2006/10/11 21:37:24 | 00,430,080 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2007/09/11 11:26:10 | 00,264,800 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
[2006/10/11 21:37:24 | 00,430,080 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2007/03/16 18:10:46 | 00,020,480 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
[2007/03/16 18:10:42 | 01,253,376 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\BCMWLTRY.EXE
[2008/10/28 21:17:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
[2008/10/28 21:17:22 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
[2008/01/15 02:40:04 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2005/03/14 12:05:02 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
[2007/10/09 18:56:30 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
[2004/08/04 02:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
[2006/03/08 12:48:02 | 00,761,947 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2007/05/14 14:23:32 | 01,191,936 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
[2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2008/01/15 03:22:56 | 00,267,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2004/08/04 02:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2007/10/09 18:56:24 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
[2008/06/12 13:28:45 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
[2008/06/12 16:57:18 | 00,991,584 | ---- | M] (Vendio Services, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe
[2006/09/11 04:40:32 | 00,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
[2007/07/17 13:46:20 | 01,328,400 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
[2007/09/11 11:26:12 | 00,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[2007/05/09 16:58:30 | 00,233,579 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
[2008/01/15 03:22:44 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe
[2007/09/11 11:26:12 | 01,440,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
[2008/11/10 06:11:26 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home\Desktop\OTViewIt.exe
========== (O23) Win32 Services ==========
[2008/10/28 21:17:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
[2008/10/28 21:17:22 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])
[2008/01/15 02:40:04 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2006/10/11 21:37:24 | 00,430,080 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])
[2007/09/11 11:26:10 | 00,264,800 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])
[2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2007/03/19 12:44:44 | 00,070,656 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService [On_Demand | Stopped])
[2008/10/22 15:06:36 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/01/15 03:22:44 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2005/03/14 12:05:02 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
[2007/06/05 12:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing [Disabled | Stopped])
File not found -- -- (RoxLiveShare9 [Auto | Stopped])
[2007/12/10 13:59:04 | 00,353,280 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
[2007/10/09 18:56:30 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter [Auto | Running])
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
[2007/10/25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2007/03/16 18:10:46 | 00,020,480 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE -- (wltrysvc [Auto | Running])
[2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Driver Services ==========
[2006/07/01 22:39:40 | 00,036,864 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8 [System | Running])
[2005/08/12 17:50:46 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV [System | Running])
[2006/10/11 21:43:56 | 01,777,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2006/09/13 18:41:46 | 00,003,456 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atiide.sys -- (atiide [Boot | Running])
[2007/02/27 14:25:01 | 00,011,840 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
[2008/05/20 15:29:41 | 00,052,032 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
[2008/06/27 14:03:55 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb [System | Running])
[2007/03/16 18:10:46 | 00,604,928 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX [On_Demand | Running])
[2006/11/21 04:25:44 | 00,045,568 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
[2008/07/06 20:29:38 | 00,539,432 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,037,424 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver [On_Demand | Running])
[2004/08/03 23:10:40 | 00,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\BthEnum.sys -- (BthEnum [On_Demand | Stopped])
[2004/08/03 23:10:40 | 00,038,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthmodem.sys -- (BTHMODEM [On_Demand | Stopped])
[2004/08/03 22:58:40 | 00,100,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthpan.sys -- (BthPan [On_Demand | Stopped])
[2008/06/13 05:10:50 | 00,272,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])
[2004/08/03 22:10:36 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\BTHUSB.SYS -- (BTHUSB [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,879,496 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL [On_Demand | Running])
[2008/07/06 20:29:38 | 00,156,392 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,055,352 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,037,280 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,074,656 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB [On_Demand | Stopped])
[2004/12/13 13:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [Boot | Stopped])
[2006/10/05 17:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct [On_Demand | Stopped])
[2007/02/25 12:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv [Auto | Running])
[2006/09/19 14:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2004/08/03 22:10:38 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidbth.sys -- (HidBth [On_Demand | Stopped])
[2006/01/31 16:48:56 | 00,049,664 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
[2006/01/31 16:48:57 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
[2006/01/31 16:48:53 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
[2005/12/01 01:40:56 | 00,936,960 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
[2005/12/01 01:40:12 | 00,192,512 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
[2004/08/03 22:58:36 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Stopped])
[2005/10/04 23:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2007/08/15 06:27:18 | 00,009,600 | ---- | M] () -- C:\WINDOWS\system32\drivers\n558.sys -- (n558 [On_Demand | Stopped])
[2008/10/20 15:30:20 | 00,027,904 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\system32\drivers\ndisprot.sys -- (Ndisprot [On_Demand | Stopped])
[2007/02/22 10:15:56 | 00,137,216 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd [On_Demand | Stopped])
[2007/02/22 10:15:14 | 00,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc [On_Demand | Stopped])
[2007/02/22 10:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm [On_Demand | Stopped])
[2006/03/27 15:02:06 | 00,074,752 | ---- | M] (Novatel Wireless Inc) -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI [On_Demand | Running])
[2004/08/04 02:00:00 | 00,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx [Auto | Running])
[2004/08/04 02:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb [Auto | Running])
[2004/08/04 02:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx [Auto | Running])
[2006/04/10 09:46:36 | 00,018,560 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50 [On_Demand | Stopped])
[2008/01/18 13:14:53 | 00,035,936 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\Pcouffin.sys -- (Pcouffin [On_Demand | Running])
[2003/09/19 14:45:48 | 00,021,248 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2004/08/04 02:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/05/01 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/03 23:10:40 | 00,059,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Stopped])
[2006/11/15 00:16:24 | 00,032,256 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running])
[2007/05/31 13:39:50 | 00,022,656 | ---- | M] (Research In Motion Limited) -- C:\WINDOWS\system32\drivers\RimUsb.sys -- (RimUsb [On_Demand | Stopped])
[2007/01/18 10:24:58 | 00,026,496 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort [On_Demand | Stopped])
[2004/08/04 02:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM [On_Demand | Stopped])
[2004/08/04 02:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2004/08/04 02:00:00 | 00,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Stopped])
[2004/08/04 02:00:00 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2004/02/10 13:40:56 | 00,127,692 | ---- | M] () -- C:\WINDOWS\system32\drivers\pfc027.sys -- (SoC PC-Camera Service [On_Demand | Stopped])
[2008/10/18 11:10:31 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2006/01/26 13:21:04 | 00,034,686 | ---- | M] (Service & Quality Technology.) -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C [On_Demand | Stopped])
[2007/03/01 09:34:22 | 00,028,352 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv [System | Running])
[2007/05/10 10:24:34 | 01,222,840 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA [On_Demand | Running])
[2001/08/17 12:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam [On_Demand | Running])
[2006/03/08 12:35:10 | 00,191,872 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2008/01/15 02:39:58 | 00,030,464 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2004/08/03 23:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])
[2005/12/01 01:40:08 | 00,669,696 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
[2004/08/03 15:07:42 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi [System | Running])
[2004/08/04 02:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])
========== (R ) Internet Explorer ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://www.google.com/ie
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.google.com
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.google.com
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://www.google.com
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.google.com/
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.google.com/
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
========== (O1) Hosts File ==========
HOSTS File = (795 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
========== (O2) BHO's ==========
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
{6A87B991-A31F-4130-AE72-6D0C294BF082} (HKLM) -- C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (HKLM) -- C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
========== (O3) Toolbars ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" (HKLM) -- C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}" (HKLM) -- C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" (HKLM) -- C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}" (HKLM) -- C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" (HKLM) -- C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.)
========== (O4) Run Keys ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"au"=C:\Program Files\Dealio\DealioAU.exe (Vendio Services, Inc.)
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min (Avira GmbH)
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" ( )
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe (Vendio Services, Inc.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (Macrovision Corporation)
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"RIMDeviceManager"="C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer (Research In Motion Limited)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (Macrovision Corporation)
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"RIMDeviceManager"="C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer (Research In Motion Limited)
========== (O4) Startup Folders ==========
[2007/09/11 11:26:12 | 00,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
========== (O6 & O7) Current Version Policies ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
========== (O8) IE Context Menu Extensions ==========
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Compare Prices with &Dealio: C:\Documents and Settings\Home\Application Data\Dealio\kb127\res\DealioSearch.html [2008/04/16 18:11:48 | 00,000,670 | ---- | M] ()
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
Link to &MidpX: C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm File not found
Send to &Bluetooth Device...: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [2006/08/16 07:16:32 | 00,002,773 | ---- | M] ()
Send To Bluetooth: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2006/08/16 07:16:32 | 00,005,589 | ---- | M] ()
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\MenuExt\]
Compare Prices with &Dealio: C:\Documents and Settings\Home\Application Data\Dealio\kb127\res\DealioSearch.html [2008/04/16 18:11:48 | 00,000,670 | ---- | M] ()
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
Link to &MidpX: C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm File not found
Send to &Bluetooth Device...: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [2006/08/16 07:16:32 | 00,002,773 | ---- | M] ()
Send To Bluetooth: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2006/08/16 07:16:32 | 00,005,589 | ---- | M] ()
========== (O9) IE Extensions ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{E908B145-C847-4e85-B315-07E2E70DECF8}: Button: Dealio -- %ProgramFiles%\Dealio\kb127\Dealio.dll [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
{E908B145-C847-4e85-B315-07E2E70DECF8}: Menu: Dealio -- %ProgramFiles%\Dealio\kb127\Dealio.dll [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 14:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 14:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
========== (O12) Internet Explorer Plugins ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/control...ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
========== (O13) Default Prefixes ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
Here is the other half.
========== (O15) Trusted Sites ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.
========== (O16) DPF ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_07
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}: http://support.f-secure.com/ols/fscax.cab -- F-Secure Online Scanner 3.3
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_03
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_05
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_07
========== (O17) DNS Name Servers ==========
{3ADFAA5C-AA48-48B3-8CF8-F80AAE47DB8C} (Servers: | Description: )
{417CC932-B9FB-4E4D-9B2C-0CB859AC6D4C} (Servers: | Description: )
{5E14DD4E-9657-446A-8877-F53BC78E8750} (Servers: | Description: Dell Wireless 1390 WLAN Mini-Card)
{7F28B438-75C3-43DF-8DEF-E34A72AE813F} (Servers: | Description: )
{9B2F6AB6-BA0B-45DC-991D-B7B22990322D} (Servers: | Description: Broadcom 440x 10/100 Integrated Controller)
{DBF96448-B346-4363-B2FF-3DE5EE758AC6} (Servers: | Description: )
{E6789E7C-4FB7-494D-9AE9-2A3F6D28BEE7} (Servers: | Description: )
========== (O20) Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)
========== Shell Execute Hooks ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{31CDFCB9-37D6-4C1D-A31D-AA2DD56F637B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
========== Safeboot Options ==========
"AlternateShell"=cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ==========
AUTOEXEC.BAT []
[2008/01/18 11:19:02 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]
========== MountPoints2 ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8df7904-97d2-11dd-8875-001a925e497b}\Shell\AutoRun\command]
""=E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8df7904-97d2-11dd-8875-001a925e497b}\Shell\open\command]
""=E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell]
""=AutoRun
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell\AutoRun]
""=Auto&Play
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell\AutoRun\command]
""=F:\LaunchU3.exe -- File not found
========== Files/Folders - Created Within 30 Days ==========
[4 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2008/11/10 06:11:26 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Home\Desktop\OTViewIt.exe
[2008/11/09 18:28:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2008/11/09 17:57:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Research In Motion
[2008/11/09 17:41:26 | 11,614,8136 | ---- | C] (Research In Motion Ltd. ) -- C:\Documents and Settings\Home\Desktop\8110M_PBr4.3.0_rel164_PL2.6.0.53_A4.3.0.93_AT&T_Wireless.exe
[2008/11/09 15:21:53 | 00,052,736 | RHS- | C] () -- C:\WINDOWS\LCDMon.exe
[2008/11/09 14:59:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\Incomplete
[2008/11/09 14:58:42 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2008/11/09 14:09:08 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconfig.exe
[2008/11/09 10:25:05 | 00,000,156 | ---- | C] () -- C:\WINDOWS\Twunk001.MTX
[2008/11/09 10:25:05 | 00,000,003 | ---- | C] () -- C:\WINDOWS\Twain001.Mtx
[2008/11/09 10:25:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Twunk002.MTX
[2008/11/09 10:24:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Roxio
[2008/11/09 10:12:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2008/11/09 10:08:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2008/11/09 10:08:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2008/11/09 10:06:27 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/11/09 09:07:13 | 35,127,3232 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\430_b025_multilanguage.exe
[2008/11/09 01:12:17 | 00,026,496 | R--- | C] (Research in Motion Ltd) -- C:\WINDOWS\System32\drivers\RimSerial.sys
[2008/11/09 00:35:34 | 00,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2008/11/08 20:42:31 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2008/11/08 20:32:51 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/11/05 20:17:55 | 03,300,655 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Leonard_Cohen_-_Hallelujah_FREE_MP3_.mp3
[2008/11/05 15:17:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Desktop\Bee'ssongs
[2008/11/05 14:53:31 | 00,000,789 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Doremi FLV to MP3 Converter.lnk
[2008/11/05 14:53:30 | 00,000,000 | ---D | C] -- C:\Program Files\Doremisoft
[2008/11/04 23:31:58 | 00,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger.lnk
[2008/11/04 06:54:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2008/11/04 06:09:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Search Settings
[2008/11/03 15:57:13 | 00,000,000 | ---D | C] -- C:\OutputFolder
[2008/11/03 15:56:49 | 00,000,185 | ---- | C] () -- C:\WINDOWS\System32\test.aok
[2008/11/03 15:44:58 | 00,000,000 | ---D | C] -- C:\Program Files\Search Settings
[2008/11/03 15:44:21 | 00,000,000 | ---D | C] -- C:\Program Files\Dealio
[2008/11/03 15:44:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Dealio
[2008/11/03 15:43:22 | 00,270,336 | ---- | C] (Koyote Soft) -- C:\WINDOWS\System32\TubeFinder.exe
[2008/11/03 15:43:17 | 00,364,544 | ---- | C] () -- C:\WINDOWS\System32\PropertyGrid.ocx
[2008/11/03 15:43:17 | 00,208,500 | ---- | C] () -- C:\WINDOWS\System32\ReyXpBasics.tlb
[2008/11/03 15:43:17 | 00,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2008/11/03 15:43:17 | 00,084,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PICCLP32.OCX
[2008/11/03 15:43:16 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2008/11/03 15:43:16 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL
[2008/11/03 15:43:16 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\ControlSubX.ocx
[2008/11/03 15:43:16 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PCCLPFR.DLL
[2008/11/03 15:43:15 | 00,000,000 | ---D | C] -- C:\Program Files\Free FLV Converter
[2008/11/02 23:55:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\SuperAdBlocker.com
[2008/11/02 23:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\SuperAdBlocker.com
[2008/11/01 18:30:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Desktop\adobe brush
[2008/11/01 16:59:29 | 00,270,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2008/11/01 16:59:29 | 00,210,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll
[2008/11/01 16:59:29 | 00,029,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2008/11/01 15:39:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\LimeWire
[2008/11/01 15:37:55 | 00,001,580 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\LimeWire 4.18.8.lnk
[2008/11/01 12:09:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\Limewire songs
[2008/11/01 09:39:36 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Spybot - Search & Destroy.lnk
[2008/10/31 23:39:48 | 00,000,000 | ---D | C] -- C:\fsaua.data
[2008/10/31 17:06:18 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/10/31 16:14:49 | 00,031,024 | ---- | C] (Resplendence) -- C:\WINDOWS\System32\rrMon.sys
[2008/10/31 16:14:42 | 00,000,000 | ---D | C] -- C:\Program Files\Registrar Registry Manager
[2008/10/31 15:14:15 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/10/31 15:14:13 | 00,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/10/28 21:15:52 | 00,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AntiVir PE Classic.lnk
[2008/10/28 21:15:38 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2008/10/28 21:15:38 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2008/10/28 21:15:37 | 00,028,352 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2008/10/28 21:15:34 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2008/10/28 21:15:33 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2008/10/28 21:15:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2008/10/27 21:14:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2008/10/27 21:12:38 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2008/10/27 21:12:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\SUPERAntiSpyware.com
[2008/10/27 17:28:36 | 00,000,000 | ---D | C] -- C:\Mp3 Output
[2008/10/27 17:28:32 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/10/27 17:28:32 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008/10/27 17:12:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Desktop\yees azn songs and other
[2008/10/26 15:32:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Malwarebytes
[2008/10/26 15:32:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/10/25 21:46:02 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2008/10/25 21:37:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2008/10/25 19:04:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data\PCHealth
[2008/10/25 19:02:52 | 00,000,000 | -HSD | C] -- C:\Program Files\Common Files\WindowsLiveInstaller
[2008/10/25 19:02:11 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2008/10/25 19:01:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2008/10/25 18:21:43 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\HijackThis.lnk
[2008/10/25 17:02:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Corel
[2008/10/25 14:49:30 | 00,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\4D420D2C25.sys
[2008/10/25 14:49:29 | 00,003,140 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/10/25 14:37:36 | 00,156,160 | ---- | C] (Bidjan Reclame & Computerservice) -- C:\Documents and Settings\Home\Desktop\Keygen.exe
[2008/10/25 14:37:17 | 00,141,698 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Keygen.zip
[2008/10/25 00:40:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2008/10/24 12:53:49 | 04,681,471 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Qwote_-_Fallin_4_U_-_HotNewHipHop.com.mp3
[2008/10/23 04:54:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\Version Cue
[2008/10/22 22:02:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\Meng's Stuff =D
[2008/10/22 15:52:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2008/10/21 13:53:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2008/10/21 12:54:30 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Home\My Documents\~$ngs spanish homework.doc
[2008/10/21 07:30:31 | 03,520,552 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Home\Desktop\procexp.exe
[2008/10/21 07:29:50 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/10/21 07:28:09 | 01,602,877 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\ProcessExplorer.zip
[2008/10/20 15:54:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2008/10/20 15:30:20 | 00,027,904 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ndisprot.sys
[2008/10/19 16:04:44 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\TDSSosvd.dat
[2008/10/19 14:00:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Backup
[2008/10/19 10:31:54 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\TDSSpaxt.dat
[2008/10/18 22:51:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/10/18 16:46:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\AdobeStockPhotos
[2008/10/18 15:05:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2008/10/18 11:20:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2008/10/18 11:10:30 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/10/18 11:10:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\DAEMON Tools
[2008/10/15 02:02:33 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
========== Files - Modified Within 30 Days ==========
[4 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2008/11/10 06:11:26 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home\Desktop\OTViewIt.exe
[2008/11/09 20:33:00 | 00,000,570 | ---- | M] () -- C:\Documents and Settings\Home\My Documents\My Sharing Folders.lnk
[2008/11/09 20:21:49 | 00,484,244 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/11/09 20:21:49 | 00,411,112 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/11/09 20:21:49 | 00,065,752 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/11/09 20:18:11 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2008/11/09 20:17:46 | 01,561,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/09 20:17:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/09 20:17:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/11/09 20:01:20 | 00,071,344 | ---- | M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/11/09 19:11:14 | 00,000,782 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/11/09 19:11:14 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/11/09 19:11:14 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008/11/09 18:56:34 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2008/11/09 17:53:42 | 11,614,8136 | ---- | M] (Research In Motion Ltd. ) -- C:\Documents and Settings\Home\Desktop\8110M_PBr4.3.0_rel164_PL2.6.0.53_A4.3.0.93_AT&T_Wireless.exe
[2008/11/09 17:08:04 | 00,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2008/11/09 17:07:51 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2008/11/09 14:59:01 | 00,001,580 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\LimeWire 4.18.8.lnk
[2008/11/09 10:25:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Twunk002.MTX
[2008/11/09 09:50:40 | 35,127,3232 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\430_b025_multilanguage.exe
[2008/11/09 00:54:22 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\iTunes.lnk
[2008/11/08 20:32:52 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/11/07 02:11:27 | 00,013,312 | ---- | M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/05 20:20:33 | 03,300,655 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Leonard_Cohen_-_Hallelujah_FREE_MP3_.mp3
[2008/11/05 14:53:31 | 00,000,789 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Doremi FLV to MP3 Converter.lnk
[2008/11/05 13:54:59 | 02,052,608 | -HS- | M] () -- C:\Documents and Settings\Home\Desktop\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Home\Desktop\Thumbs.db:encryptable
[2008/11/05 02:22:31 | 04,681,471 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Qwote_-_Fallin_4_U_-_HotNewHipHop.com.mp3
[2008/11/04 23:31:58 | 00,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger.lnk
[2008/11/03 15:57:22 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/03 15:57:21 | 00,000,185 | ---- | M] () -- C:\WINDOWS\System32\test.aok
[2008/11/01 09:39:36 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Spybot - Search & Destroy.lnk
[2008/10/31 15:14:15 | 00,000,250 | ---- | M] () -- C:\WINDOWS\gmer.ini
[2008/10/31 15:14:13 | 00,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/10/28 21:15:52 | 00,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AntiVir PE Classic.lnk
[2008/10/26 15:20:29 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/10/25 18:21:45 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\HijackThis.lnk
[2008/10/25 17:13:40 | 00,005,642 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/10/25 15:43:52 | 00,003,140 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/10/25 14:49:30 | 00,000,008 | RHS- | M] () -- C:\Documents and Settings\All Users\Application Data\4D420D2C25.sys
[2008/10/25 14:37:18 | 00,141,698 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Keygen.zip
[2008/10/24 17:05:54 | 00,270,336 | ---- | M] (Koyote Soft) -- C:\WINDOWS\System32\TubeFinder.exe
[2008/10/21 12:54:30 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Home\My Documents\~$ngs spanish homework.doc
[2008/10/21 07:28:48 | 01,602,877 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\ProcessExplorer.zip
[2008/10/21 04:03:54 | 00,023,552 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Lengs essay.doc
[2008/10/20 15:30:20 | 00,027,904 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ndisprot.sys
[2008/10/20 14:54:47 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/10/19 16:49:59 | 04,318,490 | -H-- | M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\IconCache.db
[2008/10/19 16:04:44 | 00,000,164 | ---- | M] () -- C:\WINDOWS\System32\TDSSosvd.dat
[2008/10/19 10:31:54 | 00,000,164 | ---- | M] () -- C:\WINDOWS\System32\TDSSpaxt.dat
[2008/10/18 11:10:31 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/10/15 08:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi32.dll
[2008/10/15 08:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2008/10/15 02:02:33 | 00,000,795 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/10/15 02:02:33 | 00,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
< End of report >
Here is my extras.txt
OTViewIt Extras logfile created on: 11/10/2008 6:11:55 AM - Run
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\Home\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.98 Mb Total Physical Memory | 530.74 Mb Available Physical Memory | 59.37% Memory free
2.12 Gb Paging File | 1.76 Gb Available in Paging File | 83.40% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 26.87 Gb Free Space | 48.09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DELL-B3446AB14D
Current User Name: Home
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=1
"FirewallDisableNotify"=1
"UpdatesDisableNotify"=1
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=0
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2006/10/10 04:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/01/15 03:22:48 | 19,926,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2007/08/01 17:02:12 | 00,073,728 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb
[2007/11/06 17:02:24 | 05,824,512 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client
[2005/09/20 21:40:04 | 00,196,608 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[2005/09/20 21:01:22 | 01,081,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
[2005/12/15 12:51:46 | 00,139,264 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe
[2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2007/08/30 16:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2007/08/30 16:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2006/10/10 04:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
File not found -- C:\_OTMoveIt\MovedFiles\11022008_111138\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
========== (O10) Winsock2 Catalogs ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
NameSpace_Catalog5\Catalog_Entries\000000000005 [Bluetooth Namespace] -- C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000006 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] -- C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
========== (O18) Protocol Handlers ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2003/07/11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/01/19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2003/07/11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2003/07/11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/01/19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2003/08/04 13:19:34 | 07,330,360 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2003/08/01 15:09:04 | 08,086,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])
========== (O18) Protocol Filters ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2003/07/14 22:45:12 | 00,039,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}"=Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
"{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}"=Nokia Connectivity Cable Driver
"{15803703-25FA-4C01-A062-3F4A59937E87}"=PhotoImpact X3
"{183135A3-2CE8-43B5-BA5A-757EBAECB413}"=Disney Pix Micro Downloader
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
"{212748BB-0DA5-46DE-82A1-403736DC9F27}"=MSVC80_x86
"{27555031-A116-4EC6-9991-7B400142A936}"=HP PSC & OfficeJet 6.1.A
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}"=Next Generation Visualisations
"{3248F0A8-6813-11D6-A77B-00B0D0160030}"=Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}"=Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{480B5D81-B4C7-4C8C-AFB7-2F282C7BDE5A}"=BlackBerry Device Software v4.3.0 for the BlackBerry 8110 smartphone
"{49672EC2-171B-47B4-8CE7-50D7806360D7}"=Windows Live Sign-in Assistant
"{51846830-E7B2-4218-8968-B77F0FF475B8}"=Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
"{54F70D29-208E-445F-9151-B1AC8AC48C83}"=HaduriPhoto4_SetUp419
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}"=Windows Live Messenger
"{6105648C-0C3C-481D-8C11-1F4952D6FB53}"=Dealio Toolbar 3.4
"{612B9183-67A9-4B44-9877-2F059E35B86A}"=Broadcom 440x 10/100 Integrated Controller
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All
"{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}"=QuickTime
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{766E4715-B801-46B3-9D91-12288AB88428}"=DB CIF Cam
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}"=DellSupport
"{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3
"{84814E6B-2581-46EC-926A-823BD1C670F6}"=WIDCOMM Bluetooth Software
"{8777AC6D-89F9-4793-8266-DE406F343E89}"=QFolder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support
"{90110409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}"=Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}"=SigmaTel Audio
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings
"{AC76BA86-7AD7-1033-7B44-A70000000000}"=Adobe Reader 7.0
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}"=MSXML 6.0 Parser
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1
"{B85C4D19-6CEB-48CF-BD98-C887AC8C6F94}"=iTunes
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3
"{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}"=PC Connectivity Solution
"{BF13AA9D-E4CE-4015-9778-ECC1D4FB06E4}"=Mouse Suite for Laptop Computers
"{C151CE54-E7EA-4804-854B-F515368B0798}"=AMD Processor Driver
"{C5074CC4-0E26-4716-A307-960272A90040}"=QuickSet
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}"=Scan
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}"=Microsoft XML Parser
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}"=AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}"=Search Settings 1.2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}"=Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files
"{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}"=Apple Mobile Device Support
"{DC8235CC-3D5A-4D32-94BE-E2F0A1749920}"=Disney Pix 2.0
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings
"{DF62D775-BB7C-4AFA-9CA4-DDA1C4855F28}"=Dell Mobile Broadband Card Utility
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}"=Dell Support Center
"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
"{EF40BAC3-372B-46F4-A32D-B37CF4217CE7}"=ATI Catalyst Control Center
"{FBE9670D-C3DA-4561-BB89-251B82E2E92B}"=Thinkwell
"1Click DVD Copy 4.1"=1Click DVD Copy 4.1
"4569969E1360D2854474C661EF9B4D54F143EB16"=Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"6A630DCEC5EEC912115F2FF59D8C2C769798D930"=Windows Driver Package - Nokia Modem (10/12/2007 3.6)
"Ad-aware 6 Professional"=Ad-aware 6 Professional
"Ad-Aware SE Professional"=Ad-Aware SE Professional
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58"=Adobe Photoshop CS3
"All ATI Software"=ATI - Software Uninstall Utility
"AntiVir PersonalEdition Classic"=Avira AntiVir Personal - Free Antivirus
"ATI Display Driver"=ATI Display Driver
"Audacity_is1"=Audacity 1.2.6
"Broadcom 802.11b Network Adapter"=Dell Wireless WLAN Card
"CIF USB CAMERA"=CIF USB CAMERA
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3"=Conexant HDA D110 MDC V.92 Modem
"CopyToDVD_is1"=CopyToDVD
"Doremi FLV to MP3 Converter"=Doremi FLV to MP3 Converter 1.0
"Helicon Filter_is1"=Helicon Filter 4.82.3 Free
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"Kwyshell MidpX Emulator Package"=Kwyshell MidpX Emulator Package 1.3.1
"LimeWire"=LimeWire 4.18.8
"Magic ISO Maker v4.9 (build 0151)"=Magic ISO Maker v4.9 (build 0151)
"MAGIX Xtreme Photo Designer 6 US"=MAGIX Xtreme Photo Designer 6 6.0.19.0 (US)
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.3)"=Mozilla Firefox (3.0.3)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST"=MSN
"Nero - Burning Rom!UninstallKey"=Nero 6 Ultra Edition
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"Orb"=Winamp Remote
"PhotoToolkit_is1"=Photo! Editor 1.0 Beta
"RealPlayer 6.0"=RealPlayer
"RumbleFighter"=Rumble Fighter
"SynTPDeinstKey"=Synaptics Pointing Device Driver
"Wedding Dash 2 - Rings Around the World1.0"=Wedding Dash 2 - Rings Around the World
"Winamp"=Winamp
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"WinGimp-2.0_is1"=GIMP 2.4.6
"WinRAR archiver"=WinRAR archiver
"WinZip"=WinZip
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01005"=Microsoft User-Mode Driver Framework Feature Pack 1.5
"Yahoo! Companion"=Yahoo! Toolbar
"Yahoo! Extras"=Yahoo! Browser Services
"Yahoo! Mail"=Yahoo! Internet Mail
"Yahoo! Messenger"=Yahoo! Messenger
"Yahoo! Toolbar"=Yahoo! Toolbar
"YInstHelper"=Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA"=DNA
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA"=DNA
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:59 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 3:52:04 PM | Computer Name = DELL-B3446AB14D | Source = Application Hang | ID = 1002
Description = Hanging application DesktopMgr.exe, version 4.3.0.17, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 11/9/2008 10:26:53 PM | Computer Name = DELL-B3446AB14D | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 11/9/2008 10:26:53 PM | Computer Name = DELL-B3446AB14D | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 11/9/2008 10:26:54 PM | Computer Name = DELL-B3446AB14D | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 11/10/2008 12:17:46 AM | Computer Name = DELL-B3446AB14D | Source = Service Control Manager | ID = 7000
Description = The npkcrypt service failed to start due to the following error: %%2
Error - 11/10/2008 12:17:46 AM | Computer Name = DELL-B3446AB14D | Source = Service Control Manager | ID = 7000
Description = The SVKP service failed to start due to the following error: %%2
Error - 11/10/2008 12:17:58 AM | Computer Name = DELL-B3446AB14D | Source = AmdK8 | ID = 327682
Description = The Acpi 2.0 _PCT object returned an invalid value of 3
Error - 11/10/2008 12:18:01 AM | Computer Name = DELL-B3446AB14D | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
Error - 11/10/2008 12:18:48 AM | Computer Name = DELL-B3446AB14D | Source = System Error | ID = 1003
Description = Error code 00000019, parameter1 00000020, parameter2 843c1570, parameter3
843c1578, parameter4 1a010001.
Error - 11/10/2008 3:09:00 AM | Computer Name = DELL-B3446AB14D | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 001A925E497B has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 11/10/2008 5:42:24 AM | Computer Name = DELL-B3446AB14D | Source = AmdK8 | ID = 327682
Description = The Acpi 2.0 _PCT object returned an invalid value of 3
< End of report >
I see that you have re-installed LimeWire.
If you want to continue with cleaning, I assume that you uninstall it next as per p2p policy.
After that, re-run otviewit and post back fresh logs, please.
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006
Here is my otviewit log. the first half.
OTViewIt logfile created on: 11/11/2008 10:55:29 AM - Run 3
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\Home\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.98 Mb Total Physical Memory | 566.88 Mb Available Physical Memory | 63.41% Memory free
2.12 Gb Paging File | 1.74 Gb Available in Paging File | 82.30% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 27.00 Gb Free Space | 48.31% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DELL-B3446AB14D
Current User Name: Home
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== Processes ==========
[2006/10/11 21:37:24 | 00,430,080 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2007/09/11 11:26:10 | 00,264,800 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
[2006/10/11 21:37:24 | 00,430,080 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2007/03/16 18:10:46 | 00,020,480 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
[2007/03/16 18:10:42 | 01,253,376 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\BCMWLTRY.EXE
[2008/10/28 21:17:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
[2008/10/28 21:17:22 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
[2008/01/15 02:40:04 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2005/03/14 12:05:02 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
[2007/10/09 18:56:30 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
[2004/08/04 02:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
[2006/03/08 12:48:02 | 00,761,947 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2007/05/14 14:23:32 | 01,191,936 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
[2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2008/01/15 03:22:56 | 00,267,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2004/08/04 02:00:00 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2007/10/09 18:56:24 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
[2008/06/12 13:28:45 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
[2008/06/12 16:57:18 | 00,991,584 | ---- | M] (Vendio Services, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe
[2006/09/11 04:40:32 | 00,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
[2007/07/17 13:46:20 | 01,328,400 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
[2007/09/11 11:26:12 | 00,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[2007/05/09 16:58:30 | 00,233,579 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
[2008/01/15 03:22:44 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe
[2007/09/11 11:26:12 | 01,440,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
[2008/11/11 10:53:56 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home\Desktop\OTViewIt.exe
========== (O23) Win32 Services ==========
[2008/10/28 21:17:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
[2008/10/28 21:17:22 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])
[2008/01/15 02:40:04 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2006/10/11 21:37:24 | 00,430,080 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])
[2007/09/11 11:26:10 | 00,264,800 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins [Auto | Running])
[2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2007/03/19 12:44:44 | 00,070,656 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService [On_Demand | Stopped])
[2008/10/22 15:06:36 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/01/15 03:22:44 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2005/03/14 12:05:02 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Running])
[2007/06/05 12:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing [Disabled | Stopped])
File not found -- -- (RoxLiveShare9 [Auto | Stopped])
[2007/12/10 13:59:04 | 00,353,280 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
[2007/10/09 18:56:30 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter [Auto | Running])
[2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
[2007/10/25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2007/03/16 18:10:46 | 00,020,480 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE -- (wltrysvc [Auto | Running])
[2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Driver Services ==========
[2006/07/01 22:39:40 | 00,036,864 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8 [System | Running])
[2005/08/12 17:50:46 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV [System | Running])
[2006/10/11 21:43:56 | 01,777,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2006/09/13 18:41:46 | 00,003,456 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atiide.sys -- (atiide [Boot | Running])
[2007/02/27 14:25:01 | 00,011,840 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
[2008/05/20 15:29:41 | 00,052,032 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
[2008/06/27 14:03:55 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb [System | Running])
[2007/03/16 18:10:46 | 00,604,928 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX [On_Demand | Running])
[2006/11/21 04:25:44 | 00,045,568 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
[2008/07/06 20:29:38 | 00,539,432 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,037,424 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver [On_Demand | Running])
[2004/08/03 23:10:40 | 00,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\BthEnum.sys -- (BthEnum [On_Demand | Stopped])
[2004/08/03 23:10:40 | 00,038,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthmodem.sys -- (BTHMODEM [On_Demand | Stopped])
[2004/08/03 22:58:40 | 00,100,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthpan.sys -- (BthPan [On_Demand | Stopped])
[2008/06/13 05:10:50 | 00,272,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])
[2004/08/03 22:10:36 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\BTHUSB.SYS -- (BTHUSB [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,879,496 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL [On_Demand | Running])
[2008/07/06 20:29:38 | 00,156,392 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,055,352 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,037,280 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem [On_Demand | Stopped])
[2008/07/06 20:29:38 | 00,074,656 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB [On_Demand | Stopped])
[2004/12/13 13:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6 [Boot | Stopped])
[2006/10/05 17:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct [On_Demand | Stopped])
[2007/02/25 12:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv [Auto | Running])
[2006/09/19 14:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2004/08/03 22:10:38 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\hidbth.sys -- (HidBth [On_Demand | Stopped])
[2006/01/31 16:48:56 | 00,049,664 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
[2006/01/31 16:48:57 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
[2006/01/31 16:48:53 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
[2005/12/01 01:40:56 | 00,936,960 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
[2005/12/01 01:40:12 | 00,192,512 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
[2004/08/03 22:58:36 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Stopped])
[2005/10/04 23:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2007/08/15 06:27:18 | 00,009,600 | ---- | M] () -- C:\WINDOWS\system32\drivers\n558.sys -- (n558 [On_Demand | Stopped])
[2008/10/20 15:30:20 | 00,027,904 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\system32\drivers\ndisprot.sys -- (Ndisprot [On_Demand | Stopped])
[2007/02/22 10:15:56 | 00,137,216 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd [On_Demand | Stopped])
[2007/02/22 10:15:14 | 00,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc [On_Demand | Stopped])
[2007/02/22 10:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm [On_Demand | Stopped])
[2006/03/27 15:02:06 | 00,074,752 | ---- | M] (Novatel Wireless Inc) -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI [On_Demand | Running])
[2004/08/04 02:00:00 | 00,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx [Auto | Running])
[2004/08/04 02:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb [Auto | Running])
[2004/08/04 02:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx [Auto | Running])
[2006/04/10 09:46:36 | 00,018,560 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50 [On_Demand | Stopped])
[2008/01/18 13:14:53 | 00,035,936 | ---- | M] (VSO Software) -- C:\WINDOWS\system32\drivers\Pcouffin.sys -- (Pcouffin [On_Demand | Running])
[2003/09/19 14:45:48 | 00,021,248 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2004/08/04 02:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/05/01 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/03 23:10:40 | 00,059,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Stopped])
[2006/11/15 00:16:24 | 00,032,256 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running])
[2007/05/31 13:39:50 | 00,022,656 | ---- | M] (Research In Motion Limited) -- C:\WINDOWS\system32\drivers\RimUsb.sys -- (RimUsb [On_Demand | Stopped])
[2007/01/18 10:24:58 | 00,026,496 | R--- | M] (Research in Motion Ltd) -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort [On_Demand | Stopped])
[2004/08/04 02:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM [On_Demand | Stopped])
[2004/08/04 02:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2004/08/04 02:00:00 | 00,011,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Stopped])
[2004/08/04 02:00:00 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2004/02/10 13:40:56 | 00,127,692 | ---- | M] () -- C:\WINDOWS\system32\drivers\pfc027.sys -- (SoC PC-Camera Service [On_Demand | Stopped])
[2008/10/18 11:10:31 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
[2006/01/26 13:21:04 | 00,034,686 | ---- | M] (Service & Quality Technology.) -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C [On_Demand | Stopped])
[2007/03/01 09:34:22 | 00,028,352 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv [System | Running])
[2007/05/10 10:24:34 | 01,222,840 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA [On_Demand | Running])
[2001/08/17 12:53:32 | 00,006,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam [On_Demand | Running])
[2006/03/08 12:35:10 | 00,191,872 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2008/01/15 02:39:58 | 00,030,464 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2004/08/03 23:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Stopped])
[2005/12/01 01:40:08 | 00,669,696 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
[2004/08/03 15:07:42 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi [System | Running])
[2004/08/04 02:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [Disabled | Stopped])
========== (R ) Internet Explorer ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://www.google.com/ie
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.google.com
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.google.com
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://www.google.com
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.google.com/
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.google.com/
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" (HKLM) -- C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
========== (O1) Hosts File ==========
HOSTS File = (795 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
========== (O2) BHO's ==========
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
{6A87B991-A31F-4130-AE72-6D0C294BF082} (HKLM) -- C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (HKLM) -- C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
========== (O3) Toolbars ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" (HKLM) -- C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}" (HKLM) -- C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" (HKLM) -- C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}" (HKLM) -- C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" (HKLM) -- C:\Program Files\Dealio\kb127\Dealio.dll (Vendio Services, Inc.)
========== (O4) Run Keys ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"au"=C:\Program Files\Dealio\DealioAU.exe (Vendio Services, Inc.)
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min (Avira GmbH)
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (SupportSoft, Inc.)
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" ( )
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe (Vendio Services, Inc.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (Macrovision Corporation)
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"RIMDeviceManager"="C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer (Research In Motion Limited)
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (Macrovision Corporation)
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
"RIMDeviceManager"="C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer (Research In Motion Limited)
========== (O4) Startup Folders ==========
[2007/09/11 11:26:12 | 00,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
========== (O6 & O7) Current Version Policies ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
Here's the second half of the otviewit log
========== (O8) IE Context Menu Extensions ==========
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Compare Prices with &Dealio: C:\Documents and Settings\Home\Application Data\Dealio\kb127\res\DealioSearch.html [2008/04/16 18:11:48 | 00,000,670 | ---- | M] ()
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
Link to &MidpX: C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm File not found
Send to &Bluetooth Device...: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [2006/08/16 07:16:32 | 00,002,773 | ---- | M] ()
Send To Bluetooth: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2006/08/16 07:16:32 | 00,005,589 | ---- | M] ()
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\Software\Microsoft\Internet Explorer\MenuExt\]
Compare Prices with &Dealio: C:\Documents and Settings\Home\Application Data\Dealio\kb127\res\DealioSearch.html [2008/04/16 18:11:48 | 00,000,670 | ---- | M] ()
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
Link to &MidpX: C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm File not found
Send to &Bluetooth Device...: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [2006/08/16 07:16:32 | 00,002,773 | ---- | M] ()
Send To Bluetooth: C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [2006/08/16 07:16:32 | 00,005,589 | ---- | M] ()
========== (O9) IE Extensions ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{E908B145-C847-4e85-B315-07E2E70DECF8}: Button: Dealio -- %ProgramFiles%\Dealio\kb127\Dealio.dll [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
{E908B145-C847-4e85-B315-07E2E70DECF8}: Menu: Dealio -- %ProgramFiles%\Dealio\kb127\Dealio.dll [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 14:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> [Reg Error: Value does not exist or could not be read.] -> File not found
CmdMapping\\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2007/12/12 14:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
========== (O12) Internet Explorer Plugins ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/control...ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
========== (O13) Default Prefixes ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
========== (O15) Trusted Sites ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.
========== (O16) DPF ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_07
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}: http://support.f-secure.com/ols/fscax.cab -- F-Secure Online Scanner 3.3
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_03
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_05
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in 1.6.0_07
========== (O17) DNS Name Servers ==========
{3ADFAA5C-AA48-48B3-8CF8-F80AAE47DB8C} (Servers: | Description: )
{417CC932-B9FB-4E4D-9B2C-0CB859AC6D4C} (Servers: | Description: )
{5E14DD4E-9657-446A-8877-F53BC78E8750} (Servers: | Description: Dell Wireless 1390 WLAN Mini-Card)
{7F28B438-75C3-43DF-8DEF-E34A72AE813F} (Servers: | Description: )
{9B2F6AB6-BA0B-45DC-991D-B7B22990322D} (Servers: | Description: Broadcom 440x 10/100 Integrated Controller)
{DBF96448-B346-4363-B2FF-3DE5EE758AC6} (Servers: | Description: )
{E6789E7C-4FB7-494D-9AE9-2A3F6D28BEE7} (Servers: | Description: )
========== (O20) Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
AtiExtEvent: "DllName" = Ati2evxx.dll -- C:\WINDOWS\system32\ati2evxx.dll (ATI Technologies Inc.)
========== Shell Execute Hooks ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{31CDFCB9-37D6-4C1D-A31D-AA2DD56F637B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
========== Safeboot Options ==========
"AlternateShell"=cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ==========
AUTOEXEC.BAT []
[2008/01/18 11:19:02 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]
========== MountPoints2 ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8df7904-97d2-11dd-8875-001a925e497b}\Shell\AutoRun\command]
""=E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8df7904-97d2-11dd-8875-001a925e497b}\Shell\open\command]
""=E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- File not found
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell]
""=AutoRun
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell\AutoRun]
""=Auto&Play
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\Shell\AutoRun\command]
""=F:\LaunchU3.exe -- File not found
========== Files/Folders - Created Within 30 Days ==========
[4 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2008/11/11 10:53:55 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Home\Desktop\OTViewIt.exe
[2008/11/11 09:02:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Desktop\brush
[2008/11/09 18:28:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2008/11/09 17:57:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Research In Motion
[2008/11/09 17:41:26 | 11,614,8136 | ---- | C] (Research In Motion Ltd. ) -- C:\Documents and Settings\Home\Desktop\8110M_PBr4.3.0_rel164_PL2.6.0.53_A4.3.0.93_AT&T_Wireless.exe
[2008/11/09 15:21:53 | 00,052,736 | RHS- | C] () -- C:\WINDOWS\LCDMon.exe
[2008/11/09 14:59:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\Incomplete
[2008/11/09 14:09:08 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconfig.exe
[2008/11/09 10:25:05 | 00,000,156 | ---- | C] () -- C:\WINDOWS\Twunk001.MTX
[2008/11/09 10:25:05 | 00,000,003 | ---- | C] () -- C:\WINDOWS\Twain001.Mtx
[2008/11/09 10:25:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Twunk002.MTX
[2008/11/09 10:24:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Roxio
[2008/11/09 10:12:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2008/11/09 10:08:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2008/11/09 10:08:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2008/11/09 10:06:27 | 00,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2008/11/09 09:07:13 | 35,127,3232 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\430_b025_multilanguage.exe
[2008/11/09 01:12:17 | 00,026,496 | R--- | C] (Research in Motion Ltd) -- C:\WINDOWS\System32\drivers\RimSerial.sys
[2008/11/09 00:35:34 | 00,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2008/11/08 20:42:31 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2008/11/08 20:32:51 | 00,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/11/05 20:17:55 | 03,300,655 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Leonard_Cohen_-_Hallelujah_FREE_MP3_.mp3
[2008/11/05 15:17:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Desktop\Bee'ssongs
[2008/11/05 14:53:31 | 00,000,789 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Doremi FLV to MP3 Converter.lnk
[2008/11/05 14:53:30 | 00,000,000 | ---D | C] -- C:\Program Files\Doremisoft
[2008/11/04 23:31:58 | 00,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger.lnk
[2008/11/04 06:54:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2008/11/04 06:09:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Search Settings
[2008/11/03 15:57:13 | 00,000,000 | ---D | C] -- C:\OutputFolder
[2008/11/03 15:56:49 | 00,000,185 | ---- | C] () -- C:\WINDOWS\System32\test.aok
[2008/11/03 15:44:58 | 00,000,000 | ---D | C] -- C:\Program Files\Search Settings
[2008/11/03 15:44:21 | 00,000,000 | ---D | C] -- C:\Program Files\Dealio
[2008/11/03 15:44:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Dealio
[2008/11/03 15:43:22 | 00,270,336 | ---- | C] (Koyote Soft) -- C:\WINDOWS\System32\TubeFinder.exe
[2008/11/03 15:43:17 | 00,364,544 | ---- | C] () -- C:\WINDOWS\System32\PropertyGrid.ocx
[2008/11/03 15:43:17 | 00,208,500 | ---- | C] () -- C:\WINDOWS\System32\ReyXpBasics.tlb
[2008/11/03 15:43:17 | 00,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2008/11/03 15:43:17 | 00,084,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PICCLP32.OCX
[2008/11/03 15:43:16 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2008/11/03 15:43:16 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL
[2008/11/03 15:43:16 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\ControlSubX.ocx
[2008/11/03 15:43:16 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PCCLPFR.DLL
[2008/11/03 15:43:15 | 00,000,000 | ---D | C] -- C:\Program Files\Free FLV Converter
[2008/11/02 23:55:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\SuperAdBlocker.com
[2008/11/02 23:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\SuperAdBlocker.com
[2008/11/01 18:30:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Desktop\adobe brush
[2008/11/01 16:59:29 | 00,270,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2008/11/01 16:59:29 | 00,210,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll
[2008/11/01 16:59:29 | 00,029,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2008/11/01 15:39:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\LimeWire
[2008/11/01 12:09:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\Limewire songs
[2008/11/01 09:39:36 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Spybot - Search & Destroy.lnk
[2008/10/31 23:39:48 | 00,000,000 | ---D | C] -- C:\fsaua.data
[2008/10/31 17:06:18 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/10/31 16:14:49 | 00,031,024 | ---- | C] (Resplendence) -- C:\WINDOWS\System32\rrMon.sys
[2008/10/31 16:14:42 | 00,000,000 | ---D | C] -- C:\Program Files\Registrar Registry Manager
[2008/10/31 15:14:15 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/10/31 15:14:13 | 00,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/10/28 21:15:52 | 00,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AntiVir PE Classic.lnk
[2008/10/28 21:15:38 | 00,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2008/10/28 21:15:38 | 00,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2008/10/28 21:15:37 | 00,028,352 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2008/10/28 21:15:34 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2008/10/28 21:15:33 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2008/10/28 21:15:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2008/10/27 21:14:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2008/10/27 21:12:38 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2008/10/27 21:12:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\SUPERAntiSpyware.com
[2008/10/27 17:28:36 | 00,000,000 | ---D | C] -- C:\Mp3 Output
[2008/10/27 17:28:32 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/10/27 17:28:32 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008/10/27 17:12:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Desktop\yees azn songs and other
[2008/10/26 15:32:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Malwarebytes
[2008/10/26 15:32:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/10/25 21:46:02 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2008/10/25 21:37:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2008/10/25 19:04:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Local Settings\Application Data\PCHealth
[2008/10/25 19:02:52 | 00,000,000 | -HSD | C] -- C:\Program Files\Common Files\WindowsLiveInstaller
[2008/10/25 19:02:11 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2008/10/25 19:01:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2008/10/25 18:21:43 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\HijackThis.lnk
[2008/10/25 17:02:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\Corel
[2008/10/25 14:49:30 | 00,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\4D420D2C25.sys
[2008/10/25 14:49:29 | 00,003,140 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/10/25 14:37:36 | 00,156,160 | ---- | C] (Bidjan Reclame & Computerservice) -- C:\Documents and Settings\Home\Desktop\Keygen.exe
[2008/10/25 14:37:17 | 00,141,698 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Keygen.zip
[2008/10/25 00:40:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2008/10/24 12:53:49 | 04,681,471 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\Qwote_-_Fallin_4_U_-_HotNewHipHop.com.mp3
[2008/10/23 04:54:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\Version Cue
[2008/10/22 22:02:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\Meng's Stuff =D
[2008/10/22 15:52:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2008/10/21 13:53:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2008/10/21 12:54:30 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\Home\My Documents\~$ngs spanish homework.doc
[2008/10/21 07:30:31 | 03,520,552 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Home\Desktop\procexp.exe
[2008/10/21 07:29:50 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/10/21 07:28:09 | 01,602,877 | ---- | C] () -- C:\Documents and Settings\Home\Desktop\ProcessExplorer.zip
[2008/10/20 15:54:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2008/10/20 15:30:20 | 00,027,904 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ndisprot.sys
[2008/10/19 16:04:44 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\TDSSosvd.dat
[2008/10/19 14:00:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Backup
[2008/10/19 10:31:54 | 00,000,164 | ---- | C] () -- C:\WINDOWS\System32\TDSSpaxt.dat
[2008/10/18 22:51:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/10/18 16:46:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\My Documents\AdobeStockPhotos
[2008/10/18 15:05:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2008/10/18 11:20:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2008/10/18 11:10:30 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/10/18 11:10:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Home\Application Data\DAEMON Tools
[2008/10/15 02:02:33 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
========== Files - Modified Within 30 Days ==========
[4 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2008/11/11 10:53:56 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home\Desktop\OTViewIt.exe
[2008/11/10 23:01:31 | 00,000,585 | ---- | M] () -- C:\Documents and Settings\Home\My Documents\My Sharing Folders.lnk
[2008/11/10 22:48:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/11/10 20:58:10 | 02,055,716 | -HS- | M] () -- C:\Documents and Settings\Home\Desktop\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Home\Desktop\Thumbs.db:encryptable
[2008/11/09 20:21:49 | 00,484,244 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/11/09 20:21:49 | 00,411,112 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/11/09 20:21:49 | 00,065,752 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/11/09 20:18:11 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2008/11/09 20:17:46 | 01,561,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/09 20:17:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/09 20:17:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/11/09 20:01:20 | 00,071,344 | ---- | M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/11/09 19:11:14 | 00,000,782 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/11/09 19:11:14 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/11/09 19:11:14 | 00,000,211 | -HS- | M] () -- C:\boot.ini
[2008/11/09 18:56:34 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2008/11/09 17:53:42 | 11,614,8136 | ---- | M] (Research In Motion Ltd. ) -- C:\Documents and Settings\Home\Desktop\8110M_PBr4.3.0_rel164_PL2.6.0.53_A4.3.0.93_AT&T_Wireless.exe
[2008/11/09 17:08:04 | 00,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2008/11/09 17:07:51 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2008/11/09 10:25:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Twunk002.MTX
[2008/11/09 09:50:40 | 35,127,3232 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\430_b025_multilanguage.exe
[2008/11/09 00:54:22 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\iTunes.lnk
[2008/11/07 02:11:27 | 00,013,312 | ---- | M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/05 20:20:33 | 03,300,655 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Leonard_Cohen_-_Hallelujah_FREE_MP3_.mp3
[2008/11/05 14:53:31 | 00,000,789 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Doremi FLV to MP3 Converter.lnk
[2008/11/05 02:22:31 | 04,681,471 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Qwote_-_Fallin_4_U_-_HotNewHipHop.com.mp3
[2008/11/04 23:31:58 | 00,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Windows Live Messenger.lnk
[2008/11/03 15:57:22 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/11/03 15:57:21 | 00,000,185 | ---- | M] () -- C:\WINDOWS\System32\test.aok
[2008/11/01 09:39:36 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Spybot - Search & Destroy.lnk
[2008/10/31 15:14:15 | 00,000,250 | ---- | M] () -- C:\WINDOWS\gmer.ini
[2008/10/31 15:14:13 | 00,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/10/28 21:15:52 | 00,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AntiVir PE Classic.lnk
[2008/10/26 15:20:29 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2008/10/25 18:21:45 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\HijackThis.lnk
[2008/10/25 17:13:40 | 00,005,642 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/10/25 15:43:52 | 00,003,140 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/10/25 14:49:30 | 00,000,008 | RHS- | M] () -- C:\Documents and Settings\All Users\Application Data\4D420D2C25.sys
[2008/10/25 14:37:18 | 00,141,698 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Keygen.zip
[2008/10/24 17:05:54 | 00,270,336 | ---- | M] (Koyote Soft) -- C:\WINDOWS\System32\TubeFinder.exe
[2008/10/21 12:54:30 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\Home\My Documents\~$ngs spanish homework.doc
[2008/10/21 07:28:48 | 01,602,877 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\ProcessExplorer.zip
[2008/10/21 04:03:54 | 00,023,552 | ---- | M] () -- C:\Documents and Settings\Home\Desktop\Lengs essay.doc
[2008/10/20 15:30:20 | 00,027,904 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ndisprot.sys
[2008/10/20 14:54:47 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/10/19 16:49:59 | 04,318,490 | -H-- | M] () -- C:\Documents and Settings\Home\Local Settings\Application Data\IconCache.db
[2008/10/19 16:04:44 | 00,000,164 | ---- | M] () -- C:\WINDOWS\System32\TDSSosvd.dat
[2008/10/19 10:31:54 | 00,000,164 | ---- | M] () -- C:\WINDOWS\System32\TDSSpaxt.dat
[2008/10/18 11:10:31 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/10/15 08:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi32.dll
[2008/10/15 08:57:55 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2008/10/15 02:02:33 | 00,000,795 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/10/15 02:02:33 | 00,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
< End of report >
Heres my extras.Txt
OTViewIt Extras logfile created on: 11/11/2008 10:55:29 AM - Run 3
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\Home\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.98 Mb Total Physical Memory | 566.88 Mb Available Physical Memory | 63.41% Memory free
2.12 Gb Paging File | 1.74 Gb Available in Paging File | 82.30% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 27.00 Gb Free Space | 48.31% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DELL-B3446AB14D
Current User Name: Home
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=1
"FirewallDisableNotify"=1
"UpdatesDisableNotify"=1
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=0
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2006/10/10 04:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/01/15 03:22:48 | 19,926,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[2007/08/01 17:02:12 | 00,073,728 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb
[2007/11/06 17:02:24 | 05,824,512 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client
[2005/09/20 21:40:04 | 00,196,608 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[2005/09/20 21:01:22 | 01,081,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
[2005/12/15 12:51:46 | 00,139,264 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe
[2004/10/13 08:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2007/08/30 16:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2007/08/30 16:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2006/10/10 04:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 12:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 16:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
File not found -- C:\_OTMoveIt\MovedFiles\11022008_111138\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
========== (O10) Winsock2 Catalogs ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
NameSpace_Catalog5\Catalog_Entries\000000000005 [Bluetooth Namespace] -- C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000006 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] -- C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
========== (O18) Protocol Handlers ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2003/07/11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/01/19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2003/07/11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2003/07/11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/01/19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2003/08/04 13:19:34 | 07,330,360 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2003/08/01 15:09:04 | 08,086,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])
========== (O18) Protocol Filters ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2003/07/14 22:45:12 | 00,039,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}"=Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
"{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}"=Nokia Connectivity Cable Driver
"{15803703-25FA-4C01-A062-3F4A59937E87}"=PhotoImpact X3
"{183135A3-2CE8-43B5-BA5A-757EBAECB413}"=Disney Pix Micro Downloader
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
"{212748BB-0DA5-46DE-82A1-403736DC9F27}"=MSVC80_x86
"{27555031-A116-4EC6-9991-7B400142A936}"=HP PSC & OfficeJet 6.1.A
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}"=Next Generation Visualisations
"{3248F0A8-6813-11D6-A77B-00B0D0160030}"=Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}"=Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{480B5D81-B4C7-4C8C-AFB7-2F282C7BDE5A}"=BlackBerry Device Software v4.3.0 for the BlackBerry 8110 smartphone
"{49672EC2-171B-47B4-8CE7-50D7806360D7}"=Windows Live Sign-in Assistant
"{51846830-E7B2-4218-8968-B77F0FF475B8}"=Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
"{54F70D29-208E-445F-9151-B1AC8AC48C83}"=HaduriPhoto4_SetUp419
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}"=Windows Live Messenger
"{6105648C-0C3C-481D-8C11-1F4952D6FB53}"=Dealio Toolbar 3.4
"{612B9183-67A9-4B44-9877-2F059E35B86A}"=Broadcom 440x 10/100 Integrated Controller
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All
"{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}"=QuickTime
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{766E4715-B801-46B3-9D91-12288AB88428}"=DB CIF Cam
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}"=DellSupport
"{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3
"{84814E6B-2581-46EC-926A-823BD1C670F6}"=WIDCOMM Bluetooth Software
"{8777AC6D-89F9-4793-8266-DE406F343E89}"=QFolder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support
"{90110409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}"=Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}"=SigmaTel Audio
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings
"{AC76BA86-7AD7-1033-7B44-A70000000000}"=Adobe Reader 7.0
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}"=MSXML 6.0 Parser
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1
"{B85C4D19-6CEB-48CF-BD98-C887AC8C6F94}"=iTunes
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3
"{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}"=PC Connectivity Solution
"{BF13AA9D-E4CE-4015-9778-ECC1D4FB06E4}"=Mouse Suite for Laptop Computers
"{C151CE54-E7EA-4804-854B-F515368B0798}"=AMD Processor Driver
"{C5074CC4-0E26-4716-A307-960272A90040}"=QuickSet
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}"=Scan
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}"=Microsoft XML Parser
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}"=AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}"=Search Settings 1.2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}"=Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files
"{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}"=Apple Mobile Device Support
"{DC8235CC-3D5A-4D32-94BE-E2F0A1749920}"=Disney Pix 2.0
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings
"{DF62D775-BB7C-4AFA-9CA4-DDA1C4855F28}"=Dell Mobile Broadband Card Utility
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}"=Dell Support Center
"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
"{EF40BAC3-372B-46F4-A32D-B37CF4217CE7}"=ATI Catalyst Control Center
"{FBE9670D-C3DA-4561-BB89-251B82E2E92B}"=Thinkwell
"1Click DVD Copy 4.1"=1Click DVD Copy 4.1
"4569969E1360D2854474C661EF9B4D54F143EB16"=Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"6A630DCEC5EEC912115F2FF59D8C2C769798D930"=Windows Driver Package - Nokia Modem (10/12/2007 3.6)
"Ad-aware 6 Professional"=Ad-aware 6 Professional
"Ad-Aware SE Professional"=Ad-Aware SE Professional
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58"=Adobe Photoshop CS3
"All ATI Software"=ATI - Software Uninstall Utility
"AntiVir PersonalEdition Classic"=Avira AntiVir Personal - Free Antivirus
"ATI Display Driver"=ATI Display Driver
"Audacity_is1"=Audacity 1.2.6
"Broadcom 802.11b Network Adapter"=Dell Wireless WLAN Card
"CIF USB CAMERA"=CIF USB CAMERA
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3"=Conexant HDA D110 MDC V.92 Modem
"CopyToDVD_is1"=CopyToDVD
"Doremi FLV to MP3 Converter"=Doremi FLV to MP3 Converter 1.0
"Helicon Filter_is1"=Helicon Filter 4.82.3 Free
"HijackThis"=HijackThis 2.0.2
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"Kwyshell MidpX Emulator Package"=Kwyshell MidpX Emulator Package 1.3.1
"Magic ISO Maker v4.9 (build 0151)"=Magic ISO Maker v4.9 (build 0151)
"MAGIX Xtreme Photo Designer 6 US"=MAGIX Xtreme Photo Designer 6 6.0.19.0 (US)
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.3)"=Mozilla Firefox (3.0.3)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST"=MSN
"Nero - Burning Rom!UninstallKey"=Nero 6 Ultra Edition
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"Orb"=Winamp Remote
"PhotoToolkit_is1"=Photo! Editor 1.0 Beta
"RealPlayer 6.0"=RealPlayer
"RumbleFighter"=Rumble Fighter
"SynTPDeinstKey"=Synaptics Pointing Device Driver
"Wedding Dash 2 - Rings Around the World1.0"=Wedding Dash 2 - Rings Around the World
"Winamp"=Winamp
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"WinGimp-2.0_is1"=GIMP 2.4.6
"WinRAR archiver"=WinRAR archiver
"WinZip"=WinZip
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01005"=Microsoft User-Mode Driver Framework Feature Pack 1.5
"Yahoo! Companion"=Yahoo! Toolbar
"Yahoo! Extras"=Yahoo! Browser Services
"Yahoo! Mail"=Yahoo! Internet Mail
"Yahoo! Messenger"=Yahoo! Messenger
"Yahoo! Toolbar"=Yahoo! Toolbar
"YInstHelper"=Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA"=DNA
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-583907252-562591055-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA"=DNA
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:21 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 2:38:59 PM | Computer Name = DELL-B3446AB14D | Source = RIMDeviceFileAccess | ID = 268379920
Description =
Error - 11/9/2008 3:52:04 PM | Computer Name = DELL-B3446AB14D | Source = Application Hang | ID = 1002
Description = Hanging application DesktopMgr.exe, version 4.3.0.17, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 11/10/2008 12:17:58 AM | Computer Name = DELL-B3446AB14D | Source = AmdK8 | ID = 327682
Description = The Acpi 2.0 _PCT object returned an invalid value of 3
Error - 11/10/2008 12:18:01 AM | Computer Name = DELL-B3446AB14D | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL
Error - 11/10/2008 12:18:48 AM | Computer Name = DELL-B3446AB14D | Source = System Error | ID = 1003
Description = Error code 00000019, parameter1 00000020, parameter2 843c1570, parameter3
843c1578, parameter4 1a010001.
Error - 11/10/2008 3:09:00 AM | Computer Name = DELL-B3446AB14D | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 001A925E497B has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 11/10/2008 5:42:24 AM | Computer Name = DELL-B3446AB14D | Source = AmdK8 | ID = 327682
Description = The Acpi 2.0 _PCT object returned an invalid value of 3
Error - 11/10/2008 1:40:48 PM | Computer Name = DELL-B3446AB14D | Source = AmdK8 | ID = 327682
Description = The Acpi 2.0 _PCT object returned an invalid value of 3
Error - 11/10/2008 3:09:04 PM | Computer Name = DELL-B3446AB14D | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.3 for the Network Card with network
address 001A925E497B has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 11/10/2008 3:09:05 PM | Computer Name = DELL-B3446AB14D | Source = ipnathlp | ID = 32003
Description = The Network Address Translator (NAT) was unable to request an operation
of
the kernel-mode translation module. This may indicate misconfiguration, insufficient
resources, or an internal error. The data is the error code.
Error - 11/11/2008 12:37:15 AM | Computer Name = DELL-B3446AB14D | Source = AmdK8 | ID = 327682
Description = The Acpi 2.0 _PCT object returned an invalid value of 3
Error - 11/11/2008 3:41:08 AM | Computer Name = DELL-B3446AB14D | Source = AmdK8 | ID = 327682
Description = The Acpi 2.0 _PCT object returned an invalid value of 3
< End of report >
There is no explanation for that safe mode issue.
Is it OK to redirect you to some windows forum?
Microsoft MVP Consumer Security 2008-2011
Member of ASAP and UNITE since 2006